Remote Access Scams Open The Door To Thieves

Uploaded on 2022-04-20 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

More than £50m was lost last year to scams where victims are tricked into handing over control of their computer, or smartphone, to criminals. 

New data from Action Fraud reveals that 20,144 people fell victim to scams where they were persuaded to give criminals remote access to their device. 

Victims reported losing a total of £57.7 million, which is an average loss of £2,868 per victim.

Remote access tool scams will often begin with a browser pop-up saying that your computer is infected with a virus, or with a call from someone claiming to be from your bank saying that they need to connect to your computer in order to cancel a fraudulent transaction on your account.

Criminals will try to persuade the victim to download and connect via a remote access tool, which allows the criminal to gain access to the victims computer or mobile phone. If the victim allows the criminal connection via the tool, they are able to steal money and access the victims banking information.

Detective Chief Inspector Craig Mullish, from the City of London Police, commented. "While remote access tools are safe when used legitimately, we want the public to be aware that they can be misused by criminals to perpetrate fraud. We often see criminals posing as legitimate businesses in order to trick people into handing over control of their computer or smartphone...  You should only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop-up or text message.”

In one case, a victim lost over £20,000 after they received a call from someone claiming to be from Sky stating that there was a problem with their Sky box.

The suspect persuaded the victim to download a remote access tool to their device which enabled the suspect to access the victim’s online banking and make a number of transfers to an account under the suspect’s control. Another victim lost over £1,000 after they received a call from someone claiming to be from Amazon stating that they were processing a payment for an Amazon Prime membership.

The victim told the suspect that they hadn’t subscribed to Amazon Prime but clicked on a link provided by the suspect to cancel the membership. The link downloaded a remote access tool to their device which enabled the suspect to access the victim’s online banking and empty their account.

The warning comes as Action Fraud launched a new national awareness campaign this week to increase awareness around the safe use of remote access tools and to remind the public to think twice before allowing somebody you don’t know access to your device.

How You Protect Yourself

  • Only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop up, or text message.
  • Remember, a bank or service provider will never contact you out of the blue requesting remote access to your device.
  • If you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware, follow the NCSC’s guidance about recovering an infected device.
  • Protect your money by contacting your bank immediately on a different device from the one the scammer contacted you on.
  • Report it to Action Fraud on 0300 123 2040 or via police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101.

Action Fraud also advises that the public follow the advice of the Take Five to Stop Fraud campaign to keep themselves safe from fraud.

  • Stop:Taking a moment to stop and think before parting with your money or information could keep you safe.
  • Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
  • Protect:If you think you’ve been a victim of fraud, contact your bank immediately and report it to Action Fraud online at police.uk or by calling 0300 123 2040.

Action Fraud:        NCSC

You Might Also Read: 

Online Fraud Is A British Security Nightmare:

 

« Algorithms, Lies & Social Media
EU Officials Targeted with Pegasus Spyware »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ReadWrite

ReadWrite

ReadWrite is a leading media platform dedicated to IoT and the Connected World.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

Outpost24

Outpost24

Outpost24 provides easy to deploy and intuitive solutions to continuously identify, remediate and mitigate vulnerabilities in your network.

Zscaler

Zscaler

Zscaler enables the world’s leading organizations to securely transform their networks and applications for a mobile and cloud first world.

Cybernetic Global Intelligence (CGI)

Cybernetic Global Intelligence (CGI)

CGI is a global IT Security firm that helps companies protect their data and minimize their vulnerability to cyber threats through a range of services such as Security Audits and Managed Services.

United Security Providers

United Security Providers

United Security Providers is a leading specialist in information security, protecting IT infrastructures and applications for companies with high demands on security.

QA

QA

QA is a leading IT training provider in the UK with over 1,500 courses covering all areas of IT including Cyber Security.

ZeroNorth

ZeroNorth

ZeroNorth provides a new approach to improve software and infrastructure security, simplify continuous compliance reporting and to create more cost-effective risk management programs.

Data Terminator

Data Terminator

Data Terminator provide a comprehensive range of secure data destruction equipment and services are in compliance to US Department of Defense (DoD) and National Security Agency (NSA) standards.

Netacea

Netacea

Netacea provides a revolutionary bot management solution that protects websites, mobile apps and APIs from malicious attacks such as scraping, credential stuffing and account takeover.

Cylera

Cylera

Cylera is a Healthcare IoT cybersecurity and intelligence company built in close partnership with healthcare providers.

Cypherix

Cypherix

Cypherix is tightly focused on cryptography and data security. We leverage our expertise to deliver state-of-the-art, world-class encryption software packages.

ThreatDefence

ThreatDefence

ThreatDefence provides innovative SIEM, SOC-as-a-Service, and proactive cyber defence solutions to MSP’s and Enterprises.

Network Contagion Research Institute (NCRI)

Network Contagion Research Institute (NCRI)

NCRI provides pioneering technology, research, and analysis to identify and forecast cyber-social threats targeting individuals, organizations, and communities.

Sequentur

Sequentur

Sequentur is an award-winning Managed IT Services company. We are SOC 2 certified and provide Managed IT Services and Cybersecurity services to businesses nationwide.

M6iT Consulting

M6iT Consulting

M6iT Consulting is an industry-leading solution partner managing the IT requirements for a full range of companies.