Did you know that scammers are posing as IT departments, telecom providers and even banks to persuade individuals to give over control of their devices? Once they have control, accounts are hacked, and sensitive data is stolen.
How do they do it?
The tricky thing to keep in mind about remote access fraud is that most of the software used by criminals is legitimate. It may even be used by the company the scammer is impersonating.
The criminal could call you; they may even email you to set up an appointment or time to access your device. Stories typical to this type of attack may be:
- Your device is experiencing technical issues
- Your device has previously been breached
- Your broadband is slow
- There are problems with your bank account or card
If agreed to, they may use the following method to remotely access your device:
- Direct you to a website
- Direct you to download a smartphone application
- Direct you to install a program on your computer
A passcode is then used to connect the two devices.
Once the criminal is connected to your device, they may show you a fake screen whilst working in the background to download malicious software or steal sensitive data from you. However, depending on the story they are using, they may simply ask you to login to online banking or change a password.
How to Avoid this Happening to You:
Know your providers. Firstly, do you know who your workplace providers are? Who manages your IT support, or your telecoms? Knowing this may help you recognise a fraudulent call. If you get a call from BT, but a local company manages your telecoms, you can confirm the call with your local provider.
Question the situation. In addition to this, if the caller is supposedly calling from your provider, ask yourself if you were expecting the call. Did you report an issue with your device, is there even an issue to begin with?
When you are speaking to the caller, are they pressuring you? If so, they may be trying to panic you into action.
Be cautious. If you feel like the call is suspicious, hang up immediately. You can always call the company back on a number you know to be correct. It is always better to act with caution.
Good to know:
Common impersonations used include Amazon, BT, and Microsoft. However, with detailed targeting the criminal may even impersonate your IT support company. Remote access software commonly used is TeamViewer, AnyDesk, LogMeIn and GoToAssist.