Handing hackers administrative access into your computer or mobile device is something most individuals would never dream of doing. But, what if the hacker disguised their identity, phone number and email address to appear as a professional from a company you trust? This confusion is just what criminals hope for during remote access or screen sharing scams.
How fraudsters gain remote access to victims’ devices:
This form of social engineering, related to a variety of scams, occurs in three quick steps:
- The “issue:” Scammers contact potential victims, typically by email or phone, and pose as service representatives or technical support agents of a well-known organization, such as APGFCU, Apple, Amazon, Microsoft or even the company you work for, under the deception of an urgent security issue. They state immediate remote access, or screen sharing, into your device is necessary to fix the error.
- The app: Once hackers have you hooked, they fool and pressure you into downloading a remote support tool or application onto your device, which will allow the scammer easy access into your files, accounts and personal information. These are legitimate programs used for work collaboration or technical support, but can be leveraged by fraudsters for malicious intent.
- The takeover: Upon remotely accessing a device, scammers may run programs to “fix the issue” when they are instead installing harmful malware to steal your passwords, financial information and personal identifying information. Scammers may offer to repair your device for a fee, spend a few minutes pretending to fix the issue and take your money. Hackers may also persuade you to log into your financial accounts to “ensure their security,” while their true intention is to make fraudulent transactions and steal your funds.
How to avoid remote access scams:
Avoiding remote access scams is key to protecting your information and identity. Here are a few red flags to watch for to remain vigilant against fraudulent attempts:
- First and most importantly, legitimate organizations will never initiate contact with you to fix an issue on your device. Technological advances have made it possible for scammers to spoof caller IDs to resemble any company in any location, so it is necessary to remain alert to fraudulent tactics. APGFCU will never call, email or text you to request your PIN, full card number or personal data. If you receive an unexpected communication saying there is a problem with your computer, or that a purchase or automatic renewal has been billed to your account, which you did not authorize, it is likely a scam.
- Unless upon the request of a verified individual, do not install any screen-sharing tools on your device. If you are unsure about the person’s identity, hang up and call the organization back at its published number.
- If you receive a pop-up on your device with a warning message and phone number to fix it, it is a scam. Legitimate companies will not put their phone number on virus pop-ups.
If you have been the victim of a remote access scam, turn off and unplug your device immediately. Be sure to contact your financial institution to stop, dispute and prevent any fraudulent charges. To reduce issues associated with malware installed on your device, update your computer’s security software, run a scan and delete potential problems. Improve your security by changing your user names and passwords right away, after you have updated your security software. Remember to change any repeated or similar passwords, as well. You can also report your experience to the Federal Trade Commission to prevent future crime and build a case against scammers.
If you believe there is a problem with your device, try updating your software, calling your software company’s support line directly or seeking guidance from a person you know and trust.
Check out our Security page for up-to-date information on the latest scams.