More than £50 million was lost last year to scams where victims are tricked into handing over control of their computer or smartphone to criminals.
New data from Action Fraud, the national reporting centre for fraud and cybercrime, reveals that 20,144 people fell victim to scams where they were persuaded to grant criminals remote access to their device. Victims reported losing a total of £57,790,384 – an average loss of £2,868 per victim.
Remote access tool scams will often begin with a browser pop-up saying that your computer is infected with a virus, or with a call from someone claiming to be from your financial provider saying that they need to connect to your computer in order to cancel a fraudulent transaction on your account.
Criminals will try to persuade the victim to download and connect via a remote access tool, which allows the criminal to gain access to the victim’s computer or mobile phone. If the victim allows the criminal connection via the tool, they are able to steal money and access the victims banking information.
Detective Chief Inspector Craig Mullish, from the City of London Police, said: “While remote access tools are safe when used legitimately, we want the public to be aware that they can be misused by criminals to perpetrate fraud. We often see criminals posing as legitimate businesses in order to trick people into handing over control of their computer or smartphone.
“You should only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop-up or text message.”
In one case, a victim lost over £20,000 after they received a call from someone claiming to be from Sky stating that there was a problem with their Sky box. The suspect persuaded the victim to download a remote access tool to their device which enabled the suspect to access the victim’s online banking and make a number of transfers to an account under the suspect’s control.
Another victim lost over £1,000 after they received a call from someone claiming to be from Amazon stating that they were processing a payment for an Amazon Prime membership. The victim told the suspect that they hadn’t subscribed to Amazon Prime but clicked on a link provided by the suspect to cancel the membership. The link downloaded a remote access tool to their device which enabled the suspect to access the victim’s online banking and empty their account.
Credit Union Chief Executive Martin Groombridge said: “Online fraud is a growing problem, and it is all too easy to be scammed by persuasive criminals posing as genuine businesses. The Credit Union, like all legitimate businesses, will NEVER call you out of the blue asking you to download software to your computer or smartphone and we will NEVER ask you for remote access to your device.”
How to protect yourself online
- Only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop up, or text message.
- Remember, a bank or service provider will never contact you out of the blue requesting remote access to your device.
- If you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware, follow the NCSC’s guidance on recovering an infected device.
- Protect your money by contacting your bank, credit union or financial provider immediately on a different device from the one the scammer contacted you on.
- Report it to Action Fraud on 0300 123 2040 or via police.uk.
Action Fraud also advises that the public follow the advice of the Take Five to Stop Fraud campaign to keep themselves safe from fraud.
- Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.
- Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
- Protect: If you think you’ve been a victim of fraud, contact your bank, credit union or financial provider immediately and report it to Action Fraud online at police.uk or by calling 0300 123 2040.