Would you let a scammer in? Learn about remote access scams

What's a remote access scam?

  • Remote access scamming occurs when targets are contacted via phone, text or email by a scammer falsely claiming to be from a familiar company, such as a bank, telco, software company or government agency. 

    They'll often give a fake but credible story, to trick you into giving them remote access to your computer or device. This gives the scammer full access to your computer – and personal information – from a remote location.

How to avoid being scammed

  • What to look for

    Scammers use a variety of ways to contact victims, including online “pop ups” warning about a virus, telephone calls, and phishing emails. Text messages and emails are also used to engage with and trick people. The scammer may initially sound professional and knowledgeable about the company or product they’re calling you about, but they could also be overly persistent and claim you’re being unreasonable or even become abusive if you don't do what they ask. Any behaviour or attitude like this is a red flag that it’s time to end the interaction.

    Be especially wary of calls about online banking requests to:

    • Reset your password after a recent spate of hacks
    • Purchase a new modem to fix your internet connection
    • Update your account or device with new security features
    • Provide personal details to verify your account activity.
  • How to protect yourself

    • Never give an unsolicited caller or contact remote access to your computer
    • Never share your login details with anyone
    • Never provide any personal details over the phone, by text message or email to an unsolicited caller
    • If you receive an unexpected phone call, text or email about your computer and remote access is requested, hang up or delete immediately – even if they mention a well-known company or entity
    • Scammers can obtain your number fraudulently, so you may still receive scam calls even if you have a private number or are on the Australian Government's Do Not Call Register.
    • Make sure your computer is protected with regularly updated anti-virus software that you’ve bought and installed yourself
    • Think about limiting admin access on your computer, so you just use a ‘user’ profile for every day to control who can install new programs and change security settings
    • Consider encrypting any files containing sensitive information on your device or protecting them with additional passwords
    • Scammers often use popular business collaboration tools as a way of remotely taking control of your computer, including TeamViewer and AnyDesk. Use these with caution and before giving permissions to other users, be certain you know who you’re communicating with
    • Know that while most remote-access methods target PCs and laptops, there’s been an increase in the remote accessing of other devices, such as Android tablets and phones.

Susy's story

A remote access scam based on a real-life CommBank case study

62-year-old Susy received an urgent call from Tim, who said he was from the security department of her telephone company. Tim claimed he had detected a hacker who was sending her random advertising emails with malware (a malicious computer program) that could be used to access all of Susy’s personal details. Susy agreed to receive Tim’s help, and so downloaded and installed a computer program that gave Tim access to her computer.

Over a period of time, Tim scammed Susy out of more than $90,000 – read her full story in our Safe & Savvy Guide (page 20).

Close up shot of woman

Been scammed? What next?

  • Get in touch

    If you (or someone you know) is a CommBank customer and has been targeted or lost money as a result of being scammed, call us immediately 24/7 on 13 2221.

    Report it

    Report the scam via the Australian Cyber Security Centre. Reports may be referred to the police for possible investigation.

    Take control and stay protected

    Change your passwords and PINs straight away if you suspect your security has been compromised. Change these regularly as a preventative measure. If you’re concerned your device still has malware, take it to IT to have it checked. 

    Seek support

    Contact IDCARE on 1800 595 160 or via www.idcare.org. IDCARE is a free, Government-funded service that provides support to victims of identity crime.

    Visit the ScamWatch website for more information on scams.