What's a remote access scam?

Remote access scamming occurs when targets are contacted via phone, text or email by a scammer falsely claiming to be from a familiar company or entity, with a fake but credible story to trick them into providing remote access to their computer.

The point of remote scams is to try and get people’s credentials, get control over devices and use access to machines to capture personal information or for financial gain. 

man

How it happens

A remote access scammer will typically claim they’re calling from a software company, telco, bank, or law enforcement agency.

Once they’ve lured you into believing their false identity and story, they'll convince you to allow them remote access to your machine. This allows them full access to your computer - they'll be able to see everything, from files you've saved, to passwords you enter when you're browsing online (such as your online banking).

 

How to avoid being scammed

What to look for

Remote access scammers primarily use phone calls, text messages and emails to contact and trick people. The scammer may initially sound professional and knowledgeable about the company or product they’re calling you about, but they could also be overly persistent and claim you’re being unreasonable or even become abusive if you don't do what they ask. Any behaviour or attitude like this should signal a red flag that it’s time to hang up.

Be especially wary of calls about online banking requests to:

  • Reset your password after a recent spate of hacks
  • Purchase a new modem to fix your internet connection
  • Update your account or device with new security features
  • Provide personal details to verify your account activity.

How to protect yourself

  • Never give an unsolicited caller or contact remote access to your computer
  • Never share your login details with anyone
  • Never provide any personal details over the phone, by text message or email to an unsolicited caller
  • If you receive an unexpected phone call, text or email about your computer and remote access is requested, hang up or delete immediately – even if they mention a well-known company or entity
  • Scammers can obtain your number fraudulently, so you may still receive scam calls even if you have a private number or are on the Australian Government's Do Not Call Register.
  • Make sure your computer is protected with regularly updated anti-virus software that you’ve bought and installed yourself
  • Think about limiting admin access on your computer, so you just use a ‘user’ profile for everyday to control who can install new programs and change security settings
  • Consider encrypting any files containing sensitive information on your device or protecting them with additional passwords

Susy's story

A remote access scam based on a real-life CommBank case study. 

62-year-old Susy received an urgent call from Tim, who said he was from the security department of her telephone company. Tim had detected a hacker who was sending her random advertising emails with malware (a malicious computer program) that could be used to access all of Susy’s personal details. Susy agreed to receive Tim’s help, and so downloaded and installed a computer program that gave Tim access to her computer.

Over a period of time, Tim scammed Susy out of more than $90,000 - read her full story in our Safe & Savvy Guide (page 20).

Close up shot of woman

Been scammed? What next?

Get in touch

If you (or someone you know) is a CommBank customer and has been targeted or lost money as a result of being scammed, call us immediately 24/7 on 13 2221.

Report it

Report the scam via the Australian Cyber Security Centre. Reports may be referred to the police for possible investigation.

Take control and stay protected

Change your passwords and PINs straight away if you suspect your security has been compromised. Change these regularly as a preventative measure.

Seek support

Contact IDCARE on 1300 432 273 or via www.idcare.org. IDCARE is a free, Government-funded service that provides support to victims of identity crime.

Visit the ScamWatch website for more information on scams.