It goes without saying that there are more than a few sharks you can come across when surfing the web. Digital safety is a growing concern and it’s important to stay in the loop about the risks you may come across when using the ’net.

You may have seen our previous blog with tips on how to keep one eye open for the scammers. Now it’s time to talk about a different kind of scam which utilises a kind of software known as Remote Access.

In 2017 alone, the Australian Competition & Consumer Commission (ACCC)’s Scamwatch reported over $2 million lost to Remote Access scams and the amount lost each month has continued to rise.

To keep you in the know, we’ve put together all you need to know about what Remote Access is, how it’s being used in scams, and what to do if you suspect you’ve been targeted.

What is Remote Access?

‘Remote Access’, is a colloquial way to refer to Remote Computer Management software such as TeamViewer, LogMeIn Rescue, GoToMyPC and others. This software allows you to create a connection to someone else’s computer and access it from a remote location. Once a connection has been established, you can move the owner’s cursor on the screen, run programs, and access files. Basically, you can use the computer exactly as if you were sitting right there at the keyboard!

Genuine uses of Remote Access include software training, creative collaboration, business meetings, IT management and of course, tech support. Even the Internode Support Team uses Remote Access from time to time. Remote Access can help our customer service reps walk you through software and configuration issues such as setting up an Internode mailbox in your email program, or adjusting the WiFi settings in your Internode modem.

Remote Access is a great tool if you know what you’re doing with it and you trust the source. However, you should be very suspicious of anyone asking you to accept a Remote Access connection out of the blue.

How is Remote Access utilised for scams?

According Scamwatch, the most common way you’ll encounter a Remote Access scam is via phone call, distantly followed by the internet (e.g. website pop-ups), text messages, and emails.

How does the scam work?

Someone will contact you out of the blue, typically claiming to be from a well-known computer or telecommunications company such as Telstra, NBN Co or Microsoft. They’ll claim that there’s something wrong with your computer such as a computer virus, error messages, poor internet connection or hacking. They’ll then ask you for Remote Access to your computer to fix the issue or find out what the cause of the problem is.

Before the Remote Access connection is established, the scammer may try to:

• Obtain your personal information
• Get your bank account or credit card details
• Convince you to buy software you don’t need (while you do need to download a client to allow a Remote Access connection, it shouldn’t cost you money).

If the scammer does manage to get a Remote Access connection to a computer, then things get really serious. With full control of your computer, it’s possible they might Install viruses or other malicious software (malware) on your computer, such as:

• ‘Ransomware’ which will freeze up your computer’s other functions until you make a payment.
• ‘Spyware’ which will keep track of everything you do and send it to third parties without your knowledge.
• More Remote Access software which will allow them to maintain control of your computer even after it appears that the Remote Access connection is finished.

What to do if you suspect you’ve been targeted

First things first, you need to end the contact and make sure you don’t respond to the scammer.

• If it’s a phone call, hang up.
• If it’s a text message or email, do not reply or open any links/attachments.
• If it’s a malicious popup on a website, close the window. In some cases you may need to close your whole web browser. If all else fails, switch off your computer.

If you’ve already been hooked and there’s been a successful Remote Access connection on your computer, take action as soon as possible by follow these steps:

• If you made any payments or you believe your bank account or credit details are at risk, contact your financial institution immediately.
• Disconnect your computer from the internet. If you’re not sure how to do this in your computer settings, simply turning off or unplugging your internet modem will do the trick.
• You must take your computer to a qualified computer technician who can scan for and remove any viruses or malware that may have been installed.
• Until your computer has been fixed, DO NOT use it for confidential communications or activities such as online banking – it’s possible that these actions are being monitored by spyware which could expose you to theft or fraud.

Whenever you encounter a scam, even it was a failed attempt, you should always report it to Scamwatch so the ACCC can use the information to warn the community.

To keep up-to-date with all the latest in scams and dodgy dealers, be sure to bookmark the ACCC’s SCAMWATCH website.

Image credits

• Scamwatch