/ Scams

City of London Police: remote access scams awareness

This month Action Fraud launched a new national awareness campaign about remote access scams. Our guest, the City of London Police, explains more.

This is a guest article by Christine Barnes. All views expressed are Christine’s own and not necessarily shared by Which?.

More than £50 million was lost last year to scams where victims were tricked into handing over control of their computer or smartphone to criminals.

New data from Action Fraud, the national reporting centre for fraud and cybercrime, reveals that 20,144 people fell victim to scams where they were persuaded to grant criminals remote access to their device.

 

How do remote access tool scams work?

Remote access tool scams will often begin with a browser pop-up saying that your computer is infected with a virus, or with a call from someone claiming to be from your bank saying that they need to connect to your computer in order to cancel a fraudulent transaction on your account.

Criminals will try to persuade the victim to download and connect via a remote access tool, which allows the criminal to gain access to the victims computer or mobile phone. If the victim allows the criminal connection via the tool, they are able to steal money and access the victims banking information.

The City of London Police advise:

⚠ Only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop up, or text message.

⚠ Remember, a bank or service provider will never contact you out of the blue requesting remote access to your device.

⚠ If you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware, follow the NCSC’s guidance on recovering an infected device.

⚠ Protect your money by contacting your bank immediately on a different device from the one the scammer contacted you on.

⚠ Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101.

Take Five to Stop Fraud campaign

Action Fraud also advises that the public follow the advice of the Take Five to Stop Fraud campaign to keep themselves safe from fraud.

Stop: Taking a moment to stop and think before parting with your money or information could keep you safe.

⚠ Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.

⚠ Protect: If you think you’ve been a victim of fraud, contact your bank immediately and report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040.

This was a guest article by Christine Barnes. All views expressed were Christine’s own and not necessarily shared by Which?.

In 2020, Which? raised serious concerns about remote access software scams. One of the worst cases we came across resulted in a Which? member losing £80,000 after a ‘BT engineer’ phoned about ‘problems in the area’.

Have you ever been asked to give access to your device via remote access software? Did you suspect it was a scam?

Let us know what happened in the comments and help raise awareness of this type of fraud.

Comments
Richard says:
15 April 2022

You can set your phone to only answer calls from numbers you recognise and that should stop all scammers in theory.

Crusader says:
15 April 2022

What kind of phones let you do that? Is it so-called “smart” phones? We don’t all have them as they’re way too complex for some of us. I only have a really basic “simple to use” mobile and two fairly basic landline phones and I don’t think any of them will let me program them in such a way. And besides I can always tell if it’s a stupid scammer who phones me and they just get told straight that I know they’re scammers and that they won’t get ANY sensitive stuff from me and that’s final, and they all too often ring at the worst possible time when I’m already furiously mad because of some other stupid infuriating thing so they get what they deserve and now they’ve gone very quiet here where I am at least. And how do they know our phone numbers anyway? There’s obviously some sites somewhere that are far too loose and slack and casual with their “privacy policy” and then there’s the electoral registers etc. the edited versions of which are available to anyone, so we should all start removing our details from the edited registers, but I’ve done that for years and still they ring up so there must be some disgruntled staff somewhere who’ve been fired from somewhere that we’ve previously signed up to, and then there’s the call centres that are far too slack with their security and some of their staff smuggle in little plug-in memory sticks and stick them in the computers there at the centres and copy our details and that needs stamping out. And weak encryption is yet another means, look how tesco’s customer database ended up for sale on the dark web.

sharon aitken says:
5 May 2022

this is a great thing to do. i have a sky protection, and no one likes it as i can stop who i dont want to answer

Stewart SEYMOUR says:
15 April 2022

I’ve already said this before – and I’ll say it again: “When somebody rings the ‘phone you should LISTEN, first, and if it is not a caller or number you recognise or are expecting, does not make sense or sounds false, is in any way a commercial call, or similar, or indeed any combination of the aforesaid criteria, then simply hang up”; don’t even bother or be in any way tempted to swear at them – they are “thick-skinned” because they are totally devoid of any emotion, which is course why they are able to perpetrate such dastardly crimes! Don’t waste your time or breath on them. No doubt they will attempt to contact you on several more occasions – but that simply wastes their time and simultaneously causes them more frustration. Come on, you know it makes sense!

David Gibbon says:
22 April 2022

I have written a little song I enjoy singing to obvious
Scummers , as I call them.
I rarely get past the first line but it will get through to them.
” Does your Mother
Know what you do for a living “

Patricia Ann Sheppard says:
1 May 2022

Oh l so do agree with you, at first I swore at them then I didn’t hang up just put the resver to one side, these people have been have been listed as scammers on the Web but now they have renamed them selves, you are right just hang up.

Stephen Dick says:
15 April 2022

I gave permission to remote access to an American woman after paying for increased security for my laptop to a firm I thought trustworthy.
However I later messed up my laptop (the same one) through loss of making the right decisions on it and inevitably some things are irreversible. So it’s lifespan was reduced considerably and it went to the recycling site days later.
You may have done it at school but that doesn’t necessarily mean your an expert.

janet woodhead says:
16 April 2022

After purchasing a new laptop I had difficulty printing on my Hewlett Packard printer. I google HP and found the website which had a telephone number, got a chap on the phone who asked for access which I gave and he then informed me my computer had been infected apparantly showing me where and said he could fix it for £150. I started to query that, he just kept saying you rang me, I didn’t ring you. Whilst I had him on the phone I searched on my tablet for HP scam and it was exactly what was happening. I declined completely and he gave up. The web site was exactly the same except the hyphen had been replaced with an underscore. Very nearly got sucked into it. Never again, I had a lucky escape !

Beryl Scott says:
16 April 2022

A man rang me up and said he was from Amazon Prime and I was due for a rebate.
I didn’t belong to Amazon Prime although I did get charged twice for it but I got my money back. He then told me to go on the computer and told me what key to press and he said oh dear you’ve done it wrong you owe us £4000.So of course I was suspicious and he said in the crying sort of voice I won’t be able to feed my family I won’t be able to pay the bills and then I noticed he was using my computer remotely and I just hang up on him. But after that I couldn’t use my computer at all and I already said to him you have messed my computer up and he said he hadn’t. So I had to pay somebody to wipe the virus off.

sharon aitken says:
5 May 2022

you should never, allow anyone access to your phone or computer, there was a programme on bbc1 with rav wilding, it was so good, told you of all the scams, and they came from calcutter, and they are ruthless, they just wanted to see how much people had in their account, and if it was enough, they would get people to download, something to gain access. you must put the phone down and phone your bank on the number on the back of the card.

Paul Richard Mann says:
6 May 2022

I had an issue with my e-mails so I rang my ISP (Virgin Media). They sorted the issue and commented that they would get “The backroom boys” to contact me to make sure the issue never arose again. I was told it was a technical issue. A couple of days later I received a call from a lady with an Indian accent saying she was from Virgin technical and I had an issue and she was going to help me fix it. She got me to do a few things in settings that resulted in a long list of “attempts to access my bank accounts” according to her. She told me just enter the name of my bank and nothing else. She then said she had to have remote access to sort the issue, I was completely disarmed as I expected to get a call from Virgin. She then asked me to access a shopping site that I may use. I accessed Amazon. She asked me to go in and cancel my payment card then close down. I was beginning to doubt as I could not see the point of that but continued. At this point she had not used the remote access. She then asked me to access my bank account. I told her I was very unhappy doing that. We repeated the request and refusal three times before she hung up. The total conversation took over 30 minutes. I switched off my computer right away at the wall. Checked my bank account using my mobile, all OK. A couple of hours later turned on my computer and tried to delete the remote access software. Ran virus and malware software. Accessed my bank account the following day only to find the cursor moving around. Switched off at the wall again. Checked my bank account to find £500 had been transferred to the top name on the list that I have transferred money to over the years. Luckily it was my granddaughter so I was able to easily recover the money. Rang my bank to inform them of the incident, unfortunately they were totally uninterested and seemed only to be covering their backside (my fault, report granddaughter to police etc). Apparently their systems are fool proof!!! It took me a couple of days to get rid of the software, some bits that I assume the fraudsters had put on was hidden in a file called “icons”. I thought I was fraud aware but very nearly learned an expensive lesson. To this day I don’t know if the original issue with the e-mails was the start of the scam, if she got lucky and coincidently rang me when I was expecting a call or the one I hope isn’t correct, is a scammer imbedded with my ISP? One thing I forgot to mention is that a few years back I had an issue with Microsoft software, I rang them and they fixed the issue using remote access. I was very glad that that software existed at that point!!