Remote Access Scams





Remote access is the ability to gain entrance to a computer or network from a remote location. Fraudsters frequently use this technique to swindle unsuspecting individuals financially.   

Recent Remote Access Scam Incidents:



Online Banking

Last week one of my clients received a phone call from someone identifying himself as a representative of a company that she is familiar with and has had an ongoing monthly service contract with for a few years.  The caller informed my client that a review of her contract revealed that she had overpaid $300.  The caller then instructed my client to log into her online banking account and after doing so, to allow him remote access to her computer because he wanted to transfer the $300.00 overpayment into her account.  She complied.  She checked her account activity the next morning and sure enough funds were transferred into her account.  However, the transfer amount was $3000.00 instead of $300.00. A few moments after discovering the discrepant transfer amount she received another call from the representative explaining that in error too many zeros were entered during the transfer.  He then instructed my client to load the additional $2700.00 onto prepaid cards at Walmart and to provide the prepaid card data to him. 


Luckily when our client went to the bank to withdraw the $2700.00 from her account in order to load the prepaid cards she shared her ordeal with bank personnel because it seemed quite odd to her.  The information was then reported to me for advisement.  Because I had seen this scam several times before I suspected that the caller was a fraudster and not a representative from any company my client did business with.  I was also certain that when he was allowed remote access into her computer he transferred funds from one of my client’s other accounts into the account she had specified to receive the overpayment in order to make it appear that the funds were transferred from his company’s account.  My theory proved to be accurate.  My client had 7 deposit accounts and the caller had actually used her online banking access to transfer funds from an account that was primarily used by her daughter, on which she was also an authorized signer.  So, she was about to give the crook $2700.00 of her daughter’s money.

Technical Support

Another type of remote access fraud involves scammers posing as technical support personnel from Microsoft or similar software merchants.  They typically contact individuals via phone explaining that they discovered an issue with the potential victim’s computer and for a fee they can fix the problem very briefly if allowed remote access to the victim’s computer.  Once the fraudster is granted remote access he can potentially install intrusion software or access the victim’s personal data from files, email, documents and etc. After obtaining the victim’s confidential data the list of possible fraudulent use is endless notwithstanding, the monetary fee that the victim paid for the computer repair.

Important Takeaways:

  • Don’t ever allow anyone remote access to your online banking or financial accounts.  In addition, don’t share your online banking or financial account log-in credentials with anyone for any reason.  Armed with access and/or log-in credentials they can do anything that you can do i.e. transfer funds, set up bill payments and etc.
  • Verify the identity of tech support individuals with Microsoft or whichever company they’re employed before allowing them remote access to your computer.  Furthermore, I’m told that Microsoft and other reputable companies do not phone individuals to report problems with computers.  So if you receive one of these calls IT’S A SCAM!

It’s vital that you think before you act.  It only takes a second to allow remote access, but it can take several hours, days, weeks and sometimes years of inconvenience to recover, depending on the type of ongoing fraud schemes that are possible via remote access fraud.  I equate allowing someone remote access to your computer with leaving the doors to your house wide open while you’re away at work or on vacation.  Anyone could walk in and have a free-for-all.

Comments

Post a Comment

Popular posts from this blog

How to tell if your identity has been stolen

Reportedly 143 million consumer's personal identification information (PII) was stolen during the 2017 Equifax data breach.  Equifax is one of the three major consumer credit reporting agencies. Given the type of PII that was accessed, identity theft incidents are predicted to have a significant uptick in the months and even several years to come. Be on the lookout for these red flags.  If these incidents occur your identity may have been stolen. Missing mail, particularly bank and credit card statements You receive statements or outstanding bills for accounts that you don't recognize You receive calls from bill collectors for accounts that you are not familiar with You notice unfamiliar accounts listed on your credit report Upon filing your tax forms, you receive notice from the IRS that your taxes have already been filed You receive notice from your insurance provider regarding services or procedures you didn't receive You receive notice from a business or mer
Read more

Things You Should Know About the Equifax Data Breach

Image
By: Dorothy Riggs, CFE On September 7, 2017 news outlets began reporting that Equifax, one of the three major consumer credit-reporting agencies, had been the target of a major data breach.  Based on Equifax’s investigation, cyber criminals gained unauthorized access to data from mid-May through July 2017. Equifax confirmed that exposed data includes credit card numbers for approximately 209,000 people and personal identifying information (PII) for about 182,000 people involved in credit report disputes.  PII includes sensitive information such as social security numbers, names, birth dates, driver licenses and addresses. According to reports,  143 million people could be affected by this breach . That being the case, you could absolutely be affected. To find out if your data was compromised Equifax has set up a  ‘Check Potential Impact’  site where you are asked to enter your last name and the last 6 digits of your social.  After doing so, you’ll receive a message lett
Read more