How to recognise and combat computer takeover scams

Remote-access tools — pieces of software used to remotely access or control a computer — have been used for years by IT personnel to help distant clients fix technical problems.

Increasingly, these tools are being used by scammers (when used for malicious purposes, these tools are known as a remote access Trojan, or RAT).

According to Australian Consumer and Competition Commission (ACCC), in the first six months of this year scammers stole more than $7.2 million from Australians by gaining remote access to home computers.

This was an 184% increase compared to the same period last year, making it one of the fastest-growing scam types in Australia.

Ironically, it’s people’s fear of fraud and cybercrime that the scammers prey on; the victims are young and elderly.

“People aged 55 and older lost over $4.4 million, accounting for almost half of total losses,” says ACCC deputy chair Delia Rickard.

“Young people reported losing on average $20,000 and eight indigenous Australians, some in remote communities, lost a total of $38,000.”

How the scam works

This is how the ACCC describes the way these remote-access scams typically unfold:

1. A scammer pretending to be from a well-known organization (e.g. Telstra, NBN Co, eBay, Amazon) phones you or sends you an SMS, email or pop-up saying, for example:
   – You’ve been billed for a purchase you didn’t make.
   – Your device has been compromised.
   – Your account has been hacked.
2. The scammer asks you to contact them urgently to fix the “problem” or help them catch the “hacker”.
3. When you contact them, the scammer asks you to download remote-control software such as AnyDesk or TeamViewer.
4. Once they have control of your computer or device, the scammer asks you to log into applications such as your emails, internet banking or PayPal accounts. This allows the scammer to access your banking and personal information to impersonate you or steal your money.=

What to do if you’re contacted

If someone contacts you out of the blue asking you to give them access to your devices, the ACCC recommends you do the following:

1. Hang up and/or do not respond to their written messages.
2. If you think the communication may have been legitimate, independently source the contact details for the organisation and contact them (don’t use the contact details in the suspicious communication and don’t click on any of its links).
3. If you think you’ve been scammed, contact your bank or financial institution as soon as possible. (Never provide online-banking transaction-verification codes to anyone.)
4. If the scammer has installed any apps or programs on your device, delete them — with, if necessary, the help of IDCARE, Australia’s national identity and cyber support service.

More information

For more information on the different types of scams to look out for, how to report them, and where to get help, visit the ACCC’s Scamwatch website.

IMPORTANT INFORMATION: This blog has been prepared by Modoras Accounting (SYD) Pty Ltd ABN 18 622 475 521. The information and opinions contained in this blog is general information only and is not intended to represent specific personal advice (Accounting, taxation, financial, insurance or credit). No individuals’ personal circumstances have been taken into consideration for the preparation of this material. The information and opinions herein do not constitute any recommendation to purchase, sell or hold any particular financial product. Modoras Accounting (SYD) Pty. Ltd. recommends that no financial product or financial service be acquired or disposed of or financial strategy adopted without you first obtaining professional personal financial advice suitable and appropriate to your own personal needs, objectives, goals and circumstances. Information, forecasts and opinions contained in this blog can change without notice. Modoras Accounting (SYD) Pty. Ltd. does not guarantee the accuracy of the information at any particular time. Although care has been exercised in compiling the information contained within, Modoras Accounting (SYD) Pty. Ltd. does not warrant that the articles within are free from errors, inaccuracies or omissions. To the extent permissible by law, neither Modoras Accounting (SYD) Pty. Ltd. nor its employees, representatives or agents (including associated and affiliated companies) accept liability for loss or damages incurred as a result of a person acting in reliance of this publication. Liability limited by a scheme approved under Professional Standards Legislation.