Which? warns of the dangers of computer takeover scams as victims lose more than £16 million in a year

4 November 2020

Which? is warning of the dangers of fraudsters using computer takeover scams to steal money and personal details from unsuspecting victims, as data shows reported losses reached more than £16 million in the last year.

The consumer champion has heard from people who have lost thousands of pounds to this convincing scam where the perpetrators phone up pretending to be tech support from a reputable firm such as Microsoft or BT.

The fraudsters then attempt to persuade victims to install remote access software – which is used by many legitimate IT workers – that allows them to steal money and personal details.

Which? is calling for banks to refund more customers who fall victim to this sophisticated scam, having heard of a number of cases where people have been denied reimbursement due to banks claiming that they either authorised the payments or had been grossly negligent.

Karen, who lives in Brighton and is in her 60s, lost £6,900 in July to a cold caller claiming to be from ‘Amazon Prime Security.’ The scammer quickly created a sense of panic, claiming that her account had been hacked in California. She believed they were helping protect her account and agreed to download TeamViewer, a brand of remote access software.

They took over Karen’s laptop and showed her error messages in the Windows Event Viewer program to suggest it was not secure before the screen went black, giving the scammers an opportunity to access her accounts and steal a total of £6,900 from her bank account and MBNA credit card.

Karen said she “felt totally violated” when the scam came to light. MBNA initially refused to refund her the money but after Which? got involved it agreed to reimburse her in full and pay her £200 compensation.

This is far from an isolated case. In the last 12 months, Action Fraud says that it has received 14,893 computer software service fraud reports, with reported losses reaching around £16.5 million over that period.

Which? has previously heard from another person who lost £80,000 having been scammed by someone pretending to be a BT engineer. Initially, the fraudster claimed to be ensuring her internet connection was working, before claiming they had found a number of security alerts on her account. The caller convinced her to download TeamViewer to check that accounts, including Amazon, were not compromised.

One person even told Which? that he had requested tech support for problems with his computer before later receiving a call from a fake Microsoft engineer who went on to transfer money from a savings account into his current account as part of a complex scam.

Awareness of this tech scam among consumers appears to be low. A Which? survey of the general public in September 2020 found that, despite some banks displaying warnings, four in 10 people have never heard of remote access software.

Based on reports to Which?, TeamViewer is the brand of remote access software reported as being misused by scammers most often, although others include AnyDesk, GoToAssist and LogMeIn.

Providers say misuse of remote access software gives grounds for users to have their accounts shut down. They also told Which? that they monitor accounts for unlawful activity, working with authorities to report abuse.

According to UK Finance, impersonation fraud shot up by 84 per cent in the first half of 2020, with almost 15,000 reports and £58 million lost. Criminals are thought to be targeting the growing numbers of people working remotely due to the coronavirus pandemic by posing as IT departments or software providers.

Although banks must refund unauthorised transactions, Which? is aware of cases where the bank has said allowing remote access to your computer or smartphone amounts to gross negligence and refused to reimburse the victim.

Which? is calling on banks to acknowledge the sophistication of many computer takeover scams and to reimburse blameless customers who have fallen victim to this type of fraud.

The government should legislate to enable the current voluntary code on bank transfer scams to be replaced with a new statutory code of practice. This should include clear standards for all payment providers involved in transferring money between accounts, to address weaknesses in the current code that have left scam victims facing a lottery when they try to get their money back.

Until then, Which? advises anyone who fears they might have fallen victim to a bank transfer scam to report it to the police via Action Fraud and to make a complaint to the Financial Ombudsman Service if their bank refuses to reimburse them.

Jenny Ross, Which? Money Editor, said:

“Millions of pounds are lost to computer takeover scams every year, with potentially devastating consequences for victims who lose life-changing sums of money to these callous fraudsters.

“Which? is calling on banks to reimburse all blameless customers who fall victim to these scams and for the government to introduce legislation to ensure a new statutory code of practice can be created, which would include clear standards and protections for victims.

“Anyone who receives unsolicited calls claiming to be from tech support or broadband engineers and asking for personal details or to install computer software should hang up and phone their provider back using the legitimate phone number.”

What is a computer takeover or remote access scam?

Remote access software enables you to use one device to access another from any location by downloading a smartphone app or installing a program on your computer, then entering a password that will connect one device to another.

Although many legitimate businesses use this technology, including Which?’s tech support team, criminals also use it for nefarious purposes.

Typically, you get a phone call from someone claiming to be from a known company (commonly impersonated firms include Amazon, BT and Microsoft), in which they try to convince you to grant them access to your device, claiming they will fix a spurious problem.

Scammers may pretend to carry out tests and charge you a fee for imaginary or unnecessary services. In other cases, they may put up a fake screen and work in the background to download other software or steal passwords and other personal data.

What to do if you think you’ve given remote access to a scammer:

Switch off both the device and your wi-fi connectivity.
Speak to your banks as a matter of urgency.
Remove the relevant app from your list of recent downloads or installed programs, check for other programs that may have been installed remotely.
Change your email and online banking passwords and, where possible, enable two-factor authentication.
If you have security software, ensure it has all new and recent updates – then run a full security scan.

If you think you’ve been a victim of fraud, report it to Action Fraud online at actionfraud.police.uk or by calling 0300 123 2040.

Notes to editors

From October 2019 to September 2020, Action Fraud received 14,893 reports of computer software service fraud, with reported losses of around £16.5 million. These figures could be even higher as not all scams involving remote access software appear to be covered under Action Fraud’s computer software service fraud category.
Action Fraud explainer and advice on computer software service fraud: https://www.actionfraud.police.uk/a-z-of-fraud/computer-software-service-frauds
Which? surveyed 4,501 members of the general public about their current accounts in August and September 2020. Fieldwork was carried out online by Dynata and data has been weighted to be representative of the UK population (aged 18+). One question they were asked was: ‘Scam callers posing as engineers or IT experts sometimes ask victims to download “remote access software” or trick them into doing so. These tools give the scammers access to their computer or smartphone. Before today, had you heard of remote access software?’
Impersonation scams almost double in first half of 2020 as criminals exploit Covid-19 to target victims: https://www.ukfinance.org.uk/covid-19-press-releases/impersonation-scams-almost-double-in-first-half-of-2020
Which?’s article will be going live at the following URL at the same time the press release embargo breaks: https://www.which.co.uk/news/2020/10/remote-access-scams-the-call-that-could-wipe-out-your-life-savings

Rights of reply

TeamViewer: “Stopping fraudulent activity remains a high priority for TeamViewer, and we strongly condemn any criminal activity perpetrated by bad actors on the platform. Privacy and security are central to our business, and we look into every single case that is reported, updating countermeasures accordingly and working diligently to keep our users and customers safe.”

LogMeIn (which is also the brand behind GoToAssist): “We take scammers very seriously. Use of any of our products for nefarious or illegal purposes violates our terms and is immediate grounds for account termination. To protect consumers, we conduct both proactive and reactive approaches – including monitoring accounts for unlawful use, canceling accounts that partake in these activities, employing session limitations on trial accounts, and adding friction to our registration page to reduce re-trialing once banned. We also work with proper authorities to report the abuse.”

AnyDesk: “We have established concrete steps to protect our users from scams, e.g. we’ve installed a scam warning into the app, telling users to be cautious with whom they share their AnyDesk logins and we are constantly reminding our users not to share their AnyDesk logins with unknown people. Nevertheless, users have to be wary and increasingly vigilant about the data they’re sharing with unknown individuals.”

MBNA said: “We have a great deal of sympathy for (Karen) as the victim of a scam and while she shared enough personal account details to enable fraudsters to make purchases on her credit card, we refunded the amount lost after taking into consideration the particular circumstances of her case. It’s crucial that people never share their online banking details with anyone.”

Press Release