According to Action Fraud, they have received 31 crime reports since June 2023 relating to remote access scams targeting businesses. Businesses have reported losses totalling over £3.8M.
Based on analysis of crime reports by the National Fraud Intelligence Bureau, we know that scammers will generally use the following tactic to target businesses:
- Contact you claiming to be a representative from your bank or from a financial services vendor used by your business.
- Convince you to install a piece of software that enables remote access to your computer, claiming that it’s required to install an important software update.
- At some point during the call, you would be instructed to login to your online banking account. Once this has been done, the remote access software is used to blur your screen whilst the scammer makes fraudulent transactions from the account without your knowledge.
- You would also be asked to read out a series of numbers the scammer claims they have sent to your mobile. In reality, the numbers are a one-time verification code from your bank which, if shared with the scammer, will allow them to transfer money out of this bank account.
Some businesses reported a slightly different account of how the scam was perpetrated. However, the goal of the scammers usually remains the same – to convince victims to login to their online banking account whilst the scammer has remote access to their computer.
How to protect your business from remote access scams
Your bank will never ask you to grant them remote access to your computer or smartphone. Never install any remote access software on your device as a result of an unsolicited call, browser pop up, or text message. The one-time verification codes sent to you by your bank to authorise transactions on your account should never be shared with anyone, not even bank employees.
- If you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware, follow the National Cyber Security Centre’s guidance on recovering an infected device.
- Received a suspicious call from someone claiming to be from your bank? Hang up, wait a few minutes, then call your bank using the contact number on the back of your debit card, or use the contact information on their official website or app.
For further guidance on protecting you and your business please contact: [email protected]
To stay up to date with the ever-changing digital landscape and security threats, sign up for our free core membership.
The NEBRC is a Police led non-profit organisation that seeks to educate, inform, and support businesses across the UK on how to protect their business online through good cyber security practices.