One of the most damaging phone scams is one where a fraudster takes control over a victim’s mobile phone or computer. These are referred to as remote access scams.
How do remote access scams work?
Remote access scams often begin with a phone call from someone impersonating a well-known brand, such as a bank, a technology company, or even a governmental agency. The imposter convinces the victim to download software that not only enables the imposter to see what the user sees, but also to take control of the user’s device.
For example, a caller pretending to be from a bank’s security department might tell a victim that there have been fraudulent transactions on the bank account. To remedy the matter, the fraudster convinces the victim to download a remote access app so they can look at the account together. After the victim logs in to their account, the imposter can take control of the device and transfer money out of the account.
Tech support scams, which we’ve written about previously, are one of the most common types of remote access scams. With these scams, fraudsters convince victims that there is a virus on their computer or mobile phone, and to remove it, they will need access to the user’s device.
What Hiya users around the world are saying about remote access scams
Consumers using Hiya’s spam protection service through their phone carrier, device manufacturer or mobile app, can tap their device to report a call as fraud or nuisance and can leave a comment about the nature of the call.
Hiya has received comments from users around the world reporting attempted remote access scams. Most commonly users say they are asked to download the remote access app Anydesk, but other apps are mentioned as well, including RealVNC and Teamviewer. Here is a sampling of reports from users around the world.
“They tried to gain access to my phone via Anydesk. Caller said they were Amazon and that someone was using my IP address to order stuff via my Amazon account.” – Hiya user in the UK
“Lied about who they were...Roku support. Gained access to my mobile phone/TV via RealVNC Server app and made gift card charges in $200 increments to Amazon, Walmart, Home Depot, Dollar General.” – Hiya user in the US
“Caller claimed to represent an investment firm. Asked me to download Anydesk app for remote access to my phone.” – Hiya user in Canada
“Claimed to be from Paypal, calling because of suspicious activity, wanted me to install remote software.” – Hiya user in Spain
“Said my broadband connection was compromised. Had me install the Anydesk app, type in number sequences, and report findings. Within 24 hours there were attempts to access two of my shopping apps.” – Hiya user in France
“This number told me my PayPal account was hacked and wanted to help me to secure it and block hackers. He wanted to install Anydesk on my phone and compromise it.” – Hiya user in Germany
“Attempt to hack into my CEF account using the Anydesk app.” – Hiya user in Brazil
Once scammers have remote access to a victim’s phone or computer, they can access apps that reside there, including banking, shopping and peer-to-peer payment apps. They can also steal personal information, which can be used for identity theft or to carry out future scams.
Role change: When consumers call scammers
It’s not just scammers calling consumers. Sometimes consumers unwittingly call scammers. Here’s a report from a Hiya user in the US:
“I was trying to recover my Instagram account, so I looked up the Instagram customer service number. Someone answered the phone and he stated that we needed to do a test transaction. He asked me to download the Anydesk app, ran through some steps, and then he had access to my phone software. He was able to see EVERYTHING! This was the first number that popped up in the Google results. It looked legitimate to me, because I thought that surely Google wouldn't allow fake numbers to be at the top of the search results, but I was completely wrong.”
This example was not unique. Other Hiya users reported looking up customer support numbers online, only to discover that the number connected them to a scammer. It’s not uncommon for scammers to pay for “sponsored ads” that will move their phoney contact numbers to the top of search listings.
That’s why it’s important to double-check the accuracy of any customer support phone number. Better yet, add your most common customer support phone numbers to your contact lists. That way you’ll always have the correct number when you need it and won’t have to resort to an online search.
How to protect against remote access scams
The best way to protect against remote access scams is to block fraud calls before they ever reach your phone.
For mobile phone carriers, there’s Hiya Protect, a complete call protection solution that enables carriers to block fraud calls and label suspected nuisance calls to protect subscribers.
For business professionals and employers with bring-your-own-device policies, Hiya recommends the Hiya AI Phone app, which features:
- Real-time scam protection
- AI-voice and deepfake protection
- AI-assisted call screening
- Call summaries and transcripts
For individuals who do not have spam protection through their mobile phone carrier, there’s the Hiya Spam Blocker app, which can be downloaded from the App Store and Google Play.
