Do Not Fall Victim to Remote Access Scams
Remote access or remote assistance scams have become more sinister since they first appeared over 15 years ago. With remote access scams, hackers contact employees and obtain access to their computers by disguising themselves as tech support providers. Once the remote access software is executed, the attacker can control the victim’s computer and launch background processes to steal data.
The Boston Division of the FBI warned citizens to be aware of tech support scammers, another remote access scam targeting financial accounts, using remote desktop software. Investigators were seeing an emerging trend that victims’ financial accounts have been compromised by fraudsters who send malware scams to gain control over the victims’ computers and financial information. This tech support scam is impacting individuals and businesses. In 2021, nearly 24,000 people reported losing over $347 million due to remote access scams.
What is a Remote Access Scam or Remote Assistance Scam?
Remote access scams are a unique scenario where victims are socially engineered to provide remote access to their computer via a legitimate remote access tool such as TeamViewer, LogMeIn, GoToMeeting or a similar remote access software. Once permitted to take over the computer, the scammer can steal personal and financial information, which can later be used to defraud the victim.
In tech support scams, hackers pose as customer support representatives from well-known companies to access a target’s financial accounts. They could call, email, or text their victims to offer to resolve a “made up” issue such as a compromised bank account, computer virus or software license renewal. After convincing the target of the problem, they gain control of the victim’s computer and, ultimately, personal data and financial information or direct their victims to transfer funds to cryptocurrency exchanges.
How Employees Fall Victim to Remote Access Hacks
Employees can fall victim to a remote access scam in many ways, including the following:
Via Email (Also known as Phishing)
The most common method of remote assistance attack is through a phishing attack, which is an email that appears to come from a reputable source, such as someone impersonating an employee, bank, gym or social media website. These emails often contain a message that prompts the victim to click on a link or download an attachment, which can install malware or grant remote access to the attacker.
Via a Phone Call (Also known as Vishing)
The attacker calls an employee and poses as an internal desktop support technician or explains they are from another legitimate organization, such as tech support for an application they usually use. The attacker will use social engineering techniques, such as creating a sense of urgency or fear in the victim and asking them to navigate to a website to download a file and execute it on their machine. If the file is executed, it will install remote assistance software, which grants the hacker remote access to the employee’s computer.
Via Text Message (Also Known as SMSishing)
This type of cyber attack involves sending a text message that appears to be from a legitimate source, such as a company service technician, a bank or a popular online retailer. The message may ask the victim to click a link to download a file. The attacker will then have instructions on installing the application on their desktop, ultimately granting them remote access to the victim’s workstation.
Via Pop-Up Warnings Within a Browser
Attackers can use pop-ups within a browser to deceive victims and lure them into various types of scams or attacks. The pop-up might claim that the victims’ computer is infected with a virus and urge them to download a security tool to fix the problem. However, the security tool is actually malware that can compromise the victim’s device and grant remote access to the victim’s computer.
How to Prevent Remote Access Scam Attacks
It is important to remember that legitimate customer and tech support representatives will never initiate unsolicited contact with their customers, including never asking for you to call a phone number or click on a link. They will also not demand immediate payment or request payment via cash, prepaid gift cards, wire transfers or cryptocurrency.
There are cybersecurity techniques to follow to prevent you or your employees from being victims of a remote access scam attack. First, ensure your company’s anti-virus, security and malware protection is up-to-date. Do not fall for the urgency given by the fraudsters to act quickly, and never give unknown or unverified persons remote access to your computer.
Below are more tips based on the specific type of remote attack:
Via email or phishing attacks: Be very careful when opening emails from unknown senders. Avoid clicking on suspicious links or downloading attachments from unknown sources.
Via the phone or vishing attacks: Be cautious when receiving unsolicited phone calls, especially those requesting employees to navigate websites to download software. If you receive such a call, do not provide any information and hang up immediately. Remember, phone numbers are easily spoofed, appearing to come from a reputable number.
Via SMS-based attacks: Be wary when receiving unsolicited text messages, especially those that contain links or attachments. If you receive such a message, do not click on any links. Look for the contact information, as the email could have been spoofed.
Via online pop-up attacks: Be vigilant when browsing the internet, especially when visiting unknown or untrusted websites. If you receive a pop-up, do not click on any links or call any numbers provided. You should immediately contact your IT security team.
Protecting Small Business from Cyber Risks
As personal, consumer, and company data security risks increase and cybercriminals become savvier, small business owners must find additional ways to protect their businesses from fraudsters and cyber attacks. Every type of organization should offer employee data security training and create a company-wide data breach policy with a response plan ready to implement when/if it is needed.
Dan Zeiler
Dan@zeiler.com
877-597-5900 x134