High-profile data breaches like the TalkTalk cyber-attack have created the ideal environment for fraudsters to target victims. One of the criminals’ latest scams involves taking over victims’ computers to steal money from online bank accounts. To make sure you’re not a victim of a scam like this, we’ll show you what to look out for.
Financial Fraud Action UK (FFA UK) is warning the public to be cautious of a new type of telephone scam which involves fraudsters making unsolicited phone calls, claiming to be from major organisation or companies – like banks, computer firms, internet service providers and software firms.
Victims are told that there’s a problem with their computer or internet service which is causing it to run slowly. To fix this, they’re instructed to visit a website or enter a command prompt on their computer, which gives the scammer remote control of the machine.
Once this has been granted, the fraudster will go about ‘fixing’ the problem (sometimes for as long as 40 minutes). Around this time, the scammer will tell the victim that they’re entitled to compensation due to the fault – some will even pretend to put them through to a supervisor to authenticate this.
They say they’ll send the money over and ask the victim to log into their bank account to check that it has arrived. As remote access is still activated during this time, the fraudsters simply put up a fake screen to give the appearance that the money has gone through. They then work in the background, to take money from the victim’s bank account.
Fraudsters may also ask for a bank passcode sent by text message or generated by a card reader, stating that this is required to put the refund through. But this code will only enable fraudsters to set up a new payee and gain access to the victim’s account.
An alternative version of the scam sees fraudsters say that they’ve sent too much money across – an error they say will cost them their job. They then transfer money between the victim’s bank accounts to make it look this way.
To make sure you don’t fall for a scam like this, take note of the following tips:
• Always be wary of unsolicited phone calls, especially when you’re being offered a refund or help to fix your computer.
• Never – under any circumstances – give someone remote access to your computer if you don’t know them.
• While someone has access to your computer, never log onto online banking.
• Never disclose your 4-digit PIN or your online banking passwords, the same goes for passcodes or card reader codes.
• If you’re called by someone claiming to be from a legitimate company, call them back on a number you find independently (e.g. online or on mail from the company) if you’re suspicious – they shouldn’t mind this extra precaution if they’re genuine.
• When it comes to unsolicited phone calls, always follow your gut – if something doesn’t feel right, it probably isn’t.
If you think you may have already fallen victim to a scam like this, get in touch with your bank immediately and report the scam to Action Fraud, using their online tool. For more help on protecting yourself and your money, read our guide to staying safe online.