Cyber Aware | 11 August 2021
Have you ever allowed an IT support person to fix a technical issue by controlling your computer remotely? Over the years, remote support has cemented itself as one of the most valuable tools in tech support.
However, it’s also opened up the door to one of the most popular scam methods in the new decade. A remote-access scam is when a scammer gains unwanted access to a computer, phone or tablet for the purpose of stealing money and sensitive information.
According to Scamwatch, scammers have already stolen more than $8.1 million from Australians with remote access scams in 2021.
Not only are these scams widespread and growing in popularity, but the damage inflicted in each scam can be astronomical. People aged 55 years and over accounted for over $4.4 million in reported losses through remote access scams this year, and younger Australians reported losing $20,000 per scam on average.
Typically, the victim will receive a phone call from a person claiming to be from a bank, telecommunications provider or other service providers. Think Telstra, the NBN or even the ATO.
Under these false pretences, the scammer will tell the victim that there is a technical issue on their device that can only be fixed with remote support. The scammer encourages the victim to download a remote access tool, which, once downloaded, allows them to take control of the victim’s device.
This ultimately results in the scammer performing a number of criminal activities, including:
Remote access scams are harmful enough when they target an individual. However, in 2021 they pose a major and often overlooked threat to businesses.
As a result of the pandemic, many Australian businesses have migrated their staff to working from home. While working from home certainly has its benefits, it also raises a pressing security challenge.
Sensitive business data is often taken from the workplace and shared throughout the home computers, phones and tablets of multiple employees. As such, scammers are tailoring their efforts to individual staff, attempting to gain access to their home and mobile devices for the valuable business data within.
In 2021, it’s crucial that you and your employees are prepared for remote scam attempts. Here are three important steps you can take to notice and prevent remote access scams from affecting you and your business.
The vast majority of service providers will not request remote access to your device, especially if they were the ones that called you. Create a list of companies and/or people that you’re willing to provide remote access to, and ensure that you and your staff do not provide remote access under any other conditions.
Conventionally, remote access scams are performed with well-known software such as Teamviewer or However, popularised work tools such as Zoom and Slack now have remote access functionality built-in. Be wary of unknown parties attempting to call through these apps, and ensure that staff know how to both identify and reject a remote access request on them.
If you have staff working remotely or from home, it’s essential that your workplace has enabled a VPN. Simply put, a VPN works a secure “tunnel” between your home and your workplace. By enabling a VPN, you can enforce automatic rules that prevent employees from downloading malicious remote access files in the first place.
While there is a plethora of educational content on cybersecurity, here are some basic safety rules that your staff should be aware of in regards to remote access scams.
Above all else, spreading awareness is the best thing that you can do to ensure the safety of your business and your colleagues. Normalise discussions about remote access scams and cybersafety in your organisation and take measured steps to ensure staff members know how to avoid them.
Remote access scams can occur at home, on the road, and even in the workplace, so make sure you never let your guard down.