The Financial Conduct Authority (the FCA) has warned investors to be vigilant after screen sharing scams increased by 86% in just one year, totalling £25 million in reported losses. Scammers posing as investment companies, banks, utility services and IT departments are using the remote technology to gain access to private data and accounts.
With many people forced to work from home and isolate away from friends and family over the past couple of years, the acceptance of screen sharing technology into our daily lives has increased dramatically. Unfortunately, so have screen share scams.
Zoom – a relatively niche program before the global pandemic and extended lockdowns – saw its user base explode with the rise in remote working and video conference calling. 10 million “daily video participants” in December 2019 very quickly rose to 300 million “daily video participants” by April 2020.
When it comes to screen sharing, it’s important to note that there are two slightly different meanings to the phrase. Screen sharing, and remote access. Both can be used by scammers.
The first kind of screen sharing involves a program like Zoom, Microsoft Teams or Discord, and allows a person to share their screen with one or more other people anywhere else in the world. While this is generally lower risk, it can still cause issues if the person sharing their screen broadcasts sensitive/private information, like logging into a bank account, or displaying their login details/password for a shopping site. Scammers are smart and will orchestrate a situation to get this information out of victims.
The second kind of screen sharing involves remote access software like AnyDesk, TeamViewer or LogMeIn. These are legitimate programs often used by credible companies like BT, Virgin Media, and Which? to provide hands-free technical support without needing to send a piece of equipment off to be examined, or without requiring a visit from a technician. Remote access screen sharing is considerably more dangerous as it gives a stranger full control of your computer, laptop or phone. If a fraudster gains access this way, they may be able to install spyware/malware, and access any of your files, data and accounts.
What is a screen sharing/remote access scam?
A screen sharing or remote access scam occurs when a fraudster contacts their victim claiming to work for a widely known company like Amazon, Sky, PayPal or even a bank. They often claim that unusual activity has been detected, the victim is entitled to a refund, and that they need access to the victim’s computer/phone in order to help. This is very similar to an impersonation/phishing scam or an investment scam.
They will ask their victim to install a screen sharing or remote access program (we find they often recommend AnyDesk) so that they see – and in the worst cases, take control of – their victim’s device in order to “help”. After they have access, they proceed to gather as much information as possible and in many cases install malware to maintain access even after the screen sharing program has been closed.
The scammer’s aim is to steal their victim’s money, whether that’s from banks, shopping accounts or by opening credit cards and taking out loans using the compromised information.
Screen sharing investment scams
The FCA are warning current and would-be investors to be careful after research indicated that 47% of participants said they wouldn’t find it strange if asked to download software/an app to access their device.
Screen sharing investment scams work in much the same way as general screen sharing scams, but with the aim of tricking the victim into believing that they are making an investment. Victims may not even know that they have been defrauded until months down the line when the victim attempts to withdraw the money, they believe they have earned.
Many fraudsters and criminals use platforms like Facebook Ads and Google Ads to target victims using advertisements that look incredibly real. In fact, these adverts are often based on legitimate companies, offering investment opportunities in areas like cryptocurrency (including Bitcoin), foreign exchange (forex) and property.
Once a victim has clicked on the ad and has submitted their details, the fraudster makes contact, likely via phone, and claims to work for the investment company. They state that the would-be investor needs to download specialist software to begin investing, directing the victim to install the program/app and to give the caller remote access to the screen/device.
In many cases, after installing the software, the fraudsters are free to access any files, apps or accounts registered on the device, allowing them to drain bank accounts and pension funds.
How to stay safe
Protecting yourself from scammers can be a difficult task but there are several red flags which can help.
- Never trust calls from people you don’t know, and do not grant access to your computer or phone unless you can confirm they are who they say they are. If in doubt, call them back via an official number located on their website. To prevent scammers from keeping your phone line busy after you hang up, use a different phone, or wait at least 10 minutes before making a new call.
- Before you invest with any company, always check that they are registered with the FCA. If they are registered, check that the web address is correct and that they are not using a lookalike site. If they are not registered, then they are breaking the law and you should not invest with them. Doing so means you are not protected in the event something goes wrong.
- Never share your passwords or online banking details with anybody. This includes typing them in while you are sharing your screen.
- Neither investment companies nor your bank has a valid reason for needing remote access to your device. Furthermore, there is never a valid reason for a person to contact you and ask to view your screen. The only time you may want to share your screen is with people you know and trust, or with tech support that you have specifically requested.
- Never feel pressured to share your screen or to grant remote access to your computer. Scammers are experts in building trust and convincing their targets to feel safe. If you are threatened with fines, arrest, or legal action by the caller, or are being rushed to make a decision, this is a red flag, and you should end the call immediately.
What to do if you have shared your screen with or granted access to your computer to scammers.
The very first and most important thing you can do after discovering a fraudster has access to your device is to terminate the connection and stop them from doing any more damage. You can click to stop sharing, you can close the program, or to be extra safe, you can turn off/unplug your internet.
What you do next depends on the type of connection the fraudster had to your device (if in doubt, treat the situation as if they had full control of your device).
You shared your screen but did not grant control of your device
- The first thing you need to do is warn any of your banks or financial institutions that the scammer may have seen the details to. You should change your security credentials and card numbers.
- Likewise, change your login details for any other accounts the scammer could have seen, like Amazon, eBay, PayPal, etc.
- If you use the same password anywhere else, change those also.
- Report the incident to the police.
If you granted a scammer control of your device
- Report the incident to your banks and financial institutions and change your security details. Do this for all accounts, even those you don’t believe the scammer could see.
- Run a malware check to make sure they cannot continue to spy on your device. You can do this with software like Malwarebytes. If you are not comfortable with computers you may prefer to take your device to a reputable IT specialist for help.
- Change your passwords on all sites/apps with your payment details (like Amazon, eBay, JustEat, PayPal, etc.).
- Report the incident to the police.
Can I get my money back from a screen share or remote access scam?
If you have been the target of a scam – whether that’s an investment scam or impersonation fraud – then you are not alone. There were almost 7,000 investment scam cases and more than 33,000 impersonation fraud cases reported in the first half of 2021 alone.
Fraud Expert Manager at CEL Solicitors, Chloe Roche advises, “If you have lost money to fraud or a scam, your first point of contact should be your bank. If they refuse to help, or if they are unwilling to give you back the full amount you have lost, then tell CEL. Our dedicated fraud team are experts in helping recover money lost to criminals.”