Which? has warned people to be on their guard against fraudsters seeking to take over their computers under the guise of tech support workers.
The consumer rights organisation said more than £16m is stolen each year by criminals who impersonate tech support workers at well-known IT suppliers to talk victims into giving them access to their computers. They then steal information that allows them to go on and raid bank accounts.
Which? also wants banks to refund more customers who fall prey to these scammers, with some victims claiming they were not reimbursed by their bank. It said that in some cases, banks claimed that customers had authorised the payments or had been grossly negligent.
“Although banks must refund unauthorised transactions, we are aware of cases where the bank has said allowing remote access to your computer or smartphone amounts to gross negligence and refused to reimburse the victim,” said Which?.
The organisation is calling on banks to acknowledge the sophistication of many computer takeover scams and to reimburse blameless victims. “The government should legislate to enable the current voluntary code on bank transfer scams to be replaced with a new statutory code of practice,” it said.
National fraud and cyber crime reporting centre Action Fraud said it had received 14,893 computer software service fraud reports in the past year, with reported losses reaching about £16.5m.
“Awareness of this tech scam among consumers appears to be low,” said Which?, which conducted a recent survey that found four in 10 people had never heard of remote access software.
Which? said that, based on reports, TeamViewer is the remote access software brand most misused by scammers, but others involving AnyDesk, GoToAssist and LogMeIn have also been reported.
Jenny Ross, money editor at Which?, said millions of pounds are lost to computer takeover scams every year, with potentially devastating consequences for the victims.
“Which? is calling on banks to reimburse all blameless customers who fall victim to these scams and for the government to introduce legislation to ensure a new statutory code of practice can be created, which would include clear standards and protections for victims,” she said.
“Anyone who receives unsolicited calls claiming to be from tech support or broadband engineers and asking for personal details or to install computer software should hang up and phone their provider back using the legitimate phone number.”
Which? says that if you think you have given remote access to a scammer:
- Switch off both the device and your Wi-Fi connectivity.
- Speak to your banks as a matter of urgency.
- Remove the relevant app from your list of recent downloads or installed programs, and check for other programs that may have been installed remotely.
- Change your email and online banking passwords and, where possible, enable two-factor authentication.
- If you have security software, ensure it has all new and recent updates – then run a full security scan.
If you think you have been a victim of fraud, report it to Action Fraud online at actionfraud.police.uk or call 0300 123 2040.