Fraudsters Steal £58m in 2021 Via Remote Access Tools

Security

Scammers who tricked victims into handing them control of their PCs managed to steal nearly £58m last year, according to official UK police figures.

Some 20,144 individuals fell victim to such “remote access tool” (RAT) scams in 2021, according to Action Fraud, the country’s national reporting centre for fraud and cybercrime.

Losing on average around £2800 per incident on average, the total losses amounted to £57.8m last year.

These attacks often start with victims being bombarded with pop-ups on their screens, claiming that there’s a problem with the computer. That might, in turn, request users call a ‘hotline’ number that’s actually run by fraudsters, who will persuade the victim to download a remote access tool.

This is akin to a classic “tech support” scam. However, other variations may include scammers cold-calling victims pretending to work for their bank and claiming they need to access the computer to cancel a fraudulent transaction.

In either scenario, access to the victim’s PC or mobile device may enable the scammers to access banking details or download information-stealing malware with the same end goal.

One victim lost over £20,000 after a scammer posing as a Sky employee persuaded them to download a RAT to fix a non-existent problem with their TV. This enabled them to access their bank account.

Another lost £1000 after a fraudster pretending to work for Amazon tricked them into downloading a RAT to help them process a payment for an Amazon Prime membership.

“While remote access tools are safe when used legitimately, we want the public to be aware that they can be misused by criminals to perpetrate fraud. We often see criminals posing as legitimate businesses in order to trick people into handing over control of their computer or smartphone,” warned detective chief inspector Craig Mullish from the City of London Police.

“You should only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop-up or text message.”

Products You May Like

Articles You May Like

A Guide to Securing AI App Development: Join This Cybersecurity Webinar
The Future of Serverless Security in 2025: From Logs to Runtime Protection
Researchers Discover “Bootkitty” – First UEFI Bootkit Targeting Linux Kernels
AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections
UK Justice System Failing Cybercrime Victims, Cyber Helpline Finds

Leave a Reply

Your email address will not be published. Required fields are marked *