Australia’s consumer law regulator is warning people to be cautious following a rise in reported losses to remote access scams in which criminals gain access to victims' personal devices and accounts.
The Australian Competition and Consumer Commission (ACCC) says Australians reported losing $15.5 million to remote access scams in 2023, before a 52 per cent increase in overall losses in the first quarter of 2024.
The rise in financial losses comes as losses from other scams have decreased in recent months.
The ACCC’s National Anti-Scam Centre said victims of remote access scams lost an average of $17,943 in the first quarter of 2024, up 57 per cent from average losses in 2023.
It said Australians over the age of 65 were losing the most money to such scams.
Remote access scams occur when a scammer contacts someone, usually over the phone, and convinces them there is an issue with an online account, their phone or their computer — often by impersonating well-known companies.
The scammer then attempts to gain access to the victim’s device, usually by convincing them to download software or a mobile app.
Once they have access, the scammer seeks access to banking or other accounts while claiming they are helping to resolve an issue.
The scammer may ask for banking passwords and one-time security codes to be read out to them, to grant them access.
While it might not appear that any money is stolen at first, accounts may be drained later on.
‘They got access to my PC’
One victim who responded to a survey by consumer advocacy group Choice said they were called by scammers who claimed they were representing the National Broadband Network (NBN) and could increase their internet speed.
“Eventually they got access to my PC and were able to enter my [Commonwealth Bank] Netbank then to transfer my money to some AMP account,” they said.
“It took me 90-plus minutes to reach somebody in [Commonwealth Bank] security.
“I don’t know what CBA staff did then, but much later I was informed they could not retrieve my money — CBA did not want to compensate anything.
“They agreed to compensate 50 per cent only after a long and painful discussion.”
Remote access scams see criminals use social engineering and software to gain access to a victim's devices and accounts. Image: Shutterstock
ACCC Deputy Chair Catriona Lowe says the regulator is concerned that scammers are often draining entire bank accounts.
“The scammer will sound professional and offer to help resolve the problem, by instructing the victim to download well-known screen sharing software such as AnyDesk, Zoho or TeamViewer,” she says.
“Unfortunately, by doing so, the scammer can gain access to their bank accounts.”
The ACCC says consumers should never download software or apps if they are told to by someone over the phone, and should just hang up instead.
Individuals should also never share banking information, passwords or two-factor authentication codes with a third party.
The National Anti-Scam Centre said it had contacted companies making remote desktop software, as well as companies being impersonated by scammers, to alert them to the activity.
Choice said its survey found victims were often left feeling alone and carrying the burden of falling for a scam.
“After a scam is identified, the banks play an important role in helping to recover money and providing appropriate support,” said Choice Director of Campaigns, Rosie Thomas.
“However, our data shows that it’s a real roll of the dice as to how a scam victim is treated by their bank, and whether they get the support they need.
“Only half of our respondents said the bank helped try to recover the money and one third told us they didn’t get immediate action from their bank."
The 2024 federal budget, announced earlier in May, included further funding in the fight against scams, including for the enforcement of mandatory codes, a public awareness campaign, and the development of further legislation.