Top of main content

How to avoid remote access takeover

Fraudsters may try to convince you to give them remote access to your computer and your online banking.

This is known as remote access takeover, or computer access takeover. If this happens, the criminals will be able to access all your files and see what you’re typing. They may even be able to turn on your webcam or microphone to spy on you.  

How does remote access takeover work?

With this type of scam, someone may call you out of the blue, claiming to be your bank, an internet or utility company, or even the police.

They’ll try to convince you to give them remote access to your computer. They may say they can help with something like a slow internet connection or fix a virus. The fraudsters may also ask you to download software, visit a specific website or follow instructions which give them control.

The scammers may offer a refund for your inconvenience. They’ll then try to persuade you to log on to online banking to check you've received the money. The scammer will still have remote access, meaning they can see everything you’re typing – including your online banking log on details.

They may also ask you for a code sent by the bank (from your Secure Key for HSBC customers) so they can ‘process the refund’. Handing this information over gives them everything they need to move money from your account.

In some cases, the scammers may move money between your accounts so it looks like they’ve sent too much. They’ll then convince you to send it back to them. In reality it’ll be your own money you’re ‘returning’ to them.

We'll never ask you to do any of this - and neither will the police or internet and utility companies.

How to stay safe from this type of scam

Here are some steps you can take to help make sure your money is secure:

  • Don’t give access to your computer to anyone you don’t know
  • Be careful how you share your personal information
  • If someone has remote access to your computer, don’t log on to online banking or anything else which could allow them to gain access to any passwords, security information or log on details
  • Don’t pass on security codes, Secure Key codes or one-time passcodes to anyone
  • Keep your anti-virus software up to date

Read our page on the latest scams for more on how you can help protect yourself from fraud. 

What to do if you’ve been the victim of a remote access scam

If you've given remote access to someone in this way, you should take these steps.

For laptops and desktop computers:

  1. Immediately switch off, preferably at the power source.
  2. Disconnect from the internet - for example, move out of range of your Wi-Fi router or unplug the internet cable.

For mobile phones:

  1. Disable or switch off the 3G, 4G or 5G signal on your phone.
  2. Move out of range of any Wi-Fi router.

This is the only way to stop them being able to connect so you can regain full control. A remote access connection will work over any available internet connection, so simply restarting or rebooting won't be enough to block fraudsters.

Once you're back in control, you must delete any remote access software that you’ve installed.