Scammers pretending to be broadband providers to gain personal identity information (PII) is nothing new. But now scammers are using this kind of attack to gain access to your PC and potentially steal card details or sensitive information.

The way this scam works is a supposed “representative” of your broadband provider will call up and tell you that they have noticed your speeds are slower than usual. They then ask if you can follow a link so they can speed up your connection. The link will take you to some form of remote access software like Anydesk or TeamViewer. Both of which are legitimate software used by IT professionals to provide support.

They will then take control of your PC or laptop and most likely make your screen black using a feature of the remote software. All whilst stealing as much information as possible. This could include email addresses, home addresses, saved passwords, and even bank details, depending on what you have saved on your device. It’s not just PII attackers are after, if you use your device to work from home they could access sensitive documents and potentially extort you by threatening to release them if you don’t pay up.

There is a lot of opportunity for other attacks once an attacker has access to your PC. They could install malware that allows them to control your pc without even needing the remote software. Or they could install keyloggers that monitor which keys you’re pressing thus gaining access to all of your passwords. The list goes on.

 

There are a few things you can do to minimise yourself from the risks of phone scams like these:

  • Tell the caller that the call is being recorded for security purposes; the majority of the time, if they are a scammer, they will just hang up.

  • Hang up on the caller and call back on the company official number from their website

  • Do not download any apps or programs that a potential scam caller tells you to.

  • Never give anyone PII or financial information over the phone without verification

  • Verify which company the caller is calling from, if it doesn’t match your provider you know it’s a scam.