Remote access tools open many doors to criminals
Remote access tools (aka remote desktop software) allows the computer or software on it to be run remotely. This feature was created to facilitate administration and technical support. And many companies still use these tools.
However, criminals employ outright malicious software with similar functions. These Remote Access Trojans (aka RATs) are powerful tools for getting access to personal information and maintaining remote access to our devices.
Here are some examples of what criminals can do with remote access tools:
- Record your keystrokes to get your passwords and login credentials
- Take screenshots, collect browser history and other data
- Delete files and change settings
- Download and install other malware that can further invade your privacy
Tricking you into installing remote access tools
Criminals spread Remote Access Trojans as spam email attachments, hidden behind links, or as Trojan viruses within downloadable files and torrents. But because antivirus software protects you against malware such as RATs, criminals sometimes have to trick you into installing their tools despite warnings.
But as said earlier, not all remote access tools are malware. Because they don’t trigger any warnings, legitimate remote access tools, such as AnyDesk or TeamViewer are very handy for criminals. Especially to those who try to get direct access to your bank account. They may call you directly on the phone and ask you to download a remote access tool that is technically not malware.
To get you to install a remote access tool, these so-called helpdesk scams make use of social engineering. In other words, tricking and manipulating you. Helpdesk scams are also referred to as vishing, coming from the words “voice” and “phishing”.
A helpdesk scam often goes like this
You get a call from someone claiming to be from your bank or some other trustable party.
They tell you there’s a problem with your account. For example, there has been a non-authorized money transfer. Basically, the context can be anything. They just want you to open your online bank.
They might then transfer the call to some alleged supervisor or technical support to make the issue seem more serious.
The scammer asks you to install a remote access tool, so that they can fix the problem. At this point, your antivirus may warn you against installing it, but the scammers convince you it’s a false alarm.
With this remote access tool, the scammer makes it look like there really is some problem with your online bank. They can display forged bank sites and windows or alter what your computer or browser displays to you.
Finally, they ask you to fix the problem they contacted you about by transferring money to some account.
F-Secure Banking protection interrupts helpdesk scammers
Did you know that F-Secure Banking protection for Windows blocks criminals from using the most common remote access tools to view what you do in your online bank? When you are using an online bank, banking protection prevents the tools from viewing what you do there. It also shows you a warning that somebody is possibly trying to scam you.