Better warn your loved ones against this app. There is another victim

Remote desktop applications save some people’s lives, destroy others’ lives

Originally, remote desktop applications were intended to allow technical support people to quickly fix a user’s fault. The consultant can see the entire contents of the desktop and, depending on the permission level, can also run applications or take over the computer completely for the duration of the repair.

Such great remote control over the equipment of a potential victim has gained great interest among criminals. This time it was a 76-year-old from Wrocław. He was having a conversation with a stranger who she “promised” him quick money related to investments. At the criminal’s instigation, the 76-year-old installed an application thanks to which the fraudster had access to all information on his device. He saw what he wrote and to whom, what websites he viewed, and learned his logins and passwords.

After some time, the injured party realized that he had been deceived lost over 100 thousand zloty.

What methods do fraudsters use?

The Wrocław police described the possible crime scenario quite precisely, with particular emphasis on repeated phrases. It is worth reading it carefully (original spelling):

• Fraudsters call their victims from the same number as the contact number provided on the bank’s official website. Remember, a criminal can impersonate any phone number! From that moment on, the perpetrators lull the vigilance of their interlocutors, because a bank employee calls from the correct telephone number with important information about the account.
• Caller he usually presents himself as an employee of a bank branch, who contacts you regarding an important matter regarding the security of your account and your savings. The scammer usually claims that the bank detected a suspicious transaction, therefore encourages cooperation to prevent theft. Criminals often ask for… checking “movements” on the bank account, stealthily obtaining information about the account balance and available funds. The perpetrators also encourage “in accordance with the bank’s regulations” an employee of the technical department scanned the device (phone or computer) for viruses. To do this, they want to connect with the victim through an application that, according to the fraudsters, must be installed. During the conversation they insist on installing the software, because “bank regulations require it”.
• They conduct the conversation in such a way that the person feels time pressure and there is no opportunity to reflect. The potential victim follows all the instructions requested by the criminal. In this way, the fraudster, with the help of the injured party, performs operations on the account. Thanks to the application, fraudsters know everything a person does on a smartphone or computer, and they also see the codes needed to authorize transactions. In this way, they are able to take control of the bank account and “clear” the account of available funds.

The above scenario is just one of many variants. Criminals can be exceptionally inventive and surprise their victims with unusual tricks. It probably makes the most sense to allow access to our computer only to people we know personally and know that they are trustworthy, such as an IT specialist from your company.