skip to navigationskip to main content

Action Fraud warns of remote access scams

Posted 12/09/2023

Action Fraud is the national reporting centre for fraud and cybercrime. It collects reports about fraud on behalf of the police in England, Wales and Northern Ireland.

Action Fraud has received over 30 crime reports since June 2023 relating to remote access scams targeting businesses, with victims reporting losses totalling over £3.8 million.

Based on analysis of crime reports by the National Fraud Intelligence Bureau, Action Fraud advises that scammers will generally use the following tactic to target businesses:

  • Contact the victim claiming to be a representative from their bank or from a financial services vendor used by the victim’s business.
  • Convince the victim to install a piece of software that enables remote access to their computer, claiming that it is required to install an important software update.
  • At some point during the call, the victim is instructed to login to their online banking account. Once the victim has done this, the remote access software is used to blur the victim’s screen whilst the scammer makes fraudulent transactions from the victim’s account without their knowledge.
  • The victim is also asked to read out a series of numbers the scammer claims they have sent to the victim’s mobile. In reality, the numbers are a one-time verification code from the victim’s bank which, if shared with the scammer, will allow them to transfer money out of the victim’s bank account.

Some victims reported a slightly different account of how the scam was perpetrated. However, the goal of the scammers usually remains the same – to convince victims to login to their online banking account whilst the scammer has remote access to their computer.

To protect against remote access scams, conduct your business in line with the following advice:

  • Never install any remote access software on your device as a result of an unsolicited call, browser pop up, or text message. Your bank will never ask you to grant them remote access to your computer or smartphone.
  • Do not share with anyone, not even bank employees, the one-time verification codes sent to you by your bank to authorise transactions on your account.
  • If you receive a suspicious call from someone claiming to be from your bank, hang up, wait a few minutes, then call your bank using the contact number on the back of your debit card, or use the contact information on their official website or app.
  • If your business has fallen victim to fraud or cyber-crime, report it to Action Fraud online or by calling 0300 123 2040. If you are a business, charity or other organisation which is currently suffering a live cyber-attack (in progress), please call 0300 123 2040 immediately.

To access the online form & for further information, please see

For further updates, please follow us at:

Linked In


Subscribe to our newsletter

Our monthly newsletter contains a round up of the latest tax news and updates of what's happening at Hammond McNulty

As a subscriber you will automatically receive our newsletter direct to your inbox

Please read our Privacy Policy before signing up