Skip to main content
tech.org.au home

Guide

Remote access scams: when the caller wants into your computer

The whole scam rests on one moment: you installing a program because a stranger sounded official.

Updated 14 July 20267 min readBy AngusPart of Online safety tips

A remote access scam starts with a call or popup that sounds like help: this is Telstra, or the NBN, or Microsoft, and there is a problem with your computer or your internet that must be fixed right now. The fix always involves installing a remote control program so the helpful technician can take a look.

Once that program is running, a stranger is sitting at your computer. This guide covers how the script unfolds, the tells that give it away in the first minute, and the exact steps if someone did get in, because fast, ordered action limits the damage substantially.

How the script unfolds

The calls follow a pattern because they are read from one.

  1. The hook: an unsolicited call or a full-screen popup with a phone number. Your internet is compromised, your computer is sending errors, your account will be cut off today.
  2. The install: you are talked into installing legitimate remote control software, then reading out the code that lets the caller connect.
  3. The theatre: fake scans and system screens designed to look alarming while they build trust.
  4. The extraction: you are asked to log in to your bank to receive a refund or verify your account, while the person watching controls the screen. Sometimes the screen goes black for a moment. That is when the transfers happen.

The tells, in the first minute

You do not need to out-tech the caller. Any one of these ends the call.

  1. It is unsolicited. Telstra, the NBN company and Microsoft do not cold-call people about infections or errors. Ever.
  2. There is urgency: disconnection today, fines, an account about to be emptied.
  3. The fix requires remote control software you did not have this morning.
  4. You are asked to log in to banking, read out codes, or buy gift cards while connected.

Good to know

  • The remote control programs themselves are legitimate tools used by real IT support. The scam is not the software, it is the stranger on the other end of it.

If you are on the call right now

Hang up. You do not owe the caller a goodbye, and everything they said about consequences was theatre. If a popup claims your computer is locked, do not call the number on it; closing the browser, by force if needed, or restarting the computer clears it. If you are ever unsure whether a provider genuinely called, hang up and call the provider back on the number from their real website or your bill.

If they did get in: the ordered response

Act in this order, and use a different device, like your phone on mobile data, for the sensitive steps.

  1. Disconnect the computer from the internet: pull the network cable or turn off its wifi. That ends their session.
  2. From a DIFFERENT device, call your bank immediately if you logged in to banking, made a payment, or they saw your cards. Tell them a scammer had remote access.
  3. From that same clean device, change your email password first, then banking, and turn on two-factor authentication.
  4. Uninstall the remote access program, then have the computer properly checked before trusting it for banking again, because a scammer with control can leave more behind than the one program.
  5. Report to ReportCyber at cyber.gov.au and Scamwatch at scamwatch.gov.au, and if identity documents were visible, call IDCARE on 1800 595 160.

Why removal alone is not the end

A scammer with control of your computer could do more than run the visible program: save your passwords from the browser, install something extra, or note details for a later, better-informed call. That is why the passwords change from a clean device, why the machine deserves a proper check, and why our guide on checking who has access to your accounts is the right follow-up sweep once the dust settles. If money moved or details were taken, the recovery path is covered in recovering after a scam.

Frequently asked questions

What is a remote access scam?

A scam where a caller or popup poses as a trusted company, claims your computer or internet has a problem, and talks you into installing remote control software so they can fix it. Once connected they stage fake scans, then steal money or details, often while you are logged in to your bank. The software is legitimate; the stranger operating it is the scam.

Does Telstra or Microsoft ever call about problems with my computer?

No. Telstra, the NBN company and Microsoft do not cold-call customers about infections, errors or compromised connections. An unsolicited call claiming any of that is a scam regardless of how much the caller seems to know, and hanging up is the correct response every time.

I let a scammer into my computer. What do I do first?

Disconnect that computer from the internet immediately: pull the cable or kill its wifi. That ends their access. Then, from a different device, call your bank if banking was involved, change your email password, turn on two-factor authentication, and work through the rest of the ordered response. Speed matters most for the bank call.

Is it safe to use my computer after a remote access scam?

Not for banking, until it has been properly checked. Someone with full control can leave more behind than the visible remote program: saved-password theft, extra software, or changed settings. Uninstall the remote tool, get the machine reviewed by someone competent, and do all password changes from a clean device in the meantime.

Can the scammer get back in after I disconnect?

Not through the ended session, but possibly through anything they installed or any password they captured, which is exactly why the follow-up matters: change passwords from a clean device, check email forwarding rules and account access, and have the computer checked before trusting it again.

My screen went black while the technician was connected. Why?

Blanking the screen is a feature of remote control software, and scammers use it to hide what they are doing, typically moving money or changing settings, while you wait. If that happened, treat it as confirmation the session was hostile: disconnect, call your bank from another device, and work the full response list.

More in the online safety tips hub

Get one useful tech tip a week

Plain-language guides and the occasional scam warning, sent when it matters. No spam, unsubscribe anytime.

Prefer to just ask? [email protected] or use the contact form.

Join the newsletter