Real Remote IT Support vs Remote-Access Scam
How legitimate IT support using remote access tools works versus scammers who use them to steal money and data.
Last reviewed: 1 June 2026
Remote-access tools are a standard part of legitimate IT support, which is why remote-access scams are so effective. The difference lies not in the tool but in who initiates the contact and what happens once the session starts. Genuine IT support only happens when you contact a provider through official channels; scammers contact you first. Once connected, a legitimate technician fixes a specific, verifiable problem; a scammer navigates to your banking app, manufactures a crisis, and steers you into transferring money — while you watch and feel you are being helped.
Side-by-side comparison
| Real remote IT support | Remote-access scam | |
|---|---|---|
| Who initiates | You contact IT support via official, verified channels | They contact you first — via popup, call, or message |
| Remote tool | Uses a named, reputable remote-access product for a specific task | Urgently needs you to download remote access right now |
| Banking access | Never asks you to open banking or investment apps during a session | Asks you to log into banking 'to check for suspicious transactions' |
| Money movement | Does not instruct you to transfer money anywhere | Claims you've been 'overpaid' or need to move money to protect it |
| Duration | Session focused on the specific issue; ends when it is resolved | Extended session with escalating crises to keep you connected |
| Screen visibility | You can see everything the technician does and end the session any time | May blank your screen or obscure actions during the session |
| Payment | Payment via normal invoice or subscription — never gift cards | Demands gift cards, wire transfer, or crypto for 'repairs' |
Common red flags
- You were contacted first — unsolicited call, popup, or message
- Urgency to install remote-access software before you can think
- Technician navigates to your banking or investment app
- Claim that you were 'overpaid' and must transfer money back
- Screen goes blank during the session without your consent
- Payment by gift card, cryptocurrency, or wire transfer
- Threats that your device will be disabled if you end the session
Verification steps
- Only initiate remote-access sessions by contacting support via official, verified contact details
- Verify the technician's identity and the company they represent before granting access
- Monitor every action taken on screen and end the session immediately if banking apps are opened
- After any remote-access session, change your passwords from a different device as a precaution
- Check your bank statements and account activity in the days following any remote-access session
What not to do
- Don't grant remote access to anyone who contacts you first
- Don't allow a remote technician to access your banking or investment accounts
- Don't transfer money at a technician's instruction during a support session
- Don't pay for support services with gift cards or cryptocurrency
- Don't continue a session after seeing actions you didn't authorise
A safe response
End the remote session immediately by closing the application or powering off the device if needed. Change your passwords from a separate, clean device. Contact your bank if banking accounts were accessed, and report the incident to your national fraud authority. Real IT support will always let you end a session at any time without consequences.
Frequently asked questions
How do I end a remote session safely if I feel uncomfortable?
Close the remote-access application directly — look for it in your system tray or taskbar. If the screen is blank or you can't reach the application, hold the power button to force a shutdown. You will not damage your device by doing this.
My company's IT team uses remote access — is that different?
Yes. Company IT support operates through known, pre-arranged systems on work devices within a managed environment. Treat any remote-access request outside that established system with caution, even if the caller claims to be from your IT department.
What should I do after a suspected remote-access scam?
Disconnect from the internet, change all passwords from a different device, contact your bank to flag any exposed accounts, and run a security scan with reputable software. Report the incident to your national fraud authority.