What To Do If a Family Member Gave Remote Access to Their Computer
Immediate steps to take if a relative was tricked into allowing remote access — securing the device, accounts, and finances quickly.
Last reviewed: 1 June 2026
Tech-support scams that trick people into granting remote access are among the most damaging scams affecting families. The scammer can view files, install software, access banking sessions, and change passwords — all within minutes. Acting quickly is the single most important thing you can do.
Immediate steps — do these first
Act fast, because a scammer may still be connected to the device or may have installed software that keeps working after they hang up. First, physically disconnect the device from the internet — turn off Wi-Fi or unplug the ethernet cable — which immediately cuts off the scammer's access regardless of what software they installed. Then, using a different, uncompromised device, change the passwords for anything the scammer could have seen or accessed during the session, starting with online banking and email, since email is often used to reset other account passwords. Call the bank directly to flag the account for potential fraud before doing anything else financial, even if no money appears to be missing yet.
- Disconnect the device from the internet immediately (turn off Wi-Fi or unplug the cable)
- Do NOT turn the device off yet — a running device can be assessed; some evidence may be lost on shutdown
- Call the bank to report potential fraud and put a hold on any transfers
- Change passwords for email and online banking from a DIFFERENT device
Assess what was accessed
Once the device is disconnected and urgent passwords are changed, work through what the scammer could actually have seen during their access. Check whether any browser tabs were open to banking, email, or shopping accounts during the session, since remote-access scammers often browse for exactly this. Look for newly installed programs, unfamiliar icons, or new browser extensions, which can indicate malware left behind to capture keystrokes or maintain access. If the relative can recall roughly what was on screen or what the scammer asked them to open or click during the call, that detail helps narrow down what needs checking or changing, so ask gently rather than pressing for a perfect account of a stressful event.
- Check which bank, email, and other accounts were open or recently used
- Look for any software that was installed during the session
- Check for any files that were opened or documents that were accessed
- Contact your bank for a full transaction review from the time of the incident
Restore and secure the device
Treat the device as compromised until it's been properly cleaned, and avoid using it for anything sensitive — banking, email, shopping — in the meantime. A full antivirus scan is a reasonable first step, but for real peace of mind after remote access was granted, a factory reset followed by reinstalling only trusted software is the most reliable way to remove anything the scammer left behind. Back up personal files like photos first, but scan the backup separately before restoring it, since malware can hide inside seemingly innocent files. Once the device is clean, install updated antivirus software and redo the password changes on the now-secure device to be certain nothing was missed the first time.
- Run a full security scan with reputable software before reconnecting to the internet
- Consider a professional reset if you are not confident the device is clean
- Enable two-factor authentication on all accounts after resetting passwords
- Set up a credit alert or temporary freeze if identity documents were visible
Conversation script
“You've done nothing wrong — this scam catches a lot of people. Let's sort it out together step by step.”
“The first thing we need to do is disconnect the internet so no one can still see what's on the screen.”
“Once we've done the urgent things, let's call the bank together — they deal with this regularly and know exactly what to do.”
Frequently asked questions
How do I know if software was installed during the remote session?
Check the device's recently installed programmes list (Settings > Apps on Windows or Finder > Applications on Mac, sorted by date). Look for unfamiliar names, remote-access tools (e.g. AnyDesk, TeamViewer installed without your knowledge), or new browser extensions. If in doubt, a professional IT assessment is the safest option.
Should I report this to the police?
Yes. Report to your national fraud and cybercrime service (Action Fraud in the UK, the FBI IC3 in the US). A crime reference number may be needed for your bank's fraud process and for any insurance claim.