Remote Access Scams Collecting Payment via Gift Cards
Scammers who gain remote access to victims' computers instruct the victim to purchase gift cards as payment for fabricated repair services or to 'protect' funds during a fake security incident.
Part of: Remote Access Scams
Last reviewed: 1 June 2026
Remote access scams typically begin with a fake alert or unsolicited call that establishes technical credibility before the payment demand arrives. Once the scammer has remote access to a victim's computer, they can manufacture convincing evidence of an 'infection' or 'bank breach' — displaying command prompt outputs, antivirus alerts, or fake banking dashboards — to justify the payment demand.
Gift cards are collected at the end of this manipulation because they are fast, untraceable, and require the victim to physically purchase them. This physical step also gives the scammer time to ensure the remote access session has been productive before collecting their payment.
How this scam works on gift cards
A pop-up alert or cold call claims the victim's computer is infected with critical malware. The caller, posing as a Microsoft or antivirus technician, offers to connect remotely to 'fix' the problem. Once connected, they display fabricated threat reports and claim that the repair service costs a sum payable immediately via gift cards.
In banking variants, the scammer — while remotely connected — shows the victim a fake banking interface showing a large erroneous refund that 'accidentally' credited the victim's account. To return the funds and avoid criminal liability, the victim must purchase gift cards equivalent to the amount. The scammer actually manipulates the browser's developer tools to change displayed figures.
After cards are purchased and numbers shared, the scammer may continue the remote session to extract additional credentials or financial information before disconnecting.
Common red flags
- Remote technician demands gift card payment upon completing a remote session
- A banking error is shown on your screen that can only be corrected via gift cards
- Caller warns of criminal prosecution unless you pay via gift cards immediately
- Screen displays unusual activity that the caller pointed out and can apparently fix
- Specific gift card brands and denominations are named by the caller
- After cards are paid, the caller stays connected and asks for further information
How to protect yourself
- Never allow an unsolicited caller to connect remotely to your computer for any reason
- If you have already granted access, disconnect immediately by ending the remote session or turning off your device
- Gift cards are never a legitimate payment method for technical support services
- Change all passwords and contact your bank immediately after any unauthorised remote access
- Use your device's built-in security software rather than accepting remote diagnosis from cold callers
- Contact the gift card issuer immediately if you have purchased cards at a scammer's direction
How to report it
- Report remote access fraud to your national cybercrime authority
- Contact the gift card issuer's fraud line immediately with card numbers
- File a complaint with the FTC at reportfraud.ftc.gov
Frequently asked questions
The remote technician showed me evidence of 4,000 errors on my computer. Was it real?
Almost certainly not. The Windows Event Viewer, for example, always shows thousands of informational logs that look alarming to a non-technical user but indicate normal operation. Scammers exploit this to manufacture urgency. A genuine security professional would not interpret these as critical errors.