Remote Access Scams Targeting Google Pay
How remote access scammers gain control of Android devices to initiate Google Pay transfers, enrol new payment methods, and drain linked bank accounts.
Part of: Remote Access Scams
Last reviewed: 1 June 2026
Remote access scams on Android devices specifically target Google Pay because the combination of device control and biometric authentication bypass allows attackers to initiate contactless payments and bank transfers directly from a compromised handset.
Android's open app ecosystem makes it more susceptible to sideloaded remote access tools than iOS, and Google Pay's deep integration with the Android operating system means device compromise translates directly to payment capability.
How this scam works on Google Pay
A victim receives a call from a fake bank or tech support agent claiming suspicious activity was detected on their Google Pay account. The agent walks them through installing a remote access app — typically downloaded outside the Play Store — to 'investigate' the suspicious activity.
Once remote access is established, the attacker disables the screen, navigates Google Pay, and initiates tap-to-pay transactions or adds a new card to drain a linked account. The victim remains on the phone, believing the agent is resolving the issue.
Some attacks use Google Pay's 'request money' feature to send payment requests while the victim believes they are approving a security verification, or exploit the screen-off remote access to authorise transactions using stored biometrics.
Common red flags
- Bank or Google support call requesting you install an app outside the Play Store for 'security'
- Caller asking you to enable screen sharing or remote access during a support call
- Google Pay notification for a payment you did not initiate while on a support call
- Request to 'verify' a Google Pay transaction by approving a biometric prompt
- Instruction to disable or cover your screen while the agent 'works' on your device
How to protect yourself
- Never install apps outside the Google Play Store at the request of a support caller
- Google and bank support never require remote access to resolve an account security issue
- Set a Google Pay spending limit and enable transaction notifications for all payments
- Use a separate device PIN rather than biometrics if you are on a suspicious call
- End any call that requests device access or asks you to install software
How to report it
- Report to Google Pay support via the in-app Help function
- Contact your bank's fraud line immediately if linked accounts were accessed
- Report to your national cybercrime authority with the remote access tool name and caller details
Frequently asked questions
Can Google Pay payments made during a remote access attack be reversed?
Contact Google Pay support and your bank immediately. Tap-to-pay transactions made via Google Pay may be disputable with the receiving merchant's bank as fraudulent card-not-present or unauthorised NFC transactions. Bank transfers initiated during device compromise should be reported as fraud to your bank for a recall attempt.