Remote Access Scams Draining Accounts via Wire Transfer
Fraudsters with remote desktop access to victims' computers initiate wire transfers directly from banking portals, bypassing the need to convince the victim to pay manually.
Part of: Remote Access Scams
Last reviewed: 1 June 2026
Remote access wire transfer fraud is a severe escalation of the standard tech support scam because the payment step does not require victim cooperation. Once a scammer has remote control of a computer where an online banking session is open or can be initiated, they can execute wire transfers autonomously — or instruct a victim watching their own screen to approve transfers they believe are necessary to 'protect' their funds.
This variant produces the largest financial losses of any remote access fraud because the sums are limited only by the victim's account balance and the bank's per-transaction wire limits.
How this scam works on wire transfer
A scammer — posing as bank fraud support — calls a victim claiming their account is under attack. They persuade the victim to install a remote access tool to allow the 'fraud team' to investigate. With access established, the scammer opens the victim's banking portal and initiates a wire transfer to a mule account abroad, claiming the action is moving funds to a 'secure holding account.'
In cases where the victim is physically watching the remote session, the scammer explains each action as a protective measure. The victim, believing they are cooperating with their bank's fraud team, authorises multi-factor authentication codes that complete the transfer.
Some victims are targeted repeatedly: after the initial wire, the scammer contacts them days later from a 'recovery department,' offering to retrieve the lost funds — for another fee.
Common red flags
- Inbound call claiming to be your bank's fraud team asks you to install remote access software
- Technician initiates transactions on your screen while explaining they are 'securing' your account
- You are asked to read aloud or enter authentication codes sent by your bank during the remote session
- Caller claims your money must be moved to a temporary safe account via wire
- You feel watched and directed rather than in control of your own device
- A follow-up call from a 'recovery service' offers to return money for an advance fee
How to protect yourself
- Your bank's fraud team will never ask you to install remote access software — this is always a scam
- Never authorise wire transfers or read out authentication codes during an unsolicited call
- If you have given remote access, disconnect immediately and call your bank on the number on your card
- Change all banking passwords from a separate, uncompromised device after any remote access incident
- Contact your bank for an emergency account freeze if remote access may have exposed your credentials
- Report to your national cybercrime authority as this constitutes computer fraud and bank fraud
How to report it
- Call your bank's fraud line immediately — wire recall is time-sensitive and must be initiated within hours
- Report to your national cybercrime authority (FBI IC3, Action Fraud, etc.)
- Report the remote access software used (AnyDesk, TeamViewer) to the platform's abuse team
Frequently asked questions
Can my bank recover money wired by a scammer through remote access?
Wire recall is possible if initiated quickly — typically within a few hours. Contact your bank immediately to request a SWIFT recall. Success depends on how quickly the receiving bank moves the funds. File a police report in parallel as some banks require this before initiating the recall process.