I gave a scammer remote access to my computer — what should I do?
Disconnect from the internet immediately, then run antivirus software, change all passwords from a different device, and check your bank accounts for unauthorized activity.
Last reviewed: 10 June 2026
Explanation
Remote access scams typically start as fake tech-support calls — someone claiming to be from Microsoft, Apple, your internet provider, or an antivirus company tells you your device has a problem and asks you to install software like AnyDesk, TeamViewer, or Quick Assist. Once you grant access, they can see everything on your screen, install malware, and harvest your saved passwords, financial data, and personal documents.
The first thing to do is cut the connection: unplug the ethernet cable or turn off WiFi on the affected computer. Then end the remote session through your operating system's task manager or by closing the remote access application. Do not simply close the chat window — make sure the remote software itself is fully terminated.
From a separate, clean device (phone, tablet, or another computer), change the passwords for your email, online banking, and any other accounts whose credentials were stored or visible on the compromised machine. Enable two-factor authentication wherever possible. If you suspect the scammer installed malware, run a full scan with reputable antivirus software (Windows Defender is built into Windows and adequate for initial detection). Consider having a professional technician inspect the machine before using it for sensitive tasks again.
Check your bank accounts and credit card statements for unauthorized charges. If you see any, contact your bank immediately. Call your bank's fraud line even if you don't see charges yet — proactively flag the account. Report the incident to the FTC at ReportFraud.ftc.gov and to your state attorney general.
Common red flags
- Unsolicited call claiming your computer is infected or sending error signals
- Pop-up warning with a phone number telling you to call immediately
- Caller asks you to install AnyDesk, TeamViewer, Quick Assist, or similar tools
- Agent navigates to your bank account 'to verify' the problem
- Caller shows you 'evidence' of infection using Windows Event Viewer entries
- Request to buy gift cards or wire money to 'pay for the repair service'
What to do now
- Disconnect the computer from the internet immediately
- End the remote access session and uninstall the remote software
- From a different device, change passwords for email, banking, and other accounts
- Run a full antivirus scan on the affected computer
- Call your bank to flag the account for potential fraud
- Check all financial accounts for unauthorized activity
- Report to the FTC at ReportFraud.ftc.gov
Frequently asked questions
Can the scammer still access my computer after I disconnected?
Not through the remote session itself, but if they installed persistent malware, they may have a backdoor. Run antivirus software and consider a professional inspection. Reinstalling the operating system is the safest option for a high-risk compromise.
Did the scammer steal my saved passwords?
Possibly — scammers often open browser settings to export saved passwords while they have access. Change all important passwords from a different device as a precaution, especially email and banking.