What is a refund scam?
A refund scam is a fraud where criminals impersonate customer service or a utility company and claim you are owed a refund, then trick you into transferring money to them or giving them remote access to your device.
Last reviewed: 10 June 2026
Explanation
The caller claims to represent a company you may genuinely use — an internet provider, software company, bank, or government agency — and tells you that you have been overcharged or are owed a refund. To process it, they ask you to install remote-access software (such as AnyDesk or TeamViewer) so they can 'connect to your bank account'.
Once connected, they may show you a fake transaction screen that appears to credit you with a large sum — say £5,000 instead of the £50 you were supposedly owed. They then claim the 'error' must be corrected immediately by transferring the excess back using gift cards, bank transfer, or cryptocurrency. In reality, they may have hidden your real balance or used browser developer tools to alter displayed figures.
Variants include fake overpayment emails saying you bought something you did not and should immediately claim a refund by clicking a link, which leads to credential theft. Another variant involves tech-support scammers pivoting to a refund angle after gaining remote access under a different pretext.
Legitimate companies never need remote access to your device to process a refund, and they never ask you to 'send back' overpaid money via gift cards.
Common red flags
- An unsolicited call or email claiming you are owed a refund from a company you use
- A request to install remote-access software to 'process' the refund
- A displayed balance that appears far higher than expected — the 'accidental overpayment' trick
- Being asked to send money via gift cards, wire transfer, or crypto to 'correct' an overpayment
- Urgency — the refund 'expires' if not claimed immediately
- The caller becomes aggressive or threatening if you hesitate
What to do now
- Hang up and do not install any software — legitimate refunds never require remote access
- Call the company directly using a number from their official website, not one the caller provided
- If you already installed remote-access software, disconnect from the internet and run a security scan
- If money was transferred, contact your bank immediately to attempt a recall
- Report the call to Action Fraud (UK), FTC (US), or your national authority
Frequently asked questions
How do scammers make the fake refund look real on my screen?
With remote access they can open your bank's website or use browser developer tools to edit the displayed text on a webpage. They may also show you a pre-made fake website that mimics your bank. The actual balance in your bank is never changed.
Why do they ask for gift cards specifically?
Gift card codes are irreversible, anonymous, and can be quickly liquidated. Unlike bank transfers, there is no chargeback mechanism and no way to trace where the value ends up. This is a near-universal red flag for any type of scam.