It was around midday when the call came through on Catherine* and her husband Peter's* landline at their Sydney home earlier this month.
Catherine answered the phone and was greeted by a man who told her he was from the NBN (National Broadband Network).
It was the beginning of a seven-hour ordeal for the elderly couple – both aged in their 70s – which left them $5000 poorer and questioning who they can trust.
"It's very embarrassing, particularly when you normally pick these things and this was such a bizarre kind of experience," Peter told 9news.com.au.
READ MORE: Icy polar blast to sweep Australia as winter looms
The man on the phone told Catherine there were NBN engineers in the area and a virus had been detected on both their home laptop and Catherine's mobile phone.
"He said there was an engineer on his way, he was just up the road. He has been held up, but would be there soon," Peter said.
"He talked quite a bit about the NBN office in Mount Street, North Sydney and how they worked out of there.
"There was that sort of chat, it seemed to make it more convincing."
Peter was out at the time the first call came through.
The man convinced Catherine to download a free remote access software called TeamViewer onto the laptop.
After several calls over a few hours the man eventually hung up, Peter said.
Then, Catherine began to feel uneasy about the software and deleted it, he said.
"She got rid of it but the same fellow called back again."
READ MORE: Police reveal two key theories behind Aussie mum's shock disappearance in Mexico
By this time, Peter was home and the man asked him to download the same app onto his phone.
While he was speaking to the man, Peter said he searched the name of the app online and it seemed legitimate.
TeamViewer is a free, remote access software used globally.
On its website, the company says it is aware of circumstances where scammers have used its software to gain access to victims' devices.
"We advise TeamViewer users to be careful with unsolicited phone calls and to not grant access to your devices (e.g. PC or mobile) to anyone you do not know or trust," it says.
After downloading the software on his phone, Peter said the man spent several more hours on the phone with him as he 'troubleshooted' various problems.
"We were thinking it must be fair dinkum, otherwise why would he have been spending so much time on this," he said.
Finally, the man announced the viruses had been found, but "the lines" needed to be repaired.
"This sounds so stupid now, telling it later," Peter said.
"We were told there was going to be radiation in the computer."
"They said, 'We want you to move away from there into another room. Just turn on your TV set and tell us if you see any red or blue spots over the screen.'"
"So off we went and did that."
The man told Catherine and Peter not to go near the laptop or their mobile phones until later the next morning, when they would call them again.
However, when Peter woke the next morning he said he decided to check his email anyway.
That's when he discovered multiple emails from the Commonwealth Bank alerting them to the possible fraudulent activity relating to their account.
The scammer had managed to access the couple's bank account online, changing their withdrawal limit from $2,000 to $20,000.
Two transactions had gone through, one to withdraw $45 and another to withdraw $5000.
A third transaction, of $15,000, was stopped by the bank.
Peter said he was informed by the Commonwealth Bank they were unlikely to have the first two transactions refunded as staff had been unable to trace the recipient.
A spokesperson for the Commonwealth Bank told 9news.com.au they could not comment on individual cases for privacy reasons.
"We are always very concerned when we are made of aware of frauds and scams affecting customers and the wider community," the spokesperson said.
"Where a customer has been scammed we will work tirelessly with the relevant parties to attempt to recover any remaining funds for them."
Peter said falling prey to the scam had been a stressful experience that had left both him and his wife shaken.
"There is a feeling of violation. I know we both felt like the stuffing had been absolutely knocked out of us."
Remote access scams on the rise
Remote access scams, particularly those involving requests for victims to download the software TeamViewer, have been around for several years.
NSW Police issued a warning about use of the software in scams back in 2019.
"These types of scams are becoming more frequent as scammers take advantage of new technology, products and services to convince the community to provide their personal information," Cybercrime Squad commander, detective superintendent Matt Craft said at the time.
However, remote access scams are still becoming more common.
According to the Australian Competition and Consumer Commission's Scamwatch, $8.6 million has been lost to remote access crimes so far this year.
The amount of money pilfered through remote access crimes has more than tripled over the past three years, going from $4.8 million in 2019 to $16.4 million in 2021.
How to avoid a scam
Here are some of Scamwatch's top tips to make sure you don't become the next victim:
-
Do not open suspicious texts, pop-up windows or click on links or attachments in emails – delete them: If unsure, verify the identity of the contact through an independent source such as a phone book or online search. Don't use the contact details provided in the message sent to you.
-
Don't respond to phone calls about your computer asking for remote access – hang up – even if they mention a well-known company such as Telstra. Scammers will often ask you to turn on your computer to fix a problem or install a free upgrade, which is actually a virus which will give them your passwords and personal details.
-
Keep your mobile devices and computers secure. Always use password protection, don't share access with others (including remotely), update security software and back up content. Protect your WiFi network with a password and avoid using public computers or WiFi hotspots to access online banking or provide personal information.
-
Choose your passwords carefully. Choose passwords that would be difficult for others to guess and update them regularly. A strong password should include a mix of upper and lower case letters, numbers and symbols. Don't use the same password for every account/profile, and don't share your passwords with anyone.
-
Be wary of unusual payment requests. Scammers will often ask you to use an unusual payment method, including preloaded debit cards, gift cards, iTunes cards or virtual currency such as Bitcoin.
*Names have been changed for privacy reasons