Scammers posing as IT departments, telecoms providers and banks are tricking victims into relinquishing control of their devices to hack into their accounts and steal sensitive data.
AnyDesk is a software tool meant for remote support. You need to share the password displayed on your screen to the customer service representative. Your CS can then access your device as if you have given it for service and repair. Now, how can that be harmful? AnyDesk is a remote desktop client software. That works seamlessly with any Mac OS computer running Apple’s/’ latest operating system or older versions. Our range of features is continuously updated. It is a small but perfectly formed, the AnyDesk remote desktop for Mac is fast to download and easy to install. Is Anydesk Safe? Yes, it is safe. AnyDesk has a variety of security features that ensure that your remote access connections are always encrypted and safe. However, there may be a time when you need to revoke permissions from once trusted devices or secure your account further by changing your password.
One of the worst cases we came across resulted in a Which? member losing £80,000 after a ‘BT engineer’ phoned about service problems in the area. Her bank eventually agreed to refund the money but other victims of remote access fraud have been told their banks will not cover losses if they give access to their devices.
AnyDesk offers a high level of security by default through encryption. We prevent unauthorized access to connections with TLS 1.2 technology, which is also used in online banking. We encrypt every connection with asymmetric RSA 2048 key exchange. All connections offer Perfect Forward Secrecy thanks to Diffie-Hellman Ephemeral Handshake (DHE). Since AnyDesk is legitimate software, and the victims downloaded it directly from the developer’s website, there was no reason to suspect foul play.
Impersonation fraud shot up by 84% in the first half of 2020, with almost 15,000 reports and £58m lost, according to UK Finance. At a more granular level, Action Fraud says that it has received 14,893 ‘computer software service fraud’ reports between October 2019 and September 2020, with reported losses reaching around £16.5 million over that period.
Yet the use of remote access software is not very well known – our survey of the general public in September 2020 found that four in 10 people have never heard of it, even though we had explained how these tools are misused by scammers to gain access to devices.
What is remote access software?
Remote access software enables you to use one device to access another from any location by downloading a smartphone app or installing a program on your computer. A simple passcode will then connect the two devices.
Anydesk Safety
Although many legitimate businesses use this technology, including the Which? Tech Support team, criminals also use it for nefarious purposes.
Typically, you get a phone call from someone claiming to be from a known company (commonly impersonated firms include Amazon, BT and Microsoft), in which they try to convince you to grant them access to your device, claiming they will fix a spurious problem.
Action Fraud recently reported that an Amazon Prime scam involving remote access software has cost victims over £400,000 in two months.
Other scammers are sneakier still, directing you to websites where clicking on the various brand names downloads the software, although they would still need you to enter a code to connect to your device.
Once they have access, they may put up a fake screen and work in the background to download other software or steal passwords and other personal data.
Based on reports to Which?, TeamViewer is the brand of remote access software reported as being misused by scammers most often, although others include AnyDesk, LogMeIn and GoToAssist.
- Find out more:on the phone to tech support scammers – we allowed an alleged scam support company access to our PC to learn how they persuade victims about made-up computer problems
Revolut remote access scam
As we reported in September, multiple Revolut customers were recently scammed after a fake Google advert resurfaced.
All of them phoned the customer service number provided and were connected to scammers posing as Revolut staff before being tricked into downloading remote access software in the belief that they were talking to the e-money firm.
Since May, Which? has been contacted by 17 victims of this specific scam. We’re concerned that Revolut was slow to give these victims a final response about reimbursement – many told us they felt like they were left hanging via the app chat and several were repeatedly asked for information they had already provided.
Though Revolut has been aware of the Google scam ad since at least March 2020 – when Which? first reported it – its customer service agents sometimes failed to offer even basic fraud advice such as telling victims to remove the remote access tools from their devices.
Revolut reimbursement lottery
Also troubling is the seemingly random approach to Revolut’s decision making.
While Revolut has reimbursed at least three victims that we are aware of, others have been told they will not be refunded.
One was told by a chat adviser ‘we have concluded that your decision to give the alleged fraudsters remote access to your device means that your request falls into a category in which we cannot assist and therefore we will be unable to refund you’.
In some cases, scammers sent fake emails that appeared to come from Revolut. A genuine chat adviser admitted to one victim that “the only reason why I would question these emails is because I am an engineer in electronics”.
The victim is understandably upset that Revolut will not refund her despite acknowledging that it would require technical expertise that can’t be expected of a normal customer to avoid being scammed in this way.
Another was given no specifics and was simply told in the bank’s formal response that it would not refund the £12,000 fraud losses because ‘after our agents from the relevant team analyzed your case, it seems like they could not find a way to further assist you with this.’
We asked Revolut to explain why victims of the same scam are being treated differently. It told us: ‘Revolut takes the protection of all our customers extremely seriously and does all it can to support victims of fraud. We thoroughly investigate all customer claims relating to fraud on their account and all decisions are taken on a case by case basis.’
‘While we can’t comment on the details of specific and ongoing financial crime investigations, when fraud happens we support customers in trying to recover misappropriated funds and provide guidance on how to proceed in line with best practice.’
- Find out more:how to get your money back after a scam
How ‘BT’ scammers stole £80,000
Claire (not her real name) had no reason to suspect foul play when BT called about her slow internet speeds. She had been having issues and was happy to follow instructions when the caller said checks needed to be carried out on her PC.
The caller directed her to what appeared to be error messages that ‘proved’ there had been a security breach (this may have been the Windows Event Viewer program which is used to view Windows logs related to normal activity, but could easily alarm someone who is unfamiliar with these logs).
She agreed to download TeamViewer – she was told this was to clean her system and install a new firewall – and was asked to log into various retail and online bank accounts to check all her monies were as they should be.
Having no idea that the scammers could see everything she was doing, she logged on to her First Direct and Nationwide bank accounts. They later moved money from her Nationwide savings account into her current account before transferring £75,000 to First Direct – the payments were made in eight transfers, all labelled ‘flights’.
As her First Direct account was an existing payee, there were no additional security checks as there would be for a new payee. Next, the scammers moved £80,000 from First Direct to various external accounts in their control. She was tricked into giving the scammers security codes generated from her Secure Key, in the belief that they were setting up a new security system and testing the effectiveness of the firewall.
What action did the banks take?
First Direct says it raised a security alert over the phone but was unable to speak to her for verification – her phone line was jammed by the scammers – and allowed the transfers anyway.
Both Nationwide and First Direct told Claire they wouldn’t reimburse her because she had granted access to her online bank accounts. When Which? approached the two banks about the case, Nationwide recognised that she didn’t authorise the payments to her First Direct account and refunded the £75,000 back to her current account.
Although First Direct had recovered two payments, it maintained its original position, refusing to reimburse the rest on grounds of gross negligence – because she failed to take all reasonable steps to keep her security credentials safe.
We don’t believe giving remote access to a device automatically amounts to gross negligence. We advise victims to involve law enforcement and escalate their complaints to the Financial Ombudsman Service if their banks refuse to reimburse them.
- Follow our step-by-step guide on how to take your complaint to the Financial Ombudsman Service.
Who can stop remote access scams?
While customers are urged to ‘Take Five’ to avoid scams, putting a stop to any kind of fraud requires joined-up thinking – in this case from software providers, banks and the authorities.
Misuse of remote access programs gives grounds for account termination and providers say they monitor accounts for unlawful activity, working with authorities to report abuse.
- TeamViewer told Which?: ‘Stopping fraudulent activity remains a high priority for TeamViewer, and we strongly condemn any criminal activity perpetrated by bad actors on the platform. Privacy and security are central to our business, and we look into every single case that is reported, updating countermeasures accordingly and working diligently to keep our users and customers safe.’
- A LogMeIn spokesperson said: ‘We take scammers very seriously. Use of any of our products for nefarious or illegal purposes violates our terms and is immediate grounds for account termination. To protect consumers, we conduct both proactive and reactive approaches – including monitoring accounts for unlawful use, cancelling accounts that partake in these activities, employing session limitations on trial accounts, and adding friction to our registration page to reduce re-trialling once banned. We also work with proper authorities to report the abuse.’
- AnyDesk told us: ‘We have established concrete steps to protect our users from scams, e.g. we’ve installed a scam warning into the app, telling users to be cautious with whom they share their AnyDesk logins and we are constantly reminding our users not to share their AnyDesk logins with unknown people. Nevertheless, users have to be wary and increasingly vigilant about the data they’re sharing with unknown individuals.’
Jenny Ross, Which? Money Editor, said: ‘Millions of pounds are lost to computer takeover scams every year, with potentially devastating consequences for victims who lose life-changing sums of money to these callous fraudsters.
‘Which? is calling on banks to reimburse all blameless customers who fall victim to these scams and for the government to introduce legislation to ensure a new statutory code of practice can be created, which would include clear standards and protections for victims.’
What to do if you’ve given a scammer remote access to your device
First and foremost, take back control of your device – if you can still see your screen, there should be a disconnect button enabling you to end the session but as a precaution, turn off wifi at the router or unplug the network cable to fully disconnect from any external connection.
Tell your banks immediately if there is a chance they have been compromised and report the crime to Action Fraud.
Once your device has been switched back on, you can remove the software (check for recently installed programs/downloads) and any other apps that may have been installed by the scammer while they had remote access.
You should reset all passwords for online accounts (current accounts, savings, email etc) and enable two-factor authentication where possible.
If you have security software, ensure it has all new and recent updates – then run a full security scan. To be extra safe, you may want to do a factory reset of your device, or ask an IT expert to confirm the device is safe to reuse.
- Find out more:tech-support scams
This report can help you determine if Anydesk.com is a legit website.
Last updated 1 month ago.
Potentially Safe
The site has a good online reputation.
Read the report below
Check Anydesk.com trusworthiness on WOT (Web of Trust):
This site has a good (66/100) trustworthiness score.
Web of Trust is a web service used by millions of Internet users to rank the safety of websites.
I would personally not trust a website that has a low trustworthiness on WOT.
You can find the following links useful to improve WOT reputation:
Check if Anydesk.com is classified as malware on Safe Browsing:
This site is not currently listed as suspicious.
Anydesk Safety
Google Safe Browsing is a service created by Google Inc. to identify malicious websites.
If the site is detected by Safe Browsing I would personally not visit it.
Check Anydesk.com through multiple third-party security services.
This should help you to better identify scam, phishing and malware websites.
If the site is detected by at least one engine it may be a threat.
What Is Anydesk
Engine | Result | Details |
---|---|---|
Avira | Not Found | Read more |
Badbitcoin | Not Found | Read more |
BitDefender | Not Found | Read more |
Spam404 | Not Found | Read more |
SpamhausDBL | Not Found | Read more |
SURBL | Not Found | Read more |
ThreatLog | Not Found | Read more |
Check Anydesk.com domain with our database of 'scam' words:
No suspicious words found in the domain name.
A legit shopping website should not use a branded name (i.e. rayban) in the domain name.
Only the original manufacturer (i.e. RayBan) should use its brand name in the domain name.
This option should help identify potentially fake online shopping sites.
Check if Anydesk.com uses a valid HTTPS secure connection:
This site uses an HTTPS secure connection.
Issued From | DigiCert Inc |
Valid To | August 9, 2022, 2:00 pm |
An HTTPS secure (encrypted) connection is recommended for online shops and e-commerce websites.
So when you submit sensitive information they are securely transmitted over HTTPS.
I would never enter my credit card details in a non-HTTPS website.
Check if Anydesk.com is popular among Internet users:
This site has a very good online popularity.
Anydesk.com is ranked #1,389 among millions of websites according to Alexa rank.
An Alexa rank higher than 0 and less than 500,000 means the site has a good amount of traffic.
The more Alexa rank is low (but > 0) the more the website is popular.
Check when Anydesk.com domain name was first registered:
The domain name was registered 17 years ago.
A domain created less than 3 months ago is considered new and thus potentially suspicious.
We may not have enough details to judge a website created only a few months ago.
Anydesk Safe
Pay attention if you plan to buy goods from a 'young' e-commerce website.
Check if the domain name has a commonly abused TLD:
The domain name has a commonly used TLD.
I would not buy goods from a domain that ends with .XYZ or .CLUB or .TOP.
We check the domain extension (TLD) to see if it is related to commonly abused TLDs.
Many scam websites have domains that end with uncommon and cheap TLDs.
This additional check should help you make the right choice.
IP Address | 65.9.83.94 |
Hostname | |
Hosting Provider | Amazon CloudFront |
Country | (US) United States |
Before buy something from a new site:
Is Anydesk Safe To Use In Laptop
- 1) Check if the site has a 'contact us' web page
- 2) Avoid online shops that use free email providers (i.e hotmail, gmail)
- 3) Check if the site shows info about its company (name, address, country)
- 4) Check if the site has an 'about us' or 'company' web page
- 5) Check if the site has a valid VAT or Partita IVA number (EU only)
- 6) Don't be fooled by low prices, if it looks too good to be true, pay attention
- 7) Check if the site has a social profile (Facebook, Twitter, Instagram)
- 8) Try to always first contact the website owner via email
- 9) Analyze the domain WHOIS data to find info about the site owner
- 10) Look for possible English (or other language) grammar errors
- 11) Do not pay via credit-card, use PayPal instead (easier to get refunds)
- 12) Verify that the website is certified by McAfee SECURE
- 13) Never enter sensitive information on non-HTTPS pages
Please write useful comments by including proofs:
Please enable JavaScript to view the comments powered by Disqus.