๐Ÿ’ป

I Installed Remote Access

8 minute read

What to do after AnyDesk, TeamViewer, browser remote support, or a fake tech support session.

First moves

Do these before the deep dive

  1. If someone is still connected, disconnect from the internet or power the device off.
  2. Change important passwords from a different clean device.
  3. Call your bank or payment provider if money, cards, banking, or payment apps were visible.
  4. Write down the remote access app name, phone number, website, and anything they told you to do.
Words to use

Steal this sentence

Someone may have remotely accessed my device. I need to check for unauthorized transactions and secure my account.

Remote access scams feel especially invasive because someone was inside your screen. Take this one step at a time. The priority is to stop access, protect money and accounts, then clean the device.

Stop The Connection

If the person may still be connected:

  1. Turn off Wi-Fi, unplug Ethernet, or power the device off.
  2. Do not keep chatting with them.
  3. Do not let them guide you through โ€œfixingโ€ anything.

If you are not sure whether they are still connected, disconnect anyway. You can deal with cleanup after the device is offline.

Protect Money First

Use a different device if you can.

Call your bank, credit card company, payment app, or brokerage if:

  • They saw your banking screen.
  • You typed a password while they were connected.
  • They asked you to move money.
  • They asked for gift cards, wire transfers, cryptocurrency, Zelle, Cash App, Venmo, or PayPal.
  • They installed software and then asked you to log into financial accounts.

Use the number on your card, statement, or official app. Do not use a number the caller gave you.

Ask whether they can add extra verification, replace cards, stop pending transactions, or flag the account.

Change Passwords From A Clean Device

Do not change passwords on the computer they controlled until you know it is clean.

Start with:

  1. Email.
  2. Bank, cards, payment apps, crypto, and brokerage accounts.
  3. Apple ID, Google, Microsoft, and phone carrier.
  4. Password manager.
  5. Work, health, government, and shopping accounts.

Turn on two-factor authentication where you can.

Preserve The Basics

Write down:

  • The remote access app name.
  • The website they sent you to.
  • The phone number, email, or chat handle they used.
  • What they asked you to install.
  • What accounts you opened while they were connected.
  • What money moved, if any.

Screenshots are helpful, but do not reconnect with the scammer to get them.

Clean The Device

When you are ready:

  1. Uninstall remote access tools you do not use.
  2. Remove browser extensions you do not recognize.
  3. Run the built-in security scan for your operating system.
  4. Install updates.
  5. Review startup apps and recently installed apps.

If this device handles banking, work, taxes, or sensitive family documents, it is reasonable to ask a trusted local computer repair shop or IT professional to check it. Tell them plainly: โ€œSomeone had remote access to this device and I need it checked for remote access tools and malware.โ€

Report It When Stable

You can report tech support and remote access scams at ReportFraud.ftc.gov. If the incident involved internet crime, large losses, business email, or cryptocurrency, you can also report it to IC3.gov.

Reporting is useful, but it comes after stabilizing money, passwords, and the device.