Did Someone Ask You To Download AnyDesk to Your Computer or Phone?
When a Rhode Island woman received an online notification claiming that her iPad was compromised, she quickly called the number for Apple support listed on the pop-up. The support technician on the phone explained that someone had hacked her device and that she needed to download AnyDesk — an app that gives support agents remote access to your device — to help resolve the issue.
But in reality, the whole thing was a scam.
With AnyDesk installed, fraudsters had full access to the victim’s computer — allowing them to steal sensitive information and manipulate everything the woman was seeing on her screen.
The scammers ultimately convinced her to wire over $200,000 to them [*].
While AnyDesk is legitimate software used by support agents at many companies, it’s also a favorite tool of tech support scammers. According to 2022 data from the FBI [*]:
Americans lost more than $800 million to tech support scams — many of which involved the use of remote access software like AnyDesk.
If anyone asks you or a loved one to download AnyDesk, you need to be cautious. In this guide, we’ll explain how criminals use AnyDesk, common scams to watch out for, and how to keep yourself safe.
What Is AnyDesk? Is It Safe?
AnyDesk is a legitimate software tool that allows people to remotely view and control computers and mobile devices. For example, if an employee at a large company has a technical issue, someone on the IT team can use AnyDesk to “take over” the device and diagnose the problem.
But this level of access and control is equally enticing to cybercriminals.
If scammers convince you to download AnyDesk and share your unique access code, they can gain remote control of your Apple, Windows, or Android device. Once they’re in, they can search for sensitive information to use to steal your identity or manipulate your screen when you log in to your bank account.
AnyDesk is not the only remote desktop application that scammers use. TeamViewer, RemotePC, and Zoho Assist are all similar platforms and should be treated with equal caution.
How Do AnyDesk Scams Work?
AnyDesk scams are a type of technical support scam in which fraudsters convince targets to download AnyDesk — allowing scammers to remotely access their victims’ devices.
Also known as “remote access scams,” these schemes typically follow the same pattern:
- Scammers contact you claiming to be tech support representatives. Fraudsters send phishing emails, texts, or phone calls claiming to be from large, reputable tech companies like Microsoft — or even pose as representatives from your bank. In other cases, you may end up on a fake website that displays pop-ups warning that your device has been hacked.
- Next, they claim that your device has been hacked or is infected with malware. This is a social engineering scare tactic designed to create a sense of urgency. The scammers may even claim that someone is using your identity to commit cybercrime.
- They offer to fix the problem using AnyDesk. Scammers keep you on the phone while you download the application and then ask for your secret PIN number. This gives them access to your computer.
- Once they have remote access, they steal sensitive information or use your device to trick you. For example, they might break into your other accounts, or make you think they refunded too much money to you.
What makes AnyDesk scams especially dangerous is that fraudsters still have access to your device — even after scamming you.
What Can Scammers Do With Remote Access to Your Device?
Remote access software lets people use your device the same way you do, and in real time. With this level of access, cybercriminals can:
- Search your device for sensitive files, photos, and documents. Scammers look for invoices, utility bills, and credit card statements — anything that gives them valuable financial or personal information that they can use against you.
- Use your device to access your digital accounts. If you save your passwords on your device, remote access grants hackers the ability to use those passwords whenever they want.
- Spy on you while you enter online passwords. Even if you don’t have your passwords saved, scammers can still spy on you while you enter your passwords. They may log your keystrokes and copy every password that you type.
- Install malware onto your device. Once fraudsters have access to your device, they no longer need to trick you into installing malware. They can simply download it directly to your device by themselves.
- Blackmail or extort you over sensitive files and data. If scammers find any private data on your device, they can threaten to publish it online. They may demand that you pay them money to avoid having your personal information leaked.
- Use your identity to scam friends and family members. Hackers can easily see who your closest contacts are, and may use that information against you. They may pretend to be you while asking friends and family members to urgently wire money to them.
The 7 Latest AnyDesk Scams (and How To Avoid Them)
- Phishing messages from fake tech support agents
- Fraudulent offers for work-from-home jobs
- Bank fraud alerts claiming your account was compromised
- Fake warnings about cyberattacks on financial institutions
- Website pop-ups saying your device was infected with malware
- Online contacts claiming to “help” you trade Bitcoin or other investments
- Fake invoices or bills for services you didn’t request
Fraudsters can use AnyDesk to scam you out of money or steal your sensitive information. Here are the latest AnyDesk scams to watch out for:
1. Phishing messages from fake tech support agents
Tech support scams often start with unsolicited contact from someone who claims to be a tech support agent. These phony agents might say they work with Microsoft, Amazon, or another well-known technology brand. They claim your device has a problem and that they need you to download the AnyDesk app before they can fix it.
Don’t get scammed! Do this instead:
- Ignore anyone who tells you your device is infected. No one can tell you that your device has been infected unless they already have access to it (for example, if you’ve taken it to a certified technician).
- Don’t trust Google search results. Hackers post fake tech support phone numbers online that show up in real search results. Always go to a company’s official website to find its contact information.
- If you’re unsure, hang up and call or email through official channels. If you’re still concerned, ignore the outreach and contact the company directly. Ask to speak to their fraud department and explain what happened. They’ll be able to tell you if it was a legitimate notification or not.
2. Fraudulent offers for work-from-home jobs
This scam is particularly alarming because AnyDesk has legitimate uses for work-from-home employees. Some scammers try to spoof the entire hiring process – including interviews – just to get victims to download the AnyDesk remote app as part of the onboarding process.
Identifying work-from-home scams can be incredibly difficult. Scammers may have legitimate-looking email addresses and lots of information about the company for which they claim to recruit.
Don’t get scammed! Do this instead:
- Ask recruiters how they found you. If they mention a staffing agency that you don’t recognize, this is a red flag. If they found you on social media, consider how believable that is based on the information you’ve made public about your job search.
- Find out as much as you can about your job duties. Work-from-home scams are generally vague about what the position requires. A legitimate recruiter should be able to describe the position in deep detail and tell you exactly what’s expected of you.
💡 Related: How To Spot a Fake Job Scam (20 Early Warning Signs) →
3. Bank fraud alerts claiming your account was compromised
Banks send alerts to customers when they detect suspicious activity on user accounts. Scammers can create lookalike alerts to trick you into downloading software like AnyDesk, giving them the power to access your bank account directly. These alerts often come as SMS messages or emails.
Don’t get scammed! Do this instead:
- Always log in directly to your online bank account. If your bank is seriously concerned about the security of your account, it will either lock you out of your online banking account, send you an in-app notification, or request verification when you try to log in. If you receive an email about a security breach but don’t see the notification in your account, it’s probably a scam.
- Report suspicious messages to your bank. All banks employ fraud specialists who constantly look for evidence of scams and fraudulent activity. Call or email your bank to report any suspicious activity related to your account. You can also forward suspicious text messages to them.
💡 Related: How To Quickly Spot a Wells Fargo Scam Text →
4. Fake warnings about cyberattacks on well-known institutions
Fraudsters may leverage major cyberattacks to carry out scams of their own. If a major bank or public institution suffers a data breach, scammers may perform tech support scams pretending that they’re contacting you on behalf of that organization in order to scare you into downloading AnyDesk or giving up more personal data.
Don’t get scammed! Do this instead:
- Know when your data is compromised. Don’t be taken by surprise when a major institution suffers a data breach. Pay attention when hackers attack large institutions, and prepare for scammers to attempt to trick you afterwards with remote access scams.
- Consider subscribing to an identity theft protection service. Aura’s award-winning identity theft protection solution warns users when their data is included in a data breach. This helps you tell the difference between a real data breach and fraudulent scare tactics.
5. Website pop-ups saying your device was infected with malware
One variant of the tech support scam uses website pop-ups to warn users that their devices are infected.
You can safely ignore these pop-ups as there is no way for a browser to scan your device for malware on its own.
Don’t get scammed! Do this instead:
- Carefully examine pop-up warnings. Some pop-ups are designed to look like regular system alerts. Don’t be fooled — if the pop-up comes from your web browser, it’s not a real system alert.
- Close your web browser. This is the easiest way to check if a pop-up warning comes through your web browser or through the operating system. If closing the web browser makes the pop-up go away, it was not a real system alert.
6. Online contacts claiming to “help” you trade Bitcoin or other investments
Many scams revolve around the profits you can earn by trading various cryptocurrencies and other assets online. No legitimate brokerage or investment app will offer to assist users with remote desktop software like AnyDesk. Even unregulated offshore cryptocurrency exchanges avoid doing this because their finance-savvy users would know it’s a scam.
Don’t get scammed! Do this instead:
- Never accept direct help to open any kind of account from someone online. Anyone who offers to help you open an account can use your login credentials to gain access on their own. Online brokerages invest heavily in education, but they never actually perform transactions on customers’ behalf using remote desktop software.
- Understand how security regulations protect you. Only registered investment advisors can legally recommend that you purchase assets for investment purposes, and only under contract. U.S. law prohibits people from investing other peoples’ money without this kind of registration [*].
💡 Related: What Is the Pig Butchering (Crypto Investment) Scam? →
7. Fake invoices or bills for services you didn’t request
Another way that scammers try to get you to contact them is by sending you fake invoices and bills from service providers that you never signed up for.
But when you call to cancel the payment or auto-renewal, scammers will ask you to download AnyDesk software and log in to your bank account to confirm the refund.
Don’t get scammed! Do this instead:
- Verify suspicious invoices and bills. Find out if you actually received the service you’re being charged for. If the bill “auto-renews,” you should be able to find a previous payment in your transaction history. If none exists, it’s almost certainly a scam.
- Hang up and call the company back. Companies generally do not call customers asking them if they want to cancel their services. If the call is legitimate, you should be able to hang up, find the company’s contact number on its official website, and call back.
💡 Related: Don’t Fall For These 7 Nasty Refund & Recovery Scams →
What To Do If You Downloaded AnyDesk or Gave Scammers Remote Access to Your Device
- Disconnect your device from the Internet. Disconnecting your device from the internet is the fastest way to prevent scammers from accessing it. Turn off Wi-Fi and remove any active SIM cards to ensure the device can’t go online.
- Update your passwords using a new device. The first thing scammers do is look for passwords and authentication credentials. Use a separate device to log in to your password-protected accounts and change your passwords.
- Remove AnyDesk from the compromised device. Uninstall AnyDesk the same way you’d uninstall any application. You should also scan your device for malware and other suspicious apps.
- Freeze your credit with all three bureaus. Scammers often use stolen data to open new accounts or take out loans in your name. To stop them, freeze your credit with all three credit bureaus — Experian, Equifax, and TransUnion.
- Contact your bank’s fraud department. Hackers may use your device to access your bank and credit card accounts. Contact your financial institutions and ask that they cancel your cards and accounts and then issue you new ones.
- Report the scam to the Federal Trade Commission (FTC). The FTC operates a website specifically for reporting fraud and abuse. Go to ReportFraud.ftc.gov and follow the instructions. If you think or know that scammers have your personal information, you should also file an official identity theft report with the FTC at IdentityTheft.gov.
- Consider signing up for identity theft protection. If scammers have access to your sensitive data, they could strike at any time. Aura monitors your most sensitive personal and financial information and alerts you in near-real time of any suspicious activity. Plus, if the worst should happen, you’ll have access to Aura’s team of 24/7 U.S.-based Fraud Resolution Specialists and $1 million in identity theft insurance coverage for every adult member on your plan.
The Bottom Line: Don’t Give Scammers Access to Your Computer
Remote access scams are incredibly dangerous because they give hackers direct access to your devices and data. To avoid remote access scams, make sure you:
- Never download software recommended by anyone who contacts you, and only perform downloads if you’re 100% sure they’re legitimate.
- Always verify tech support personnel, bank employees, and work-from-home recruiters by using an independent contact method.
- Don’t automatically believe warning messages that claim your device has a virus. Only trust what your own antivirus application says.
Keeping your information safe from scammers can be a full-time job. Make it easier with Aura’s award-winning identity theft protection services.
With Aura, you get powerful internet security tools, three-bureau credit monitoring, the industry’s fastest fraud alerts, and a $1 million insurance policy for eligible losses due to identity theft.
