You receive an automated phone message from a mobile number advising that you have just paid $99.99 for your annual "subscription"
Press 1 to cancel your "subscription"
A scammer (in a boiler room by the sound of it) takes the call
You are encourage to go to a fake web page and download Anydesk
You are asked to hand over the BIG RED NUMBER on your screen which allows the scammer to immediately access your computer or device
You are asked to add a password and enable unattended access so the scammer can access your computer whenever it is switched on
Nek Minnit your bank account gets cleaned out.....
The Phone Call
The automated call advises you that your $99.99 "annual subscription" has just been deducted from your credit card
You are invited to "Press 1 to Cancel" which puts you through to the scammer
The scammer then directs you to a web page gg.gg/amzpr3 on the pretext of "verifying your account"
The Web Page
gg.gg is a website which allows you to shorten any web address (URL) and therefore hide the true destination
This is a legitimate website being used for nefarious purposes by scammers to hide their intentions
For example the address of our web page can be shortened to http://gg.gg/AmazonPrimeRefund Try it, this link is safe!
You can see how a scammer can easily provide you with a very convincing web address
So, coming back to the fake Amazon Prime web page, the scammer will check what device/platform you are using then direct you to the appropriate link on the scam page, for a Windows computer you are asked to choose Service 1 which will then download the ubiquitous Anydesk Remote Access software which takes you to an innocuous looking web page with a BIG RED NUMBER
The Remote Access Web Page
This page is legit in the sense that remote support techs across the world use it solve technical issues with computers
Scammers use it to steal money from our bank accounts
If you tell the scammer the BIG RED NUMBER they will gain immediate control of your computer
Note that they don't tell you what they are doing
They tell you that they need you to tell them the "verification code" at the top of your screen
I have challenged Anydesk about the lack of warnings on this screen, at the very least they should display a warning as follows
"If you tell anyone this number they will gain immediate control of your computer" or some such
Anydesk did respond with a bland form response but otherwise ignored me!
The scammer will then direct you to the small padlock symbol at the right of the BIG RED NUMBER
When you click the padlock you will be given the opportunity to add a password
Note that they give you the password so of course they then know what it is!
They will also make sure that you choose the Unattended Access option without telling you exactly what that means
If you do everything the scammer tells you to do, they will have access to your computer anytime it is switched on and connected to the internet, whether you are in front of the computer or not!
Ending the Phone Call
So, it all gets very ugly if you follow their instructions. For me, I always get them to the point where they want the "verification number" and then I engage the scammer in a robust exchange of square words, I am a bit one-dimensional with my choice of words but the scammers often get very creative before they hang up!