Also while doing this please check for any damage to cable, or un-terminated connection without either coax or a terminator. Also please run 'Check service status' at the top right of this forum and call 0800 561 0061 to check for local issues. Always show incoming session request will allow you to close anydesk and continue to allow connection from anydesk client. I imagine that means Anydesk will continue to run in the background and probably affects battery usage. Only show incoming session request will accept connection if the anydesk app is up. Under Connections, right-click the name of the connection, and then click Properties. On the Network Adapter tab, click Maximum connections, enter the number of simultaneous remote connections that you want to allow for the connection, and then click OK.
Scammers mixed together a malicious cocktail of social engineering, SIM-swapping, and remote desktop software to empty the bank accounts of at least three victims.
In total, victims lost more than $350,000. They were likely swindled by the same individuals since the modus operandi and some details were the same in all three cases.
Remote access to sensitive info
The scams happened over the summer in Budapest and started with the ruse of a well-located apartment offered for sale below the market value.
Enticed by the offer, the victims showed their interest and responded to the ad, learning that the lower price was because the owner, who was living abroad, needed money urgently.
Anydesk Connection Issues
A “relative” of the owner acted as an intermediary for the transaction and promised potential victims more pictures of the property than shown in the original online ad, along with a video.
In two cases, the scammer convinced the victims to install AnyDesk remote desktop application to transfer the pictures and videos, Hungarian publication 24 reports.
Since AnyDesk is legitimate software, and the victims downloaded it directly from the developer’s website, there was no reason to suspect foul play.
The fraudster maintained access to the victim computer even after transferring the files and could search for sensitive info (documents, passwords, personal details) that would help them further in their scheme.
The goal was to log into the victim’s bank account and steal available funds; but with two-factor authentication (2FA) turned on, they also needed access to incoming messages on the mobile phone.
So they ran a SIM-swap scam, essentially tricking mobile service provider employees into activating a new SIM card with the victim’s phone number. At this point, the original SIM card becomes inactive and loses connection to the network.
At the same time, the fraudster’s new SIM gets all the victim’s calls and messages, including the 2FA code for logging into the bank account.
In at least one instance, the scammers converted the money to cryptocurrency, to make it more difficult to track.
With access to the victim's SMS and with online banking credentials in hand, the scammer could access the victim's bank account and drain it as if they were the legitimate owner.
Another way would be to log into the banking account using the remote connection to the victim's computer, provided it's turned on.
Anydesk Loses Connection Without
The SIM-swap scam has been rampant over the past years, causing victims across the world and millions of US dollars in losses. If fraudsters can’t bypass the security implemented by the mobile service provider, they often pay employees to replace the cards.
With so many services, banks included, still checking the authenticity of a login through SMS verification, it is easy to see why SIM-swapping wreaked havoc lately.