Screen sharing apps allow one to share your desktop or mobile screen remotely with others in an online meeting. Unfortunately, this can be abused by fraudsters, as once the screen is shared, others can view everything you do on your screen, such as the passwords entered, OTPs accessed, etc. Frauds using screen-sharing apps are common because the fraudsters buy the victims’ trust and dupe them of their money.
These frauds have increased ever since remote working started as organizations allowed employees to use these apps to share their screens in online meetings for their regular project updates.
Let us now see a scenario wherein Ram, the innocent victim, is duped by Shyam, an unscrupulous perpetrator using a screen-sharing app. Here is how the conversation goes.
Shyam: Good Morning, Sir! I am calling from the XYZ Lottery Agency. Your lottery number has won a cash reward of Rs 10 lakh
Ram (Not very convinced): Umm! How do I believe you?
Shyam: Sir, I am an employee of the Agency. Your lottery number is XXXX76, and it was bought on April 2, 2022
Ram (Now convinced and thinks he is smart): So, when will I get my cash reward?
Shyam (sigh of relief): Sir, we will share a link with you. You need to click on it and allow it to complete the process
Ram (without a second thought): Okay, please share the link
Shyam (Here you go): hxxps://www.xxxx.com/download.exe
Ram (clicks on the link): I have done what you requested. So, what next?
Shyam (happy, having duped Ram): You just need to send Rs 5 to the account number I am sharing. We need this to authenticate and validate your account to confirm if we are giving the reward to the right person
Ram (convinced): I have transferred the amount. Please give my reward money
Shyam: Sure sir
..and the call gets disconnected
Within a few seconds, Ram gets messages on his phone that Rs 40000 and Rs 30000 have been withdrawn from his account.
Ram realizes he is duped and heads off to his bank to block further debits. He also files a case with the Cyber Police to get his money back.
Whether Ram would get back his money or not is a different discussion. But if you are curious how the conman Shyam got all of Ram’s details, let us tell you that the answer lies in the clicked link. The link directs to a downloader file of a screen-sharing app which, on installation, allows the perpetrator to have complete control of the victim’s device and get all details, including passwords, OTPs, and all.
How do you stay safe?
- Do not click on links shared by unknown persons
- Verify the legitimacy of any offer by cross-checking with the concerned official website
- Install a reputed security product such as “K7 Total Security”/”K7 Mobile Security” and keep it updated to stay protected from such threats
- In the event of an incident, inform the Cyber Police to claim for the duped money and to catch the perpetrator and the concerned bank to block further transactions
