Screen Sharing Scam

A recent scam is targeting businesses by impersonating bank representatives and gaining access to accounts through deceptive screen sharing sessions. Companies that received Paycheck Protection Program (PPP) loans are being specifically singled out using publicly available data.

What’s Happening

Scammers are calling business owners and employees using spoofed caller IDs to make the call appear as if it’s coming from their bank. The caller claims to need help resolving an issue, then walks the victim through joining a screen sharing session and logging in to online banking. Once logged in, the scammers act quickly to:

Change multi-factor authentication (MFA) setting
Add unauthorized users to the account
Initiate ACH batches and other money movement transaction

Some cases have involved losses of more than $1 million before the fraud was detected.

Why PPP Loan Recipients Are Being Targeted

The SBA publicly lists PPP loan recipients, along with loan amounts and issuing banks—information scammers are using to identify and target potential victims. Businesses with larger loans appear to be at greater risk.

Steps to Protect Your Business

Enable Multi-Factor Authentication (MFA)
Set Up Account Alerts
Require Dual Approval for Transfers
Train Staff to Spot Red Flags
Verify Unexpected Requests Before Acting
Report Suspicious Activity Immediately

Fraudsters are becoming more sophisticated, but simple steps can still make a big difference.

Want More Cybersecurity Tips?

Protecting your business starts with staying informed. We’ve compiled additional resources to help you recognize fraud, secure your accounts, and train your team on best practices.

See More Safety Tips