Turning off Remote Access does NOT protect you from remote-access scams.
Safer, sure. But probably not as safe as you think.
Remote access comes in many forms, and you’ve only turned off some of them.
Become a Patron of Ask Leo! and go ad-free!
Turning off Windows remote access
Turning off Windows Remote Desktop disables only the Remote Desktop Protocol (RDP). It does nothing about other types of remote access. Software on your machine, including legitimate tools as well as malware, can still allow remote access. Never assume that if RDP is off, all remote access is prevented.
Windows remote access settings
The setting you’re most likely to have altered is the Windows Remote Desktop feature. (Search settings for “Remote desktop”).
Nifty — though you were probably already protected by your router, which disallows incoming connections anyway.
Besides, none of this disables the ability to access your machine remotely.
There is no setting to do that.
Scammers and remote access
This topic comes up most often when we discuss the so-called “tech support scam” in which individuals call you on the phone claiming there’s something wrong with your computer, but that they will fix it for you and need remote access to do so.
To make that happen, they’ll direct you to a website or a download, at which point you follow a few steps, perhaps enter a code of some sort, and — bingo! — they have the remote access they want.
Even if you’ve disabled Remote Desktop in Windows Settings.
You’ve just bypassed the setting you so carefully set. In fact, remote desktop wasn’t even used. The scammers use any of a number of alternative services2 and protocols that have nothing to do with remote desktop.
The key to remote access
The common thread to the remote access scam, as well as to any legitimate remote access, is that you need to be running software on your computer that initiates the connection.
Your router prevents incoming connections. It’s software running on your computer that allows, or even invites, others to connect. That software comes in many forms.
- Remote access software you’ve installed, such as Team Viewer or Chrome Remote Desktop.
- Remote access software you run on demand, such as conferencing software like Zoom, GoToMeeting or others allowing you to display your desktop in a video conference or give control of your machine to one of the other participants.
- Remote access software you run when getting support from a trusted yet remote friend, relative, or service technician.
- Malicious software. Because malware can do anything.
The key is that the software is running on your computer.
This allows us to make decisions to get safer still.
The solution is fairly straightforward: choose what to run.
- Disable, or not, Remote Desktop. As I said, your router protects you from incoming connections.
- Choose not to install remote access tools, or choose not to leave them constantly running, loading them only as needed.
- In conferences and online video meetings, only give access to your computer to people you trust.
- Only run remote-access software when requested by people you already know and trust.3
- Do everything you should already be doing to keep your computer safe on the internet and free of malware.
The bottom line is that remote access requires your participation either explicitly, by running remote access tools, or implicitly, by having allowed malware on your machine.
The solution is simple: don’t participate.
Here’s something that’s safe to participate in: subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.
Footnotes & References
1: The other feature you may have disabled is “Remote Assistance”. This is actually significantly less of a security concern, as you must initiate it. Regardless, disabling it does not disable remote access.
2: Many of which are completely legitimate tools. They’re just being abused by these scammers.
3: A stranger calling you on the phone does not meet this criteria.