Protect Yourself from RATS!—How Scammers Can Take Control of Your Device

January 15, 2026 • By Clarissa Hartono, CFP®

Scammers are using increasingly sophisticated methods to target investors, and one of the fastest-growing methods is remote access tool (RAT)–based fraud. Criminals are using legitimate RAT software to take control of their victims’ devices and gain access to financial accounts and more.

What a RAT-Based Attack Might Look Like

1. The scammer sends a message that appears trustworthy. It might look like an e-vite, a Zoom link, or an invoice claiming to come from a government agency like Social Security or Medicaid or a financial institution like Schwab.

2. Once you click on a link or attachment, the RAT is instantly installed onto that device without any warning or notification to you.

3. At this point, the scammer is able to:

   a. Gain access to the whole device, which could potentially include investment and banking platforms

   b. Capture passwords through keyboard patterns

   c. Monitor your device habits through screen recordings

4. Because the activity comes from a device you normally use, it is more difficult to detect and may not trigger standard security alerts.

Here’s a real-world example: A client received an email purportedly from a trusted contact, but in reality, the sender’s email account had been hacked. The client clicked a link in the email, and nothing appeared to happen. However, RAT software had been silently downloaded to their computer. A few weeks later, the fraudsters logged in to the client’s bank account using saved credentials and transferred money through Zelle.

Practically any type of fraud is possible when they have complete access to your device!

Red Flags That Are Important to Notice

Since these scams are more difficult to detect, it is important to be extra diligent. If you receive an unexpected message or pop-up about your device needing to be “scanned,” it may be a RAT attack in progress. Immediately disconnect from the internet, shut down your device, contact your IT professional with a different device or in person, and report the incident to your financial advisor, bank, and other financial institutions.

Preventative Steps You Can Take

1. Avoid clicking unknown links and attachments, even if the message appears to be from a well-known company.

2. Type a website’s full address directly into your browser rather than clicking links.

3. Keep your devices’ software versions updated to ensure that the most recent antivirus software is active.

4. Delete recently downloaded applications that you do not recognize.

5. Immediately report any suspicious activity or unauthorized transactions. Early reporting can help limit potential losses.

6. Use strong and unique passwords for financial accounts, and enable multi-factor authentication or biometrics whenever possible.

7. Do not store passwords on your computer, since scammers can use those passwords to access accounts if they somehow gain control of your system.

If you would like to add an additional layer of security to your Schwab login, you can configure two-factor authentication here: Security Settings | Charles Schwab.

Here are links to authentication apps for your mobile phone.

• Apple: ‎VIP Access for iPhone App—App Store

• Android: VIP Access—Apps on Google Play

If you’ve been a victim of fraud, please read this article with the recommended next steps.

Here at Eclectic, we are committed to protecting your financial well-being. Please be assured that our systems are covered by antivirus software that has protection against RAT attacks. If you have additional questions, please visit our website at eclecticassociates.com to schedule a complimentary phone call or meeting with one of our fee-only financial advisors.