Share the article
Subscribe for updates
Sardine needs the contact information you provide to us to contact you about our products and services.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Stopping remote access scams with Sardine

How Sardine.AI detects social engineering scams done via remote software protocols in real-time, helping FinTechs and Crypto companies earn their user’s trust.

Nothing gets my blood boiling more than fraud. One of the worst fraud is remote access scams where attackers spook victims as IRS agents or appeal to their greed as Crypto investment advisors. They often use remote desktop software or remote access apps to enable screen sharing. Watch this video of Sardine.AI’s Device Intelligence Technology stopping remote scams in real-time.

In these attacks, attackers convince victims to install Remote software on desktops or mobile devices and share their screen via TeamViewer, Anydesk or even over a Zoom call. Attackers then get victims to create an account at a FinTech or Crypto app — with full KYC. This amongst many other reasons is why Identity verification online is hard and often fails to prevent fraud.

If you want to understand this scam, watch the Netflix series — Jamtara. Irony of fate that I grew up not too far from this town in Bihar, India, where these fraudsters are commonly from.

Netflix’s Series — Jamtara on how a group of young men con gullible victims via Remote Software scams

Unsuspecting victims don’t realize that attackers are able to observe the password they type on the new account they are creating (as attackers can see each keystroke even in a password field as you type it and before it disappears).

Victims also don’t realize that fraudsters get them to leave the TeamViewer app running on victim’s machines forever. So fraudsters can login whenever they want.

Fraudsters then log in to victim’s machine in the middle of the night, withdraw money from their account at the new FinTech or Crypto account they convinced them to create. If the victim happens to be online, they will see their screen has been taken over by the attacker and the mouse is moving randomly.

I’d beaten my head against solving this problem for many years while leading fraud at my former employers Coinbase and Revolut. I did many POCs with many promising vendors but nothing worked.

This problem bothered me so much, that when Zahid and I decided to start Sardine, we made beating these Jamtara and Jamtara like fraudsters our sole aim.

With our Behavior Biometrics driven AI model, we are now able to detect all SignUps and Logins from remote softwares in real-time!

It took us a year to build the entire infrastructure around this — instrumenting browsers and mobile devices to gather this telemetry, creating a reliable and scalable streaming data infrastructure and training an AI model to detect these attacks in real-time. Couldn’t be more proud of our engineering and data team that got us here: Srikant, Divakar, Sri Harsha, Suhail, Andrei and Kazuki!

Sardine is privacy preserving. We are agnostic to protocols & can detect most remote protocols — TeamViewer, AnyDesk, Windows RDP, Zoom, Citrix, etc.

If you are a Crypto or FinTech company, protecting your customers and earning their trust should be paramount.

Reach out to us to schedule a demo ( and to learn how we can help you earn your customers’ trust!

Share the article
About the author
Kazuki Nishiura
Head of Engineering