No. HopToDesk is a legitimate, open-source remote desktop application used by IT teams, MSPs and consumers worldwide. However, like any remote desktop tool — including TeamViewer, AnyDesk and Chrome Remote Desktop — scammers sometimes misuse it. If someone called you and instructed you to install HopToDesk, that call is almost certainly a scam, no matter who they said they were calling from.

Someone called me and told me to install HopToDesk. Is that a scam?

Yes, almost certainly. Legitimate companies — including Microsoft, Apple, Amazon, your bank, and tax authorities — will not call you out of the blue and ask you to install remote-access software. Hang up. Do not give them your HopToDesk ID. Do not click any link they send. If you are unsure whether a company really contacted you, call the company back using the phone number on their official website or on the back of your credit card — never the number the caller gave you.

Someone called and said I have unclaimed funds or forgotten cryptocurrency. Is that a scam?

Yes — this is currently the single most-reported scam involving HopToDesk. The scammer tells you there is money waiting for you (an unclaimed bank account, an old pension, a state unclaimed-property record, an inheritance, a class-action settlement, or cryptocurrency held in your name), and offers to help you claim it. They then ask you to install HopToDesk so they can 'help you file the claim,' 'verify the deposit,' or 'set up the receiving wallet.' Once connected, they drain bank accounts, capture login codes, install malware, or charge escalating 'fees' to release funds that never exist. Real unclaimed-property programs are free, do not cold-call, and never require remote access to your computer. If you want to check whether you actually have unclaimed property, search your government's official unclaimed-property site directly — never through a link or number the caller gave you.

I let a scammer connect to my computer using HopToDesk. What should I do?

Disconnect immediately by closing the HopToDesk app or unplugging your internet. Then change the passwords for every account you touched while they were connected, especially banking and email. Call your bank to freeze cards if banking information was exposed. Run a full antivirus scan. Report the incident to your local police — in many countries this is a recordable cyber-crime. Then uninstall HopToDesk using the instructions further down this page, and submit the scammer's HopToDesk ID using the form on this page.

How does HopToDesk protect me from scammers?

Every incoming connection must be manually accepted by the person at the computer being connected to. Nobody can connect to your computer without your active permission. All connections are end-to-end encrypted. You can require a permanent password or two-factor authentication for incoming connections. The safest protection is the human one: never accept a connection from someone you do not personally know and trust.

Is HopToDesk a Scam?

If you arrived here because someone called you and asked you to install HopToDesk — or because you already gave a stranger remote access — please read this page carefully. We can help.

Short answer: No, HopToDesk is not a scam.

HopToDesk is a legitimate, open-source remote desktop tool used by IT teams and businesses worldwide. But like any remote-access software, scammers sometimes try to misuse it to take control of victims’ computers. If someone called you and instructed you to install HopToDesk, that call is almost certainly a scam — no matter who they claimed to be from.

Fraudulent use is strictly prohibited

HopToDesk’s Terms of Service prohibit using the software to deceive, defraud, impersonate or steal from anyone. Accounts used for fraud are subject to suspension, and we cooperate with law enforcement investigations. If you are a scammer reading this thinking about how to evade detection: don’t. The pages below explain why your potential victims will be warned about you, and our reporting form makes it easy for them to flag your HopToDesk ID.

Common scams that misuse HopToDesk

If a phone call, text message or email follows any of these patterns, it is almost certainly a scam. Hang up or delete the message:

1. Unclaimed funds, forgotten crypto, or “money you didn’t know you had”

This is currently the single most-reported scam involving HopToDesk. The caller tells you there is money waiting for you that you can claim. They are friendly, helpful, and offer to walk you through claiming it — they just need access to your computer to file the paperwork or set up the receiving account. Once they’re connected, they drain your bank, capture login codes you receive by text, install malware, or charge escalating “fees” to release funds that never actually exist.

The hook usually takes one of these forms:

Unclaimed government property. “Our records show you have $X,XXX in unclaimed property/funds with the state.” (Real unclaimed-property programs exist in most countries — the scammers exploit that fact for credibility.)
Cryptocurrency in your name. “Bitcoin was sent to a wallet in your name back in 2013/2017 and it’s now worth $X.” Or: “You have an unclaimed FTX/Mt. Gox/Celsius claim.” Targets people who heard about crypto early but never actually bought any.
Forgotten bank account, pension, or 401(k). “An old account in your name — possibly from an employer you forgot — has been flagged as dormant.” The caller often knows your real previous employer (it’s on LinkedIn, or in a data breach).
Unclaimed inheritance. “A relative you may not have known of passed away, and you are listed as a beneficiary.”
Class-action settlement. “You’re a member of the settled class in the [Equifax / Facebook / data-breach] lawsuit and you have $X coming.”
Tax refund. “You have an unclaimed refund the tax office hasn’t been able to deliver.”
Recovery service for a prior scam. If you have already been scammed, you may be called by someone offering to “recover your funds” for a fee — this is always a second-stage scam targeting prior victims.

How to spot it:

You did not initiate contact. They called, emailed or texted you first.
They knew your name, date of birth, old address or employer. This proves nothing. That information is sold on data-breach markets for pennies.
They want remote access to your computer to “help you claim” or “file the paperwork.”
There is a fee, tax, escrow, gas, KYC charge or processing cost you have to pay first — in gift cards, wire transfer, crypto, or by purchasing prepaid cards.
There is time pressure: “the funds revert to the government on [date],” “only the first N claimants,” “you need to act today.”
They get visibly upset or aggressive if you hesitate or want to verify.

How to verify safely — without them:

Hang up the call.
If you want to check whether you actually have unclaimed property, search your government’s official unclaimed-property site directly: in the United States, unclaimed.org (NAUPA, the real association of state unclaimed-property offices) or missingmoney.com. In the United Kingdom, the official site is mylostaccount.org.uk. Other countries have equivalents — search for the term in your own language plus the word “official” or “government.” Never use a link or phone number the caller gave you.
For supposed bank or investment accounts: call the bank back on the number printed on the back of your card or on their official website. Not the number the caller said to call.
For cryptocurrency: if you didn’t personally set up a wallet and write down the seed phrase, there is no crypto in your name. An address “you don’t control” cannot be claimed.
For real inheritances: estate attorneys send physical letters from real law firms with verifiable addresses. They do not cold-call and demand remote computer access.
For class-action settlements: every real settlement has an official claims website run by a court-appointed administrator. Search the case name plus “official settlement website.”

The truth about real unclaimed funds: claiming them is always free, never requires you to install remote-access software, and the legitimate process is run entirely by you through the government’s own website. If a call adds any middleman — especially one who wants on your computer or wants a fee paid first — it is a scam.

2. Fake tech support

You get a call (or a pop-up on your computer) saying your computer is “infected with a virus,” that you need to call “Microsoft Support” or “Apple Support,” and that the technician needs to connect to your machine to clean it. Microsoft, Apple and Google never call customers unsolicited. The pop-up is fake. The number is fake. They will install malware, steal banking information, or charge you for a non-existent “fix.”

3. Fake bank or government agency

You get a call from someone claiming to be your bank, the tax authority, the police or a government office, saying there is “suspicious activity” on your account and they need to remotely verify your computer. Banks and government agencies will never ask you to install remote-access software. If you are unsure, hang up and call the agency back using the number from their official website or the back of your card.

4. Refund or shipment scam

You receive an email or text about an Amazon order, PayPal refund, or package delivery, with a phone number to “dispute” or “arrange redelivery.” The person on that number walks you through installing HopToDesk to “process your refund.” They then trick you into transferring money to them, or steal banking credentials while connected.

5. Romance, friendship, or trust-building scams

Someone you met online — on a dating site, social media or messaging app — eventually asks to “help you with your computer” or have you “help them with theirs” using HopToDesk. Genuine connections do not need remote access to your machine.

I think I was scammed. What should I do right now?

If a scammer is connected to your computer right now: close the HopToDesk app immediately, or if you can’t, unplug your internet cable or turn off Wi-Fi. You can also hold the power button to shut down the computer entirely. Disconnecting is the most important first step.

After you have disconnected:

Change passwords on every account you touched, signed into, or kept open in a browser while the scammer was connected — especially email, banking, and any financial services. Use a different device (your phone is fine) to change them.
Call your bank if banking or credit card information was exposed. Ask them to freeze the cards and flag the account for fraud monitoring. Banks have dedicated fraud lines that are open 24/7.
Run a full antivirus scan on the affected computer. On Windows, Microsoft Defender (built in) is sufficient — open Windows Security → Virus & threat protection → Scan options → Full scan.
Watch your bank statements for the next 30 days. Scammers sometimes wait days or weeks before draining accounts to avoid the immediate fraud window.
Report to your local police or national cyber-crime unit. In many countries this is now a recordable cyber-offense, and your report helps investigators map the criminal network. Provide the HopToDesk ID number the scammer used (the 9–10 digit number that appeared in the HopToDesk window) if you remember it.
Report the scammer to us using the form below. We use these reports to warn future victims and to assist law enforcement.
Uninstall HopToDesk from your computer using the instructions below, unless you specifically need it for your own work.

You are not alone. Phone-scam losses run into billions of dollars per year worldwide, and the victims are people of every age, background, and education level. The scammers are professionals running organized operations. Feeling embarrassed is normal. Reporting is the right move.

How HopToDesk protects you

You must accept every incoming connection. Nobody can connect to your computer remotely without you actively clicking “Accept” on a connection-request prompt. There is no silent or background access.
All connections are end-to-end encrypted. Even HopToDesk itself cannot view the content of a remote session.
You can require a permanent password for incoming connections under Settings → Security, so even someone who knows your ID cannot connect without it.
You can enable two-factor authentication for incoming connections, adding a rotating code requirement on top of the password.
You can refuse a connection at any time — including mid-session — by clicking the disconnect icon in the toolbar or closing the HopToDesk window.

The most reliable protection is the simplest: do not accept a connection from anyone you don’t personally know and trust, and never share your HopToDesk ID or password with someone who called or messaged you unsolicited.

How to remove HopToDesk from your computer

If you installed HopToDesk only because a scammer told you to, you can safely uninstall it. Removing HopToDesk does not delete any of your personal files.

Windows

Press the Windows key, type Add or remove programs, and open it.
Scroll to find HopToDesk in the list.
Click HopToDesk → Uninstall, and follow the prompts.

macOS

Open Finder → Applications.
Drag HopToDesk to the Trash.
Empty the Trash.

Linux

Debian/Ubuntu: open a terminal and run sudo apt remove hoptodesk.
Fedora/RHEL: sudo dnf remove hoptodesk.
Arch: sudo pacman -R hoptodesk.

Android & iOS

On Android, long-press the HopToDesk app icon and tap Uninstall. On iOS, long-press the app icon, tap Remove App, then Delete App.

Report a scammer

If you encountered someone using HopToDesk to scam you or attempt to scam you, please report their HopToDesk ID below. Reports go to our trust & safety team and to law-enforcement partners when relevant. Reporting is anonymous — you do not need an account.

If you are in immediate danger or facing significant financial loss right now, contact your local police or your bank’s fraud line before filing this report. Our team reviews reports as quickly as we can, but we are not an emergency response service.