‘Phantom hackers’ are targeting people across the US. What the FBI wants you to know
A growing nationwide scam could target your grandparents, the FBI warns.
“Phantom hacker” scams are on the rise and are disproportionately affecting older people, according to a Sept 29 FBI public service announcement. It’s an “evolution of more general tech support scams”, US federal officials say, as these “phantom hackers” claim to be technology support, bank staff and government officials in order to gain the trust of those they’re scamming.
The three-step scam can result in people losing their “entire banking, savings, retirement, or investment accounts”, officials say, all while the scammers are convincing them to “protect” their assets.
In the first half of 2023, 19,000 complaints were filed with the FBI Internet Crime Complaint Center, according to the release. The estimated loss from the reported scams totaled over US$542mil (RM2.55bil).
Around 66% of total losses were from people over 60 years old, officials say.
FBI offices in San Francisco and Cleveland also sent out specific advisories for their regions about the “phantom hacker” scam.
“These scammers are cold and calculated. They are targeting older members of our community who are particularly mindful of potential risks to their nest eggs. The criminals are using the victims’ own attentiveness against them,” FBI special agent in charge John S. Morales said in the San Francisco release.
‘Phantom hackers’ and their three-step approach
The FBI breaks down the “phantom hacker” scam into three phases.
The first phase starts with a “tech support imposter”, officials say. The scammer typically reaches out as someone who works at a legitimate business by phone, text message or email. They tell the person that they’re looking to assist them, where they eventually get the scam victim to download software on their personal computer that gives the hacker remote access to their device.
Then, the scammer lies and tells the person they’ve detected a virus on the computer and instructs the person to open up their financial accounts to ensure no one has taken money out illegitimately, officials say.
After targeting a specific account to draw money from, the hacker tells the person that they will be contacted by their bank to report the fraudulent activity.
The next phase of the scam begins when the impacted person is called by someone pretending to be from their bank or brokerage firm, the FBI says. After telling the scam victim that their financial account has been hacked, they instruct the person to “move their money to a ‘safe’ third-party account”, which is typically a government account.
In order to move the money to the fake account, the scammer asks the person to send the money via a wire transfer, officials say. While in the process of transferring money, the FBI says, the hacker will tell the person not to tell anyone they’ve sent over the money – so no one else can catch on to the scam.
After the cash transfer, the final phase of the “phantom hacker” scam begins. The scam victim will later be contacted by someone pretending to be a government official with an agency like the Federal Reserve, according to the announcement.
In the event the person grows suspicious of the hacker, they will send a letter that “appears to be official US Government letterhead to legitimise the scam”, officials say. The last step of the scam happens when the scam victim moves their money to a “new ‘alias’ account” for more supposed protection.
How to avoid being scammed by ‘phantom hackers’
There are several ways the FBI recommends to avoid falling victim to the “phantom hacker” scam. Some of those methods include:
• Refuse to download software from unknown people;
• Never click on pop-ups, text links or email links that are unasked for;
• Avoid calling back unknown numbers;
• Never let an unknown person gain access to your computer.
The FBI highly recommends that Americans who suspect they were scammed by a “phantom hacker” contact both their local FBI office and www.ib3.gov.
When contacting these offices, officials say to include information such as the name of the person and company that reached out, how they communicated with you such as their phone number or email address and which bank accounts were potentially impacted. – The Charlotte Observer/Tribune News Service
Leave a Reply