The Federal Bureau of Investigation (FBI) has issued a public warning about a new financial scam dubbed “The Phantom Hacker” that is targeting older people’s life savings.
The agency’s field office in Denver announced in a statement that scammers typically contact older Americans and pretend to be tech support, bank employees, and government officials. They then lie to victims in an attempt to deceive them into thinking that foreign hackers have infiltrated their financial accounts, while in reality, there was never any foreign hacker.
Mark Michalek, special agent in charge of the FBI Denver Field Office, said these swindlers are “cold and calculated” and are targeting members of the community who are particularly mindful of potential risks to their assets saved for the future.
“The criminals are using the victims’ own attentiveness against them,” Mr. Michalek said in an Oct. 25 post on X. “By educating the public about this alarming new scam, we hope to get ahead of these scammers and prevent any further victimization.”
According to the FBI, some victims lost “their entire life savings” as a result of the scam.
#FBIDenver is seeing a scam called “The Phantom Hacker” in CO and WY. Scammers are impersonating officials in a complex ruse to convince victims that foreign hackers have infiltrated their financial account. Some victims are losing life savings. Release: https://t.co/z6C4nHoQ3R pic.twitter.com/w9EG4rLU2t
— FBI Denver (@FBIDenver) October 25, 2023
How Does the ‘Phantom Hacker’ Scam Work?
The FBI said the scam works in multiple steps, which all involve impersonation. In the first step, a scammer posing as a customer support representative from a legitimate technology company reaches out to a victim through a phone call, text, email, or a pop-up window on their computer and gives instructions to call a number for “assistance.”
Once the victim calls the phone number, a scammer will tell them to download a software program, which allows the hacker to remotely access the victim’s computer. Scammers pretend to run a virus scan on the victim’s computer and falsely claim their computer either was or is at risk of being hacked.
Next, scammers tell the victim to open their bank accounts to determine if there have been any unauthorized charges—a tactic to allow the scammer to determine which account is most lucrative for targeting. Then, they tell the victim that they will receive a call from their financial institution’s fraud department with further instructions.
In the second step, swindlers posing as representatives of a financial institution’s fraud department, such as a bank or a brokerage firm, will contact the victim and falsely inform them their computer and financial accounts have been compromised by a foreign hacker. They will tell the victim to move their money to a “safe” third-party account, such as an account with the U.S. Federal Reserve System or another U.S. government agency.
Victims are then told to transfer their money via a wire transfer, cash, or wire conversion to cryptocurrency, often directly to overseas recipients. The victim is also told not to inform anyone of the real reason they’re doing the transactions.
“The scammer may instruct the victim to send multiple transactions over a span of days or months,” a portion of the statement reads.
Scammers posing as the U.S. Federal Reserve System or another U.S. government agency may also contact victims, the FBI said. If the victim becomes suspicious, scammers might send an email or a letter on what appears to be official U.S. government letterhead to make the scam look legitimate.
According to the agency, scammers will emphasize that the victim’s funds are “unsafe” and that the funds must be moved into a new “alias account” for protection until the victim concedes.
The FBI noted that nearly 50 percent of the victims are older than 60 and often, they suffered the loss of entire banking, savings, retirement, and investment accounts under the guise of “protecting” their assets.
Tips to Keep Your Money Safe
The FBI recommends the public not to click unsolicited pop-ups, links sent via text messages, or email links or attachments. Federal agents also advised the public not to reach out to the telephone number provided in a pop-up, text, or email, as well as to avoid downloading software from unknown individuals.
The agency also warned that letting unknown individuals who randomly contact you and ask to take control of your computer can be dangerous, and further stressed that U.S. government representatives will never ask anyone to send money to them via wire transfer, cryptocurrency, or gift/prepaid cards.
Potentially fraudulent or suspicious online activities can be reported at the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov.
The IC3 was established in 2000 to handle complaints spanning the entire gamut of cyber matters, including many forms of online fraud, from intellectual property rights matters to hacking, economic espionage, online extortion, business email compromise, romance scams, money laundering, and “a growing list” of various internet crimes.
Jump in Financial Scams
The FBI said there were about 19,000 tech support scams reported to the IC3 from January through June, and victims lost more than $542 million during that time frame. The losses this year already exceed 2022 losses by 40 percent.
According to an annual report published by the IC3 in March, $10.2 billion in losses from online scams were reported to the agency in 2022—the highest number in the last five years. It also noted that over 480,000 Americans suffered financial losses.
Though the number of impacted scam victims increased only moderately (13,000 up from 2021), but the accumulated financial losses expanded by $3 billion.
The report pointed out that the jump is mainly due to a 183 percent increase in cryptocurrency investment fraud, totaling $2.57 billion. Non-crypto investment scam losses were $740 million, a slight increase from the previous year.
