General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region Forums"The Phantom Hacker": FBI San Francisco Warns Public of New Financial Scam
https://www.fbi.gov/contact-us/field-offices/sanfrancisco/news/the-phantom-hacker-fbi-san-francisco-warns-public-of-new-financial-scamOctober 3, 2023
The Phantom Hacker: FBI San Francisco Warns Public of New Financial Scam
FBI San Francisco
San Francisco Media Office
[email protected]
October 3, 2023
Posting in its entirety as it's public information.
Victims Are Tricked Into Thinking Their Financial Accounts Have Been Hacked, and Scammers Are Stealing Their Life Savings
SAN FRANCISCOFBI San Francisco is warning the public of a new scam dubbed The Phantom Hacker. Scammers are impersonating technology, banking, and government officials in a complex ruse to convince an elderly victim that foreign hackers have infiltrated their financial account. The scammers then instruct the victim to immediately move their money to an alleged U.S. Government account to protect their assets. In reality, there was never any foreign hacker, and the money is now fully controlled by the scammers. Some victims are losing their entire life savings.
These scammers are cold and calculated. They are targeting older members of our community who are particularly mindful of potential risks to their nest eggs. The criminals are using the victims own attentiveness against them, said Special Agent in Charge Robert K. Tripp. By educating the public about this alarming new scam, we hope to get ahead of these scammers and prevent any further victimization.
The Phantom Hacker Scam: How It Works
The FBI has observed repeated behavior by criminals involved in The Phantom Hacker scam. The ruse is often perpetrated in three major steps:
Step 1 Tech Support Imposter
In the first step, a scammer posing as a customer support representative from a legitimate technology company initiates contact with the victim through a phone call, text, email, or a popup window on their computer and instructs the victim to call a number for assistance.
Once the victim calls the phone number, a scammer directs the victim to download a software program allowing the scammer remote access to the victims computer. The scammer pretends to run a virus scan on the victims computer and falsely claims the victims computer either has been or is at risk of being hacked.
Next, the scammer requests the victim open their financial accounts to determine whether there have been any unauthorized charges a tactic to allow the scammer to determine which financial account is most lucrative for targeting. The scammer informs the victim they will receive a call from that financial institutions fraud department with further instructions.
Step 2 Financial Institution Imposter
In the second step, a scammer, posing as a representative of the financial institution mentioned above, such as a bank or a brokerage firm, contacts the victim. The scammer falsely informs the victim their computer and financial accounts have been accessed by a foreign hacker and the victim must move their money to a safe third-party account, such as an account with the Federal Reserve or another U.S. Government agency.
The victim is directed to transfer money via a wire transfer, cash, or wire conversion to cryptocurrency, often directly to overseas recipients. The victim is also told not to inform anyone of the real reason they are moving their money. The scammer may instruct the victim to send multiple transactions over a span of days or months.
Step 3 U.S. Government Imposter
In the third step, the victim may be contacted by a scammer posing as the Federal Reserve or another U.S. Government agency. If the victim becomes suspicious, the scammer may send an email or a letter on what appears to be official U.S. Government letterhead to legitimize the scam. The scammer will continue to emphasize the victims funds are unsafe and they must be moved to a new alias account for protection until the victim concedes.
Victims often suffer the loss of entire banking, savings, retirement, and investment accounts under the guise of protecting their assets.
Tips to Protect Yourself
The FBI recommends that the public take the following steps to protect themselves from The Phantom Hacker scam:
Do not click on unsolicited pop-ups, links sent via text messages, email links, or attachments.
Do not contact the telephone number provided in a pop-up, text, or email.
Do not download software at the request of an unknown individual who contacted you.
Do not allow an unknown individual who contacted you to have control of your computer.
The U.S. Government will never request you send money to them via wire transfer, cryptocurrency, or gift/prepaid cards.
Reporting Suspected Fraud
The FBI requests victims report these fraudulent or suspicious activities to the FBI Internet Crime Complaint Center (IC3) at https://www.ic3.gov Be sure to include as much information as possible, such as:
The name of the person or company that contacted you.
Methods of communication used, to include websites, emails, and telephone numbers.
The bank account number where the funds were wired to and the recipients name(s).
ailsagirl
(22,912 posts)Much appreciated
usonian
(9,999 posts)ailsagirl
(22,912 posts)Marthe48
(17,147 posts)Contact your bank, government or whatever entity with the contact information you have and use. Find out from contact you initiate if there is a problem.
Ohio settled the First Energy scam by sending an e gift card, or USPS letter/ecard, or USPS check to repay what customers lost because of the gop/first energy scam. Most people were informed enough about the law suit, the trials and so on, but enough people weren't that news sources in Northern Ohio had to run stories to explain that the gift cards and checks weren't scams.
PoindexterOglethorpe
(25,931 posts)I periodically get such scam calls. Depending on my patience level, I'll sometimes play along, other times hang up.
usonian
(9,999 posts)I let any call not on caller-id or that I dont recognize (seems too many lately) roll over to voice mail. Most dont leave a message.
I thought about using a chatbot to tie them up for an hour or so, but I dont trust the chatbot not to buy me a timeshare in Murmansk. So, I let that idea go.
PoindexterOglethorpe
(25,931 posts)But sometimes, as happened earlier today, the number was somewhat familiar, so I answered. Glad I did. It was from a friend across the country I hadn't talked to in a couple of years. She was planning to be in my city next month, and could we get together. I am so glad I answered that call.
She will be here over Thanksgiving, will spend about four days with me at the beginning of the visit, and will go with me to do the holiday dinner a couple of hours south of us. It will be a wonderful visit.
You are right, of course, if you let a call go to voice mail and they don't leave a message they aren't worth talking to.
usonian
(9,999 posts)dalton99a
(81,708 posts)Arthur_Frain
(1,872 posts)Im not sure its that new. In any event my rule of thumb is that I only give out info if Ive initiated a call to a known number. Nobody who calls me gets any personal info out of me, I dont care who they claim to be. Thats a pretty simple rule to follow, and it solves all of this.