Security
/getmedia/440d96e9-df6a-482a-adc1-664c9d48c867/news-security-computer-lrg.jpg?width=1200&height=500&ext=.jpg
10/3/2023 2:13:27 PM
10.3.23
"The Phantom Hacker": New Scam Warning
FBI San Francisco is warning the public of a new scam dubbed “The Phantom Hacker.” Scammers are impersonating technology, banking, and government officials in a complex ruse to convince a typically older victim that foreign hackers have infiltrated their financial account. The scammers then instruct the victim to immediately move their money to an alleged U.S. Government account to “protect” their assets. In reality, there was never any foreign hacker, and the money is now fully controlled by the scammers. Some victims are losing their entire life savings.
The FBI has observed the scam to be perpetrated in three major steps:
Step 1 – Tech Support Imposter
In the first step, a scammer posing as a customer support representative from a legitimate technology company initiates contact with the victim through a phone call, text, email, or a pop-up window on their computer and instructs the victim to call a number for “assistance.”
Once the victim calls the phone number, a scammer directs the victim to download a software program allowing the scammer remote access to the victim’s computer. The scammer pretends to run a virus scan on the victim’s computer and falsely claims the victim’s computer either has been or is at risk of being hacked.
Next, the scammer requests the victim open their financial accounts to determine whether there have been any unauthorized charges – a tactic to allow the scammer to determine which financial account is most lucrative for targeting. The scammer informs the victim they will receive a call from that financial institution’s fraud department with further instructions.
Step 2 – Financial Institution Imposter
In the second step, a scammer, posing as a representative of the financial institution mentioned above, such as a bank or a brokerage firm, contacts the victim. The scammer falsely informs the victim their computer and financial accounts have been accessed by a foreign hacker and the victim must move their money to a “safe” third-party account, such as an account with the Federal Reserve or another U.S. Government agency.
The victim is directed to transfer money via a wire transfer, cash, or wire conversion to cryptocurrency, often directly to overseas recipients. The victim is also told not to inform anyone of the real reason they are moving their money. The scammer may instruct the victim to send multiple transactions over a span of days or months.
Step 3 – U.S. Government Imposter
In the third step, the victim may be contacted by a scammer posing as the Federal Reserve or another U.S. Government agency. If the victim becomes suspicious, the scammer may send an email or a letter on what appears to be official U.S. Government letterhead to legitimize the scam. The scammer will continue to emphasize the victim’s funds are “unsafe” and they must be moved to a new “alias” account for protection until the victim concedes.
Victims often suffer the loss of entire banking, savings, retirement, and investment accounts under the guise of “protecting” their assets.
Provident will never contact you to ask you to transfer funds. If you are contacted by someone representing themselves as a Provident employee, ignore the message or hang up immediately. When in doubt, contact Provident directly at (800) 632-4600 to confirm. Do not rely on any contact information provided in the potentially fraudulent messages.
“The Phantom Hacker” Scam: How It Works
The FBI has observed the scam to be perpetrated in three major steps:Step 1 – Tech Support Imposter
In the first step, a scammer posing as a customer support representative from a legitimate technology company initiates contact with the victim through a phone call, text, email, or a pop-up window on their computer and instructs the victim to call a number for “assistance.”
Once the victim calls the phone number, a scammer directs the victim to download a software program allowing the scammer remote access to the victim’s computer. The scammer pretends to run a virus scan on the victim’s computer and falsely claims the victim’s computer either has been or is at risk of being hacked.
Next, the scammer requests the victim open their financial accounts to determine whether there have been any unauthorized charges – a tactic to allow the scammer to determine which financial account is most lucrative for targeting. The scammer informs the victim they will receive a call from that financial institution’s fraud department with further instructions.
Step 2 – Financial Institution Imposter
In the second step, a scammer, posing as a representative of the financial institution mentioned above, such as a bank or a brokerage firm, contacts the victim. The scammer falsely informs the victim their computer and financial accounts have been accessed by a foreign hacker and the victim must move their money to a “safe” third-party account, such as an account with the Federal Reserve or another U.S. Government agency.
The victim is directed to transfer money via a wire transfer, cash, or wire conversion to cryptocurrency, often directly to overseas recipients. The victim is also told not to inform anyone of the real reason they are moving their money. The scammer may instruct the victim to send multiple transactions over a span of days or months.
Step 3 – U.S. Government Imposter
In the third step, the victim may be contacted by a scammer posing as the Federal Reserve or another U.S. Government agency. If the victim becomes suspicious, the scammer may send an email or a letter on what appears to be official U.S. Government letterhead to legitimize the scam. The scammer will continue to emphasize the victim’s funds are “unsafe” and they must be moved to a new “alias” account for protection until the victim concedes.
Victims often suffer the loss of entire banking, savings, retirement, and investment accounts under the guise of “protecting” their assets.
Tips to Protect Yourself
Provident will never contact you to ask you to transfer funds. If you are contacted by someone representing themselves as a Provident employee, ignore the message or hang up immediately. When in doubt, contact Provident directly at (800) 632-4600 to confirm. Do not rely on any contact information provided in the potentially fraudulent messages.
- Do not click on unsolicited pop-ups, links sent via text messages, email links, or attachments.
- Do not contact the telephone number provided in a pop-up, text, or email.
- Do not download software at the request of an unknown individual who contacted you.
- Do not allow an unknown individual who contacted you to have control of your computer.
- The U.S. Government will never request you send money to them via wire transfer, cryptocurrency, or gift/prepaid cards.
Reporting Suspected Fraud
The FBI requests victims report these fraudulent or suspicious activities to the FBI Internet Crime Complaint Center (IC3) at www.ic3.gov. Be sure to include as much information as possible, such as:- The name of the person or company that contacted you.
- Methods of communication used, to include websites, emails, and telephone numbers.
- The bank account number where the funds were wired to and the recipient’s name(s).
Share this article