Have you ever been casually scrolling Facebook or online shopping and suddenly get a pop up saying you have a virus? What about a phone call or random text or email saying you have been hacked? These are tactics commonly used in Phantom Hacker Scams. Phantom Hacker scams are a sophisticated type of tech support scam. Fraudsters impersonate tech support agents, bank employees, or even government officials to gain access to their victim’s devices and steal their money. Recently, the US government has reissued warnings about these types of scams as there has been an uptick in the amount of money people report having lost. These scams can affect anyone of any age, but older individuals tend to be more susceptible. Some people have lost their entire life savings to these scams. So, how do they work and what can you do to avoid them? Let’s find out.
Phantom Hacker Scams center around a made-up threat. These threats can come in the form of a pop-up alert on the victim’s computer, a phone call from a fake tech support person, or an email or text message saying that the victim has been hacked. Criminals push their targets to download a software program that will provide fraudsters the ability to remote into the victim’s device while assuring them it is to help resolve the original phony threat. The fraudsters then proceed to take over the victim’s device learning every personal detail they can along with bank information and anything else that is saved on there. The fraudster tells the victim they need to perform a scan of the device to be sure everything is ok. That “scan” almost always comes back with some sort of fake information that could supposedly be detrimental to the victim if anyone else found out. The scammer tells the victim they found incriminating evidence that will send them to jail. The only way to avoid this, according to the hackers, is to send them all their money so they can get the victim out of trouble. Or the fake scan finds that all their accounts have been compromised, and the victim needs to move their money in order to keep it safe. The scammer will instruct the victim to transfer money either through a wire transfer, cryptocurrency, or even sending cash in the mail. Some scammers will provide an alternate account number for the victim to transfer the funds to. Any of those options takes the victim’s money and puts it under the control of the hacker. Sometimes, scammers tell the victim that once the trouble is gone, they will release the money back to them. Of course, that doesn’t happen. In just about every Phantom Hacker Scam, the victim is told not to talk to anyone about what is happening. They use fear and intimidation tactics to influence innocent people into giving up their hard-earned money. Some scammers even call their victims early in the morning and stay on the phone with them all day to ensure they can’t have outside contact with loved ones or their bank during business hours. These scammers will add pressure to the victim, ensuring the money gets withdrawn and sent. They sometimes watch their victims via laptop camera to scare them into following their every order. Fraudsters have been known to pose as bank officials or law enforcement to get what they want. Other times, fraudsters may impersonate federal employees just to reinforce the story that the victim’s funds are unsafe or compromised and need to be moved. What happens when legitimate bank employees start questioning the victims? Well, the hackers have answers for literally everything and instruct their prey to tell whatever lies they can so the bank will just release the funds and stop prying into the situation.
Now that we know the inner workings of this scam, how can we protect ourselves?
- Do not click on unsolicited pop ups, emails, or links. If you do receive a pop-up window or suspicious email, don’t interact with it.
- Do not call the number provided. If the pop or email gives phone numbers for “support” or anything else, do not call.
- Never download software from an unknown source! Scammers will use this to remote into your computer. Downloading this type of software is the same as giving consent to allow unknown parties free reign on your computer.
- Never give control of your computer (or any other device) to an unknown caller. No one should access your personal computer, phone, tablet, etc.
- Be wary of “government” requests to transfer money. The U.S. government will never ask you to send money to them via wire, crypto, gift cards, or any other means with the purpose of “protecting” your funds.
- Be skeptical of any calls asking you to protect your money. This is a scare tactic used by scammers to get their victims to send them money.
If you feel that you or someone you know has been a victim of this or any other scam, contact your bank and inform them at once! You can always report these incidents to the FBI’s Internet Crime Center (IC3) at ic3.gov. Change your online passwords…. all of them!
It seems that fraud in all forms is here to stay. It is our duty to learn about different scams and how to protect ourselves from them. By knowing what to look out for, we can lower our risk of becoming victims.
