Phantom hacker scams are on the rise, combining fake tech support calls, banking scams, and government impersonation to target victims’ life savings.
Since 2024, the three-phased phantom hacker scam has cost Americans nearly $1 billion, and according to a recent FBI alert, it is making the rounds again.
At its core, phantom hacking is a sophisticated impersonation scam. Threat actors use a phased approach to gain trust, access to devices, and ultimately money. Sadly, many victims lose their entire life savings, with senior citizens being frequent targets.
How Does Phantom Hacker Scams Work?
The phantom hacker scam, which was recently dramatized as a central scheme in the movie The Beekeeper, is often exaggerated on screen but in reality, still involves coordinated networks of scammers working together.
Unlike traditional scams, phantom hacker scams are layered and highly strategic. They focus on building trust and gaining access through a three-phase attack in which scammers impersonate technical support, financial institutions, and government officials. The goal is to convince victims that their money is at risk and needs to be protected, leading to significant financial loss through the three phases described below.
Phase 1 – Technical Support Imposter
The first phase often begins with a fake technical support representative posing as someone from an anti-virus or security company. Their goal is to trick the victim into downloading what appears to be a virus scanner but is actually malware that grants remote access.
One common tactic is to display a pop-up warning that a computer is infected and provide a phone number for help. Calling that number connects the victim to the scammer, who pressures them to install the malicious software.
Once access is gained, the scammer pretends to run a scan, claims a virus has been detected, and instructs the victim to open their financial accounts so they can “check” for issues. In reality, the scammer is looking for the largest balances to target. After identifying the most valuable account, they insist it has been compromised and warn that a representative from the financial institution will follow up. Sometimes the scammer even offers to connect the victim directly, setting the stage for the second phase.
Phase 2 – Financial Institution Imposter
Next, a different scammer poses as a representative from the victim’s bank or financial institution. They confirm that the account has been hacked and pressure the victim to move their money into a “safe” account through a wire transfer, cash withdrawal, or cryptocurrency transaction, often overseas. They also instruct the victim not to share details of the situation with anyone else, claiming it is for security purposes. In reality, this tactic prevents the victim from reaching out to a trusted source who could recognize the scam and intervene.
Phase 3 – US Government Imposter
In some cases, particularly if the targeted account is federal or government-related, the scam escalates further. A scammer posing as a U.S. government official contacts the victim to reinforce the illusion of legitimacy. This final step is designed to build additional trust, discourage the victim from seeking outside advice, and push them to complete the transfer of funds into a third-party account controlled by the scammers.
How to Identify and Avoid Phantom Hackers
Many people are familiar with deleting and reporting obvious phishing emails that impersonate legitimate organizations. Phantom hacker scams, however, are harder to spot because they add a human voice to the deception. This personal interaction creates a false sense of trust, and the methodical three-step approach is what makes phantom hacking a billion-dollar scam.
To reduce your risk, it is important to avoid unsolicited communication from unknown individuals. The FBI also recommends the following steps to protect yourself:
- Do not click on unsolicited pop-ups, links sent via text messages, or attachments in emails.
- Do not call the phone number provided in a pop-up, text, or email.
- Do not download software at the request of someone you do not know.
- Do not allow an unknown individual to have remote control of your computer.
- Remember that the U.S. Government will never ask you to send money via wire transfer to foreign accounts, cryptocurrency, or gift cards.
If you believe you or someone you know is being targeted by a phantom hacker scam, report the activity to your local FBI field office or submit a complaint through the FBI’s Internet Crime Complaint Center (IC3) at www.ic3.gov.
How Can Schneider Downs Help?
Phantom hacker scams demonstrate the importance of having a security program that protects both systems and employees. Even one compromised work computer can put an entire organization at risk of financial loss and data exposure.
Schneider Downs helps businesses strengthen defenses through employee awareness, testing against phishing and social engineering, and safeguarding company devices. By making employees an active part of cybersecurity, organizations can better defend against evolving threats like phantom hacking.
For more information, contact us at [email protected].
