Cyber Security Threat Summary:
The FBI issued a public service announcement warning of a significant increase in 'phantom hacker' scams targeting senior citizens across the United States. ‘This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution, and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target,’ the FBI said. ‘Victims often suffer the loss of entire banking, savings, retirement, or investment accounts under the guise of 'protecting' their assets.’ In such scams, multiple fraudsters masquerading as bank representatives are contacting unsuspecting victims, falsely alleging that their accounts have fallen victim to hacking attempts. Subsequently, these scammers employ various tactics to persuade their targets to grant access to their banking accounts, assessing whether they possess significant funds warranting further pursuit. Should the victims' account balance make them valuable targets, they receive instructions to await a call from their bank—a second scammer involved in the scheme—advising them to transfer their funds to what is claimed to be a 'secure' account under the control of the fraudsters. In instances where targets prove resistant to manipulation, a third contact is made by an imposter posing as a representative of the U.S. government who makes a final attempt to persuade the victims, urging them to safeguard their finances by moving their funds to a 'safe' account” (Bleeping Computer, 2023).
Security Officer Comments:
According to the FBI, it received 19,000 complaints related to tech support scams between January and June 2023, with an estimated 542 million dollars lost by victims. Although tech support scams are commonly employed, with threat actors now pretending to be financial institution operations and government officials, more individuals are falling victim (as of August 2023, losses have already exceeded those in 2022 by 40%.). The majority of these victims are the elderly, with the FBI stating that 50% of the victims reported to IC3 were over 60 years old.
- Do not click on unsolicited pop-ups, links sent via text messages, or email links or attachments.
- Do not contact the telephone number provided in a pop-up, text, or email.
- Do not download software at the request of an unknown individual who contacted you.
- Do not allow an unknown individual who contacted you to have control of your computer.
- The US Government will never request you send money via wire transfer to foreign accounts, cryptocurrency, or gift/prepaid cards.
- The name of the person or company that contacted you.
- Methods of communication used, to include websites, emails, and telephone numbers.
- The bank account number(s) where the funds were wired to and the recipient's name(s).