An FBI warning about new financial scams prompted Guidestone Financial Resources to alert its clients about scammers infiltrating personal financial accounts by impersonating representatives from technology firms, banks or government agencies.
“This Phantom Hacker scam is an evolution of more general tech support scams, layering imposter tech support, financial institution and government personas to enhance the trust victims place in the scammers and identify the most lucrative accounts to target,” Guidestone said in a news release.
The FBI received 19,000 complaints related to three similar scams that generated more than $542 million in losses from January to June 2023. “Victims often suffer the loss of entire banking, savings, retirement or investment accounts under the guise of ‘protecting’ their assets,” the Christian financial services company said.
The FBI received 19,000 complaints related to three similar scams that generated more than $542 million in losses from January to June 2023.
The tech support imposter scheme involves scammers impersonating customer support representatives from actual technology companies. They use email, calls, texts or pop-up windows to lure victims into calling a number for assistance, the FBI warning explained.
“Once the victim calls the phone number, a scammer directs the victim to download a software program allowing the scammer remote access to the victim’s computer. The scammer pretends to run a virus scan on the victim’s computer and falsely claims the victim’s computer either has been or is at risk of being hacked.”
Victims are then directed to open their financial accounts, which helps scammers identify and raid balances, the bureau said. “The scammer informs the victim they will receive a call from that financial institution’s fraud department with further instructions.”
In the financial institution imposter ruse, scammers pose as banking or brokerage firm representatives and claim victims’ accounts have been compromised by foreign hackers, the FBI said. “The victim is directed to transfer money via a wire transfer, cash or wire conversion to cryptocurrency, often directly to overseas recipients. The victim is also told not to inform anyone of the real reason they are moving their money. The scammer may instruct the victim to send multiple transactions over a span of days or months.”
A U.S. government imposter scam operates in a similar fashion, but with scammers claiming to be with the Federal Reserve or federal agencies. “The scammer will continue to emphasize the victim’s funds are ‘unsafe’ and they must be moved to a new ‘alias’ account for protection until the victim concedes.”
The FBI urged consumers not to click on unsolicited email links, attachments, text messages or pop-ups, and not to call phone numbers included in those messages. Software from unknown individuals should not be downloaded, and control of computers should not be granted to strangers.
“The U.S. government will never request you send money to them via wire transfer, cryptocurrency, or gift/prepaid cards,” the FBI said.
“The U.S. government will never request you send money to them via wire transfer, cryptocurrency, or gift/prepaid cards.”
Guidestone urged its clients never to provide personal information to callers until verifying the legitimacy of the contact or agency, and to avoid sharing passwords and user IDs with anyone.
Those who suspect they have been scammed should immediately report suspicious or fraudulent activities to the FBI and document any email addresses, phone numbers and websites that suspected scammers may have provided. Customers should also document and report account and routing numbers provided to or by scammers.
Seniors should be especially alert, as nearly half of scamming victims are age 60 or older and comprise 66% of reported losses, Guidestone said. “As of August 2023, losses have already exceeded those in 2022 by 40%.”
The recent alert isn’t the first Guidestone has issued to clients. In 2021, it warned faith groups about ransomware and cyber attacks aimed at churches and other ministries. “The most common story we hear involves a ministry staff member’s hacked email account sending a fraudulent message to the payroll administrator asking to change their payroll direct deposit information,” Guidestone warned then.
In most cases, the administrator sends an email to confirm the transfer and the scammer quickly agrees. After the change has been requested, the administrator makes the change in good faith. “It isn’t until the payroll money is pushed from the ministry’s bank account that the scam is discovered, and the staff member asks why he or she didn’t get paid.”
Most cybertheft is avoidable through vigilance and by implementing controls requiring potential hackers to provide multiple forms of identification to proceed with transactions, Guidestone said.