In the ever-evolving landscape of cybercrime, scammers will continue to devise new ways to prey on unsuspecting individuals. One of the latest and most sophisticated scams to emerge is the “Phantom Hacker” Scam. This elaborate scheme combines elements of three classic hacker techniques. The tech support scam, the bank scam, and the government employee scam, to deceive and defraud unsuspecting victims.
The Classic Tech Support Scam.
The tech support scam has been around for sometime now, and is a well-known and highly effective method employed by scammers to gain access to a victim’s computer, personal information, and, ultimately, their money. As you may know, it typically begins with an unsolicited phone call or pop-up message on a website claiming to be from a reputable tech company such as Microsoft or Apple. Scammers will then inform the victim that their computer, or security has been compromised by malware, and immediate action is needed to resolve the issue. Cybercriminals adopt the tech support scam approach to convince victims that their computer is at risk due to some sort of hacker who is purportedly trying to steal their data. This is done when they are instructed to download a remote access program on their computer so they can control the victim’s computer, and make some sort of fake virus scan. One notable scam includes opening the Command Prompt and running the “tree” command.
In the case of the Phantom Hacker Scam however, scammers may utilize your contact information by searching for your data ahead of time, and send a spam text message or email. These messages may also include data that pertains to you rather than your phone number or email address. This will consist of your name if they are able to automate it. Should the scam originate from a pop-up, scammers will search for the phone number or email that was unknowingly provided, and use what information that is available. Once the victim is on the phone, the scammer will instruct them to install a remote access program on to their computer so they can have control over their desktop. From this point, scammers will convince the victim that they have a virus on their computer. This is done by utilizing the Command Prompt, or by possibly going to a site that was made to deceive victims. In this particular scam, they will have the victim check their bank accounts. Rather than having the victim transfer money on the phone, scammers will instruct the victims to wait for a phone call from their bank’s fraud department, with another scammer pretending to be from their bank. Scammers will also trick victims into thinking that there is fraud on their bank account by remotely using the Inspect element on a browser to change a transaction. This is done by removing money or adding money.
Bank Impersonator Scam.
Bank scams revolve around tricking individuals into revealing their sensitive financial information or providing access to their bank accounts. Common bank scams often involve phishing emails, fake banking websites, or phone calls impersonating bank representatives. In the Phantom Hacker Scam, once victims are convinced that their computer is under attack, scammers will advise them using a fake Caller ID to check their online banking accounts. The reason that a fake number is used as a sort of layer of protection. With a spoofed number, individuals may search for that number and believe that this is their bank. Nevertheless, they guide victims to a fake website that replicates their actual bank’s page and instruct them to input their log in credentials. With these details in hand, the scammers can potentially gain unauthorized access to the victim’s bank accounts and execute fraudulent transactions to a foreign bank account. Additionally, these unauthorized transactions may be irreversible by having them wired or include cryptocurrency.
The Government Employee Phase.
To further complicate the deception, the Phantom Hacker scammers may impersonate government employees, alleging that their investigation has uncovered a connection between the victim’s computer issue and criminal activity. This phase could potentially happen if the victim gets suspicious. Another scammer will claim that they are from a government institution and ask or demand that the victim must cooperate with their investigation by providing sensitive information or making payments to avoid legal consequences. According to the FBI, emails are also sent that contain a letterhead that may be convincing. Additionally, physical letters are apparently sent. However, I have not heard of this happening.
The “Phantom Hacker” Scam represents a troubling fusion of three classic hacker techniques. The tech support scam, the bank scam, and the government employee scam. This elaborate scheme preys on fear, trust, and urgency to manipulate victims into revealing sensitive information or making unauthorized payments. It is essential to remain vigilant and recognize the warning signs of such scams to protect yourself and your financial assets. Always verify the legitimacy of unsolicited contacts, use reputable security software, and never share sensitive information or access to your computer without proper verification.
