The FBI’s Internet Crime Complaint Center (IC3) says that the elderly are more at risk from falling victim to online fraud and internet scammers than ever before.
In fact, according to the IC3's latest published annual report, seniors suffered a staggering US $4.885 billion dollars worth of losses last year - a 43% increase from 2023.
With an average loss of US $83,000 and an astonishing 7,500 complainants reporting that they have lost in excess of US $100,000, it's clearly essential that more is done to raise awareness amongst those who are vulnerable.
A recent posting on Twitter by the FBI's Los Angeles division highlights one of the ways in which scammers are defrauding senior citizens of their life savings.
The so-called "Phantom Hacker" scam is a three-pronged attack which sees fraudsters use a combination of social engineering and technology to convince victims into giving them access to funds.
As a 2023 advisory from the IC3 explains, "Phantom Hacker" scams are an evolution of the well-known tech support scam, where individuals are contacted by someone claiming to be a customer support representative offering to "fix" a computer, sometimes on the pretext that it has been hacked or infected with malware.
What makes a "Phantom Hacker" scam different from the typical tech support scam, is that it adds additional layers, where scammers pose as not just support staff but also as bank workers, and even government representatives, in an attempt to engender more trust from the victim and ultimately steal a large amount of money.
The scam, as IC3 explains it, works like this.
Phase 1: The tech support imposter
A potential victim is contacted via phone, a website pop-up, or email telling them that their computer has a problem, and to contact "technical support" at a particular phone number.
The intended victim calls the number, and the scammer will often claim to work for a well-known software company or computer manufacturer. The vicim is tricked into running a scan of their PC, which may appear to check if there is a security problem that needs to be fixed. Of course, if a scammer is speaking to you there is always a problem with your computer that needs to be fixed.
The victim next tricked into downloading remote access software, which allows the scammer to spy upon their screen, as the victim logs into their bank accounts to see if there has been any unauthorised access.
The scammer decides on which financial account they wish to target, and tells the victim that they will soon be contacted by someone at the financial institution.
Phase 2: The financial institution imposter
Someone claiming to be a representative of the bank, financial firm, or cryptocurrency exchange, calls the victim - and false warns that a hacker has compromised their accounts and to transfer their funds to a supposedly safe third-party account controlled, they claim, by a trustworthy US government agency.
The scammer directs the victim to use a wire transfer, cash or cryptocurrency payment - which will often go directly into the pockets of overseas fraudsters. It is not uncommon for the victim to be instructed to make multiple money transfers over several days or even months - draining their life savings.
Finally, the scammer tells the victim not to inform anybody of the real reason why they are moving their funds.
Phase 3: The US government imposter
As a final push, scammers may impersonate Federal Reserve or other government officials — sometimes even sending fake letters on official‑looking letterhead in an attempt to make the scam appear more legitimate, and pressure victims to comply.
Throughout the process, the scammers emphasise to the victim that their funds are not safe unless they are moved to an account under their protection.
Many of us with elderly loved ones have found out the hard way that they can be naturally more trusting, compared to those of us who have spent a greater proportion of our lives guarding ourselves and our assets against internet scammers.
We should not assume that older members of our families, elderly friends and neighbours, are necessarily as aware as we might be about online threats, and all do our part to offer sensible advice and guidance.
The FBI's own advice is straight forward:
- Do not click on unsolicited pop‑ups, texts, or links.
- Never download software at the request of somebody you do not know.
- Never allow remote access to your device from unknown parties.
- Remember that the US Government will never ask you to transfer money via wire, cryptocurrency, gift cards, or overseas accounts.
Anyone targeted by such scams is advised to report incidents immediately to their local FBI field office, and the IC3, sharing full details of what happened.
Editor’s Note: The opinions expressed in this and other guest author articles are solely those of the contributor and do not necessarily reflect those of Fortra.
Cybercrime Intelligence Shouldn't Be Siloed
Fortra® experts are dedicated to protecting organizations and the public by delivering the latest insights, data, and defenses to strengthen security against emerging cyber threats.
