CLEVELAND, Ohio (WKBN) – The Cleveland office of the Federal Bureau of Investigation is warning Ohioans to be on the alert for what they have dubbed “The Phantom Hacker.”

The new scam involves someone impersonating technology, banking, and government officials in a ruse to convince typically older victims that foreign hackers have infiltrated their financial accounts, and the scammers instruct the victim to move their money to false U.S. Government accounts to “protect” their assets.

“These scammers are cold and calculated. They are targeting older members of our communities
in Northern Ohio and across the nation, who are particularly mindful of potential risks to their
life savings. The criminals are using the victims’ own attentiveness against them,” said FBI
Cleveland Special Agent in Charge Gregory Nelsen. “By educating the public about this
alarming new scam, we hope to get ahead of these scammers and prevent any further

The FBI has been investigating the scam which usually happens in three steps.

“They contact you and claim to be from tech support through a popup or through email or text and then convince the victim that they need to download some software so that they can run a virus scan to make sure that their computers are safe,” said Charles Johnston, with FBI Cleveland.

This gives the hacker remote access to the victim’s computer, and that’s when they convince the victim to open their financial accounts.

“The scammers tell them they’re going to be contacted by the fraud department of their bank or their financial institutions or even the U.S. government,” Johnston said.

The scam is very convoluted as the hackers will have the victim convinced after someone calls them pretending to be a government or bank official and tells them to move their money to another account for “protection.”

The three steps of the scam: (Source: FBI)

Step 1 – Tech Support Imposter
In the first step, a scammer posing as customer support representative from a legitimate
technology company initiates contact with the victim through a phone call, text, email, or a popup window on their computer and instructs the victim to call a number for “assistance.”
Once the victim calls the phone number, a scammer directs the victim to download a software
program allowing the scammer remote access to the victim’s computer. The scammer pretends to run a virus scan on the victim’s computer and falsely claims the victim’s computer either has
been or is at risk of being hacked. Next, the scammer requests the victim open their financial accounts to determine whether there have been any unauthorized charges – a tactic to allow the scammer to determine which financial account is most lucrative for targeting. The scammer informs the victim they will receive a call from that financial institution’s fraud department with further instructions

Step 2 – Financial Institution Imposter
In the second step, a scammer, posing as a representative of the financial institution mentioned
above, such as a bank or a brokerage firm, contacts the victim. The scammer falsely informs the
victim their computer and financial accounts have been accessed by a foreign hacker and the
victim must move their money to a “safe” third-party account, such as an account with the
Federal Reserve or another U.S. Government agency. The victim is directed to transfer money via a wire transfer, cash, or wire conversion to cryptocurrency, often directly to overseas recipients. The victim is also told not to inform anyone of the real reason they are moving their money. The scammer may instruct the victim to send multiple transactions over a span of days or months.

Step 3 – U.S. Government Imposter
In the third step, the victim may be contacted by a scammer posing as the Federal Reserve or
another U.S. Government agency. If the victim becomes suspicious, the scammer may send an
email or a letter on what appears to be official U.S. Government letterhead to legitimize the
scam. The scammer will continue to emphasize the victim’s funds are “unsafe” and they must be
moved to a new “alias” account for protection until the victim concedes. Victims often suffer the loss of entire banking, savings, retirement, and investment accounts under the guise of “protecting” their assets.

As always, never click on unsolicited popups, links sent via text message, email links or attachments. Don’t call the phone number in a popup, and don’t let anyone who has contacted you have control of your computer and the U.S. Government will never request you send money via wire transfer, cryptocurrency or gift cards.

Johnston also says not to download software at the request of someone you don’t know or allow anyone access to your computer.

Reporting Suspected Fraud
The FBI requests victims report these fraudulent or suspicious activities to the FBI Internet
Crime Complaint Center (IC3) at Be sure to include as much information as
possible, such as:

  • The name of the person or company that contacted you.
  • Methods of communication used, to include websites, emails, and telephone numbers.
  • The bank account number where the funds were wired to and the recipient’s name(s).