FBI ‘Billion Dollar’ Hacker Warning—Do Not Install This App
FBI billion dollar hacker warning
NurPhoto via Getty Images
Republished on August 30 with detailed advice on keeping families safe from the dangerous hacker threat that’s now surging across the U.S.
This dangerous scam is coming for you or someone you know. That’s the crux of the FBI’s latest warning, as U.S. citizens lose a billion dollars to hackers through one easy mistake. Once you know, you know, and you can’t be scammed. But this attack preys on elderly and other vulnerable citizens, and so it’s critical you also warn others.
This is the so-called phantom hacker attack, which was already a major threat but has been “growing rapidly” over the last 12-months. The lure is simple and alarming and has “cost Americans over $1 billion at least since 2024, according to the agency.”
It starts with a phone call from your bank or a message to call your bank. On that call, you’re warned that one of your devices has been hacked and your accounts are now at risk. It’s urgent that you act immediately before your money is stolen by the hackers.
The caller instructs you to download software to scan your PC for malware, which will then stop the hacker in their tracks. Once that’s done, they ask you to open and check your accounts to make sure there are no unauthorized transactions.
There is no hacker behind the scenes — you’re talking to the hacker. As you browse your accounts, they are watching via the software you just installed. Now they know where your money is and they set about stealing it from you.
“The concept is simple,” the FBI explains. “Scammers impersonate bank reps to convince victims that hackers have infiltrated their financial account. Victims are urged to move their money fast to protect their assets. In reality, there was never a hacker, and the money that was wired is now fully controlled by the scammer.”
The next steps can vary, but in short you receive a follow-up call from the bank’s fraud department instructing you to move your money from the compromised account to a safe harbor account. They know which accounts to target — the most lucrative.
As the bureau sets out: “The scammer requests the victim open their financial accounts to determine whether there have been any unauthorized charges – a tactic to allow the scammer to determine which financial account is most lucrative for targeting. The scammer informs the victim they will receive a call from that financial institution’s fraud department with further instructions.”
Naturally, you’re suspicious. But the convincer is the third step — a call, email or even a letter from a U.S. government agency backing up the lure. Your accounts are at risk from a foreign hacking group. You need to move your money. They’re here to help.
The latest FBI warnings focus on vulnerable citizens. “The FBI said the scam targets senior citizens and warns that victims could lose their ‘life savings’,” per Fox News.
I’m a big fan of keeping things simple. Just as with the plague of Chinese-originated text messages targeting Americans for unpaid tolls or DMV fines, where the key is never clicking any link and assuming every one of these texts is a scam.
With the Phantom Hacker attacks, the key threat marker is the software app not the calls or the lures or the emails or the letters. Keep the advice ruthlessly straightforward. Never, ever install an app or any software suggested on a call or by email or text or popup. If you refuse to install the software, this scam falls apart.
Cequence Security’s Randolph Barr says “one of the greatest heartaches is not being able to help our elders when they’re taken advantage of, especially after they’ve worked so hard to build and preserve their life savings. It’s bad enough that these scams already target seniors, but AI will make them far more convincing and scalable.”
The Phantom Hacker scam
FBI
“Do not download software at the request of an unknown individual who contacted you,” the FBI says in its Phantom Hacker advisory. And “do not allow an unknown individual who contacted you to have control of your computer.”
Black Duck’s Aditi Gupta says “the simplicity of this scam is what makes it particularly convincing. Attackers exploit the trust associated with phone calls, making it easier to deceive vulnerable individuals. The straightforward, step-by-step instructions to install an app or perform other actions add to the scam’s credibility.”
There is a new variant to this type of scam — screen sharing over messaging apps. But again, keep the advice simple. You must never share your screen if asked to do so on a call, whether they call you or you call them after a popup or message prompt.
This advice extends to tech support call scams as well, where the attackers will also convince their victims to install software on their devices. Just say no — always.
Barr says the focus needs to be helping keep elders and other vulnerable friends and family members safe. “The mindset here is simple: just as we protect children with parental locks, we need to protect seniors with ‘family-assisted locks’.”
That means “if a senior is asked to install software, move money, or change settings, the process should automatically bring in a trusted family member as the ‘additional factor’ before anything irreversible happens.”
“If you receive suspicious requests or messages, verify the authenticity by contacting the source directly,” Gupta says. “Call your bank using a different phone line or a number obtained from their official website or consider visiting the nearest branch in person to confirm the legitimacy of the request. Lastly avoid taking any immediate action related to installing applications or transferring money until you’ve verified the request.”
Barr says “families need ways to act as that last line of defense. As children of seniors, we can put in place what I’d call ‘Senior Lock’ controls, similar to child locks—only designed to protect against scams. He recommends the following:
- “Restricted installs: Configure devices so apps cannot be installed without a parent passcode or family approval. You, as the child, become the “second factor” for installs.
- Non-admin accounts: Ensure seniors use accounts without administrator rights. Only the caregiver/child holds admin access, so scammers can’t trick them into downloads or settings changes.
- Transaction alerts & dual authorization: Many banks allow alerts for large transfers or even require an additional confirmation. By setting this up, you can be the “second factor” before money leaves an account.
- Spending & account segmentation: Maintain a small daily-use account for normal expenses, and keep larger savings in accounts with stricter controls that require family involvement.
- Communication filters: Enable caller ID filtering, spam protection, and MFA to reduce exposure to phishing attempts.
- Routine reviews: Families can normalize device and account check-ins—where the child literally acts as an extra set of eyes, validating that nothing unusual has happened.”
Meanwhile, the FBI’s original Phantom Hacker advice remains valid:
- “Do not click on unsolicited pop-ups, links sent via text messages, or email links or attachments.
- Do not contact the telephone number provided in a pop-up, text, or email.
- Do not download software at the request of an unknown individual who contacted you.
- Do not allow an unknown individual who contacted you to have control of your computer.
- The US Government will never request you send money via wire transfer to foreign accounts, cryptocurrency, or gift/prepaid cards.”
While the Phantom Hacker attack is designed specifically to drain your bank accounts, there are plenty of variants relying on tricking you into installing dangerous software that either gives an attacker a view of your device or hijacks it completely.
However the ruse is presented, just make sure family and friends are clear that you never install software when asked in this way. It’s always a threat.