Question: I’ve seen “phantom hacker” all over the news, but they didn’t say exactly how this scam works. I know not to click on unsolicited links, but this seems more sophisticated. How does it operate?

Answer: Multiple criminals might work together to pull off this double- or even triple-impersonation scheme, and “social engineering” (psychological manipulation) is a major factor — the thieves don’t rely solely on technical skills (hacking) to steal the money. Victims are fooled into handing it over. The FBI’s public alert at 808ne.ws/3PRSx5a explains how the multiphase scam operates. Here’s a summary:

>> Phase 1, tech support imposter: A scammer posing as an employee of a real company contacts the potential victim via phone, text, email or a pop-up window on the victim’s computer, telling the victim to call for customer service “assistance.” If the person calls the number, they are told to download a software program that allows the scammer to access their computer remotely. The criminal pretends to scan the victim’s computer for viruses and then falsely claims the computer has been or can be hacked. Next the scammer tells the victim to log in to their financial accounts online to check for unauthorized charges. As the victim does so, the scammer observes the accounts and silently decides which one to target — generally, the one with the most money in it. At this point the scammer tells the victim to expect a call from the chosen financial institution’s fraud department telling the victim how to secure their account.

>> Phase 2, financial institution imposter: A scammer posing as an agent from the financial institution mentioned in Phase 1 contacts the victim and falsely informs them that their computer and financial account(s) have been accessed by a foreign hacker. The scammer says the only way the victim can protect their money is to move it to a “safe” third-party account with the Federal Reserve or another U.S. agency. The scammer tells the victim how to make the transfer (such as via a wire transfer or cryptocurrency) and instructs the victim not to tell anyone why they are moving assets. Transfers might occur over days or even months. The money doesn’t go to a “safe” account. It often go directly overseas.

>> Phase 3, U.S. government imposter: Depending on how the victim has reacted so far, a scammer posing as an employee of the Federal Reserve or another U.S. agency might contact the victim. If the victim seems to doubt the government imposter, the scammer might follow up with an email or letter on what appears to be official U.S. government letterhead. Throughout the scam the con artist will falsely claim that the victim’s money isn’t safe and must be moved to an “alias” account.

Many potential victims believe they would never fall for such a scheme, but once a person has made the mistake of clicking on a malevolent link or attachment, or calling an unsolicited number, they can find themselves caught in the web of highly persuasive professional con artists who use a mix of guile, urgency, intimidation and technical proficiency to fool people into handing over their life savings.

The FBI’s tips for avoiding this fate? Don’t click on unsolicited pop-ups, links or attachments; don’t call unsolicited phone numbers; don’t download software at the behest of an unknown person who contacted you; and don’t give such a person remote access to your computer.

If you have any concern about your financial accounts, contact your financial institution directly, via a contact you are certain is genuine.

Also remember: The U.S. government will never ask you to send money via a wire transfer to a foreign account, using cryptocurrency or a prepaid gift or debit card.

If you are targeted by this or a similar scam, report it to the FBI.

Write to Kokua Line at Honolulu Star-Advertiser, 500 Ala Moana Blvd., Suite 7-500, Honolulu, HI 96813; call 808-529-4773; or email kokualine@staradvertiser.com.