This ghost attack is back in the news: be careful.
Republished on January 16 with new reports on AI call hacking and the FBI’s own challenges to Chinese hackers infiltrating US networks.
It starts with a simple call, a message, a pop-up, but it ends with a loss that could change your life. It’s a dangerous enough threat that Google has updated Android to protect its users. While there are plenty of warnings about which apps you shouldn’t install on your phone or laptop, it’s much simpler. You should Never install these apps.
The FBI called this threat “the ghost hacker“, and it made headlines again this week, with the bureau warning that “it grows quickly”, that “scammers don’t discriminate against anyone – they want money from anyone.”
The concept is simple, explains the FBI: “Scammers pose as bank representatives to convince victims that hackers have infiltrated their financial account. Victims are urged to move their money quickly to protect their assets. In reality, there was never a hacker and the money transferred is now completely controlled by the scammer.
There are variations on this theme, such as attacks from scammers pretending to be tech support representatives. But the most effective attack remains that of the bank representative. You will eventually speak to a convincing (albeit fake) bank representative who will help you transfer your money from the “hacked” account to a new, secure account, to prevent your money from being stolen. You’re told it’s urgent and it’s happening now, giving you no time to think. In reality, you are transferring your money to an account controlled by the scammer.
While these attacks may simply require you to approve a transaction in your banking app, many calls “ask the victim to download software that allows the scammer to remotely access the victim’s computer.”
We tell you it’s to stop the imaginary computer hacker. “The scammer asks the victim to open their financial accounts to determine if there have been any unauthorized debits – a tactic that allows the scammer to determine which financial account is the most lucrative to target. The scammer informs the victim that they will receive a call from that financial institution’s fraud department with further instructions.
The rules for staying safe are stupidly simple.
- Never install an app when a supposed tech support or banking person who contacted you sends you a link or directs you to a website.
- Your bank or credit card company will never call to ask for security credentials. If this is the case, you always have the right to call him back through the usual channels to ensure that he works for the institution he claims to have.
- Never Never move money anywhere at the request of someone who contacted you by phone. This will never be a real solution. If they work for the bank like they say, they can stop the transaction – think about it.
Google has added scam call protection to its latest Android operating system to protect you in several ways. It can deploy AI on the device to listen to calls and report when it suspects a scam, such as a supposed bank representative asking you to make a transaction. And like Android Authority explains, this “will also prevent users from disabling Google Play Protect during voice calls to prevent criminals from tricking users into installing malicious apps on their devices.”
Whatever happens, you should never, Never install an app on your phone or laptop if a tech support or bank representative asked you to do so during a call. The only exception is when you have contacted directly using normal channels. For example, you can use an app to send photos, run a live video link, or diagnose a system crash. But you don’t do that when it’s an incoming call or message.
Below you’ll find all of the FBI’s tips for keeping ghost hackers at bay: If you think you’ve been a victim of such a crime, you can report it to the FBI’s Internet Crime Complaint Center (IC3), which you can find at www.ic3.gov.
- Do not download software at the request of a stranger who contacted you.
- Do not click on unsolicited pop-ups, links sent via text messages, email links, or attachments.
- Do not contact the phone number provided in a pop-up, text message, or email.
- Do not let an unknown person who contacted you take control of your computer.
The Bureau is not immune to attacks on its own appeals, although those tend to be more complex and have deeper implications. A few weeks ago, the FBI warned smartphone users to stop texting and instead use end-to-end encrypted messages. This followed widespread hacking of US networks by the Chinese hacking group Salt Typhoon. But by Bloomberg On Thursday, the bureau reportedly warned agents that some of its own call logs stolen from AT&T during the attacks could help identify sources and perhaps even informants.
It also seems that if you’ve been the victim of a real phone scam, you’re in good company too. This could really happen to anyone. As CNN reported Thursday: “Even world leaders receive scam calls; just ask the Thai Prime Minister.
The party leader “revealed that she received a call from an AI system, demanding money through the voice of another famous government leader. Paetongtarn Shinawatra did not reveal who the computer was impersonating, but said she received a message with a voice identical to that of a well-known leader. “The voice was very clear and I recognized it immediately. They first sent a voice clip, saying something like: “How are you?” I want to work together,’ and so on,” Paetongtarn said, adding that whoever sent the message “probably used AI to take the voice” of the unnamed world leader.
This is a different level from the bank rep scam and relies on using AI to imitate voices well enough to lure in a victim. Coming full circle, the FBI also warned users to be wary of this scary new threat in a special advisory last month.
“Generative AI” he warned“takes what it has learned from examples entered by a user and synthesizes something entirely new based on that information…Criminals can use AI-generated audio to impersonate public figures or well-known personal connections in order to obtain payments. » Something else to watch out for.
