🚨 FBI Warns of $1 Billion Phantom Hacker Scam Targeting Seniors

WEEKLY SCAM ALERTS
Week of September 14, 2025

• Woman Sentenced to 10 Years for Stealing $1.4 Million from Elderly Victim

• Map Shows States Where Seniors Are Most At Risk of Fraud

• Time’s Kid of the Year is Building a Platform to Protect Seniors from Scams

SENIOR SCAM NEWS
The Phantom Hacker Scam Explained: 8 Convictions, $1B+ in Losses, and How to Shut It Down

This week’s story shows how quickly a clever scam can turn a lifetime of savings into thin air. In federal court in Ohio, the last of eight defendants tied to a coordinated “Phantom Hacker” network was just sentenced. Their scheme—part tech-support scam, part government impostor ruse—tricked older Americans into handing over cash, wiring funds, and even buying gold bars. And while this crew is headed to prison, the larger scam is still going strong nationwide.

Let’s break down what the courts decided, how the three-phase Phantom Hacker scam actually works, and the simple moves that stop it cold.

What just happened in court

In the Northern District of Ohio, U.S. District Judge Jeffrey Helmick handed down a 46-month sentence to Kishan Vinayak Patel, 26, following his conviction at trial for money laundering conspiracy. His co-defendant Pramay Kumar Mamidi, 27, was previously sentenced to 60 months. The court also ordered Patel and Mamidi to pay nearly $4 million in restitution, jointly and severally, to victims across Ohio, Michigan, Illinois, and Indiana.

Six other members of the same case had already pleaded guilty to money laundering charges and received prison terms:

• Hiren Jagdishbhai Patel, 33 (Columbus): 39 months

• Dileep Kumar Sakineni, 26: 72 months

• Balaji Rakesh Mulpuri, 26: 27 months

• Avi Jitendrakumar Patel, 22: 33 months

• Sai Hruthik Thodeti, 25: 24 months

• Srinivas Ravi Valluru, 31: 60 months

Prosecutors described these eight as money launderers for global Phantom Hacker crews, moving tens of millions siphoned from seniors through wires, cash pickups—and in some cases, gold bar hand-offs to impostors posing as law enforcement.

Victims were told their accounts were “compromised” or their assets were being seized; the only way to “protect” the money was to move it quickly—to the scammers. Ohio victims in this case included residents of Lima, Goshen, Sunbury, and Zanesville.

The good news: this particular group is off the streets. The bad news: the Phantom Hacker machine keeps cranking elsewhere—and the FBI and the New York Attorney General say losses since 2024 exceed $1 billion, with most victims age 60+.

The 3-Phase Phantom Hacker scam (and why it works)

Think of this con as a relay race—three impersonators passing you from one “authority” to the next, each making the lie feel more official:

Phase 1: The “Tech Support” hook

• It starts with a pop-up, text, email, or call warning that your computer is infected or your account is hacked.

• You’re told to call a number or click a link.

• The “technician” asks you to install remote access software “so they can help.”

• Once in, they have you open your bank or investment accounts “to look for unauthorized charges”—really, they’re checking your balances and which institutions you use.

• They warn you: “Expect a call from your bank’s fraud team.”

Why it works: Fear (I’m hacked!) plus authority (they sound helpful and technical) plus proof (they’re moving your cursor—very convincing).

Phase 2: The “Financial Institution” hand-off

• A new voice calls, claiming to be your bank’s fraud department. Caller ID may even show the bank’s real name (thanks to spoofing).

• They insist your bank is compromised by foreign hackers.

• The “only safe step” is to move your funds—by wire transfer, by cash/gold handoff to a courier, or even into crypto—to a “protected third-party account,” often falsely named as the Federal Reserve or a U.S. government account.

Why it works: You now think two separate institutions agree you’re under attack. It feels urgent and coordinated.

Phase 3: The “Government” seal of legitimacy

• Yet another caller claims to be from a U.S. agency (FBI, DOJ, Federal Reserve).

• If you hesitate, they send a fake letter or email on official-looking letterhead.

• They demand secrecy (“Telling your banker/family could tip off the hackers”) and sometimes script what to say at the branch.

Why it works: Authority stacking—tech support + bank + government—overwhelms your instincts. Add secrecy and speed, and even thoughtful people can be rushed into life-altering decisions.

Cash, wires, or gold: why they push certain payments

• Wires clear fast and are tough to reverse.

• Cash/gold pickups bypass bank fraud filters entirely. We’re seeing more gold bar buys and parking-lot hand-offs to “agents” because metals leave fewer digital breadcrumbs.

• Crypto is instant and can bounce across wallets worldwide.

Bottom line: if someone says your money is at risk and you must move it immediately—that’s your cue to stop.

10 hard rules that block the Phantom Hacker

1. Never call the number in a pop-up, email, or text.

2. Never install remote access software at a stranger’s request.

3. No one legitimate will ask you to move money to “government safekeeping.”

4. No secrecy. Real investigations don’t tell you to hide things from your bank or family.

5. Hang up and verify using a number you already know (from your card or bank website).

6. Set a family rule: A surprise money request = call a trusted relative before doing anything.

7. Ask your bank for withdrawal/wire alerts and a “trusted contact” note on the account.

8. Slow it down at the branch. If you’re moving a large sum, ask to speak with a branch manager and request a fraud check.

9. Lock down devices: Use automatic updates, strong unique passwords, and two-factor authentication on email and banking.

10. Post less personal detail publicly; scams are tailored from what you share.

“I already let them in. What now?”

Act fast and work down this list:

• Disconnect from the internet, power down the device.

• From a different device, change your email and bank passwords; enable two-factor authentication.

• Call your bank’s fraud team (use the number on your card/statement). Ask for a fraud hold and review recent wires/withdrawals.

• If you bought gold or cashiers’ checks, call the dealer/branch immediately to flag the transaction; ask about cancellation/hold options.

• File at IC3.gov (FBI Internet Crime Complaint Center).

• Save everything: pop-up screenshots, caller IDs, emails, remote-access logs, wire receipts, tracking numbers, and any “official” letters they sent.

• Take the affected device to a trusted local tech for malware removal.

Why we share sentencing news

It’s not about scaring you; it’s about recognition. When you see the pattern—pop-up → bank call → government call → secrecy + speed—you’ll spot it a mile away. The Ohio case proves that reporting works: victims’ courage + coordinated law enforcement = arrests, convictions, restitution. That’s how we change the odds.

Your Voice Could Be the Turning Point

If something feels wrong—it probably is.

Scammers count on silence. They rely on embarrassment to keep you quiet. But reporting a scam doesn’t make you a victim—it makes you part of the solution.

Whether you caught the scam in time or handed over money, your story can help catch criminals, protect others, and recover losses.

📢 What To Do If You’ve Been Targeted

If you're over 60 or helping a loved one navigate fraud, take action right away:

• 📞 Call the National Elder Fraud Hotline:
  1-833-FRAUD-11 (1-833-372-8311)
  Trained professionals will guide you through the next steps—confidentially and with compassion.

• 💻 Report it online at the FBI’s Internet Crime Complaint Center:
  www.ic3.gov

• 🚔 Contact your local police department, even if the scam “didn’t work.” Every report builds a case.

What to Include in Your Report:

✅ Names, emails, or numbers used by the scammer
✅ Any websites, pop-ups, text messages, or voicemails
✅ Details of any money moved—cash, wires, gold, crypto—plus dates and amounts
✅ Screenshots, receipts, device logs, or shipping/meeting details

Stay safe, share this with a friend who needs it, and remember: no bank, tech company, or government agency will ever ask you to move your money to “protect” it.