Scammers posing as bank officials and federal agents are draining savings accounts by telling people to move their money into a “safe” account or convert it to cryptocurrency. The Federal Trade Commission (FTC), the FBI, and the Department of Justice (DOJ) have each issued direct warnings that no legitimate institution will ever make such a request. The pattern has a name: the “Phantom Hacker” scam, and it has hit older adults especially hard, with some victims losing their entire life savings.
Why “move your money to protect it” calls are surging
The core trick works because it mimics real fraud alerts. A caller claims to be from a victim’s bank or a government agency, warns that an account has been compromised, and then instructs the target to wire funds or visit a Bitcoin ATM to “secure” the money. The destination account is controlled by the scammer, sometimes falsely described as a special account with a federal authority. In a public service announcement, the FBI’s Internet Crime Complaint Center warned that scammers often pretend to route funds into a “government-controlled” account, including bogus references to the Federal Reserve, but the money simply disappears into criminal wallets. Between January and June 2023, the FBI recorded thousands of these complaints, with losses concentrated among people over 60.
One question worth tracking is whether complaint volume for these scams rises fastest in areas where cryptocurrency ATM installations have grown most sharply since 2022. Crypto kiosks give scammers a fast, hard-to-reverse payment rail. The FBI stated in a 2022 public service announcement that no legitimate law enforcement or government official will request payment via prepaid cards or cryptocurrency ATMs. Yet the machines keep multiplying in convenience stores and gas stations, and federal data has not yet broken out complaint volume by local ATM density. That gap makes it difficult to measure how much the physical infrastructure itself accelerates the fraud.
Federal agencies spell out what they will never do
The FTC put the rule in plain language in a March 2024 consumer alert: it will never tell someone to move money to “protect” it, never send anyone to a Bitcoin ATM, never tell a consumer to buy gold bars, and never demand cash withdrawals to hand to someone in person. Those four statements, published in an FTC release warning about impersonation of agency staff, form the clearest official test a consumer can apply to any suspicious call.
The Consumer Financial Protection Bureau has reinforced the same principle from the banking side: banks and credit unions do not ask for account information through email or text message. The FBI’s cyber division has added that companies generally do not contact customers to ask for usernames, passwords, or one-time passcodes. Taken together, these statements from multiple federal bodies create a bright line. Any caller who crosses it, by asking someone to move funds, share login credentials, or visit a crypto kiosk, is not who they claim to be.
The DOJ’s 2024 Elder Justice Act annual report documents the same mechanics in cases targeting older adults. Scammers manufacture a “serious problem,” such as a compromised Social Security number or a pending arrest warrant, and then offer a solution: move money to an account the scammer controls. The DOJ treats this instruction as a well-established fraud pattern, not an emerging one, which means investigators now see it as a standard script rather than a novel twist. That recognition has helped prosecutors frame charges around coordinated “tech support” and “government imposter” schemes instead of treating each case as an isolated incident.
Inside the “Phantom Hacker” playbook
Federal investigators describe the Phantom Hacker scam as a layered operation that can involve several different impostors. In many cases, a first caller claims to be from a well-known technology company and insists the victim’s computer has been hacked. After gaining remote access or alarming the target with fake diagnostic screens, the scammer transfers the call to a supposed bank representative or federal agent. According to an FBI podcast on the scheme, this handoff is deliberate: each “specialist” appears to confirm the previous story, building credibility while steering the victim toward larger and larger transfers.
Older adults are especially vulnerable because scammers pressure them to act quickly and keep the situation secret. Victims are told not to speak with branch employees, family members, or local police, on the pretext that “insiders” might be involved in the supposed breach. By the time the target realizes no one at their bank or the government actually ordered the transfers, the funds have usually been laundered through multiple accounts or converted into cryptocurrency.
How consumers can push back
Federal agencies emphasize a few simple defenses. Hang up on any unsolicited call that demands immediate movement of money, even if the caller ID appears to show a familiar institution. Then, using a phone number from a bank card, statement, or official website, contact the institution directly to verify whether there is a problem. Refuse any instruction to buy cryptocurrency, gift cards, or gold bars as a way to “protect” assets, and never share one-time passcodes or full account credentials with someone who contacted you first.
For families, especially those with older relatives, the most effective step may be a direct conversation about these specific scripts: a fake bank alert, a supposed federal agent, and an urgent demand to move money. The more familiar these red flags become, the less persuasive they are when a scammer calls. And if someone does fall victim, reporting quickly to their bank and to federal authorities can sometimes limit losses and, in the aggregate, helps agencies track where the Phantom Hacker is striking next.