FBI San Francisco describes a financial impersonation scam in which victims are told a hacker exists and that a financial institution’s fraud team will follow up. The scam relies on engineered instructions that steer people toward fraudulent payment or account actions.

FBI San Francisco previously warned the public about a scam pattern often referred to as the “Phantom Hacker.” In this scheme, criminals convince victims that their finances are under attack and that immediate steps are required. The story describes how fraudsters use a fabricated narrative—sometimes claiming that a hacker has been detected—to motivate victims to follow next-step instructions. A key component of the scam is the impersonation structure: the victim is led to believe a legitimate financial institution or its “fraud department” will provide official instructions. Instead, the communications function as a fraud funnel. By escalating fear and urgency, the scammers attempt to suppress verification behaviors that would normally prevent harm. The FBI’s emphasis is on caution and verification. Victims are urged to be skeptical of unsolicited claims and to ensure any instructions are confirmed through trusted, known channels (for example, contacting the institution using independently sourced contact information rather than relying on instructions from the caller). While the specific alert is dated, the underlying tactic remains common across many impersonation scams: a false security incident, followed by authoritative-sounding payment or account guidance. For consumer awareness campaigns, this provides a recognizable template to help people spot and resist escalation attempts.