'Ghost hacking'- Scam that targets dead people

It was two weeks after her mother's death, and Melanie's grief was just starting to subside when a notification popped up on a younger relative's phone.

To the family's horror, it was a Facebook DM from her deceased mom. 'Hello how are you doing today?' the message read.

Reading it set off a cascade of emotions in Melanie - for a split second there was a glimmer of hope that she could still be alive. 


Then came the sudden realization something more sinister was at play.

Melanie - who asked to remain anonymous to prevent the family from being targeted again - was the victim of a rising new scam, 'ghost hacking'. 

Ghost hacking sees hackers target the accounts of recently deceased people, either for direct theft, or to message family members with scams. 

Melanie says that her mother, who had passed away after a short illness, started to message family members from a cloned Facebook account.

Melanie believes hackers may have been looking at obituaries or local news reports of recent deaths to find victims to target.

She told 'It was quite distressing not only for me but for my wider family because mom was such a character within the family. '

In Melanie's case, the hacker contacted a young family member at university saying that Melanie's mother had recently found a brilliant investment opportunity.

Melanie said: 'The conversation started with a simple, 'Hello, how are you doing?' and then the hacker moved on to a scam about compensation payments worth $150,000.

Melanie said that the hacker appeared to be using a cloned Facebook account, and it was 'incredibly difficult' to get in contact with Facebook to stop it.

The family had not thought about dealing with her mother's online accounts due to the rapid events of her mother's death.

'I want to stop other people having to go through the same thing we did,' said Mel.

'You need to think about the person's digital presence while they are still alive - and think about your own in case the worst happens.'

Hackers use obituaries to identify people who have recently passed away, and try to hack into email and social media accounts.

Hackers then often attempt to either drain bank accounts and retirement funds, or take out loans in the deceased person's name.

Sometimes the hackers use the person's email and social accounts to send spam and scams to relatives .

It's easier to take control of dead people's accounts because no one is monitoring the activity, and once inside email, for example, hackers can move on to more valuable financial accounts.

Patrick Tiquet, VP of security and compliance at Keeper Security said, 'Cybercriminals can use obituaries, social media profiles and public records to seek out the deceased, and the potentially vulnerable accounts they have left behind.

'Then, using sophisticated techniques, bad actors can launch cyber attacks to breach these 'ghost' accounts – exploiting weak passwords, forgotten security questions or even leveraging stolen credentials obtained from previous data breaches.

Hackers can 'put together' data from previous leaks, or from details shared online, to gain access to 'ghost' accounts, Tiquet warns.

Tiquet says, 'Cybercriminals wait for their opportunity to strike, targeting individuals of all ages, backgrounds and walks of life– both in life and after people have passed.

'Data breaches happen every day that can compromise that Personally Identifiable Information (PII) and this treasure trove of data finds its way onto the dark web, where it's eagerly bought and sold. Cybercriminals can use this stolen information to perpetrate further crimes, such as identity theft or financial fraud, which can leave families reeling as their loved one's legacy is tarnished by unseen hands.

The key to avoiding falling into the clutches of 'ghost hackers' is to think ahead, and set up options to 'memorialize' accounts - or ensure that a family member is on hand to memorialize or delete accounts.

Facebook and Google, for example, offer the option to establish a legacy contact who can take over the account after death.

Tiquet says, 'Taking a digital inventory of your online presence, assets and liabilities; designating a digital heir to receive your credentials and assets; and coming up with a plan such as storing credentials and personal documentation in a secure password manager that can be passed on to your digital heir, will ensure your digital presence can rest in peace.

'Safeguarding our digital legacies isn't just about protecting our online endeavours today; it's also about shielding our loved ones from the spectre of cyber threats that linger after we've departed.' –