SAN FRANCISCO (KGO) -- A new cryptocurrency scam circulating the Bay Area is haunting victims with a new threat - taking control of their mobile device. And the victims may not even know it.
All it takes is one wrong click and your privacy could be exposed.
"It's just been a nightmare," said a Bay Area man, who lost $1.2 million dollars from the scam.
"I feel so bad for my family for what I did to them," said a Bay Area software developer, who lost her retirement -- $1.3 million.
The two are victims of a scam known as pig butchering that's targeting Asian Americans in the Bay Area.
The scam starts when a suspect meets a victim on a dating website or social media platform and builds a fake relationship - metaphorically fattening them up like a pig - with the end goal to get the victim to invest in crypto. But, unlike traditional romance scams, this fraud is much more advanced. Investigators say the scammers often research their victims aiming to prey on vulnerable people.
U.S. Secret Service Special Agent Shawn Bradstreet told the I-Team cases have tripled across California so far this year - specifically targeting victims in Silicon Valley.
"The criminal organization has definitely expanded," Bradstreet said.
The New Threat
Within the past few weeks, investigators say the scam is developing a new threat: counterfeit malicious apps that grant access to your personal information.
"They have a lot of access into your mobile device," said Bradstreet.
Investigators warn scammers will send victims a link to what appears to be a legitimate crypto trading app or platform - but upon downloading the app, scammers are getting access to their victims' device.
"The apps are very compelling... in some cases it looks just like any other app," said U.S. Secret Service Financial Analyst Andrew Frey. "A very convincing scheme here."
The ABC7 News I-Team sat down with the nation's first "Digital Asset Technology Alliance" (DATA) staffed by the U.S. Secret Service to crack down on these crimes.
Hacking into your Personal Data
Special Agent Frey explains victims caught up in this part of the scheme are downloading counterfeit apps like "CoinBaseBIT" and "Kraken" - which are impersonating legitimate crypto-trading companies.
Stephanie Sierra: "What happens if you download the app?"
Andrew Frey: "First of all, it's going to require you to provide different permissions to your phone."
Those permissions are granted once you download the app -- giving scammers the ability to remotely turn on your microphone or remotely turn on your camera.
And it's not just access to your microphone and camera, but to most of the data on your iPhone - including your photos and your exact location.
"And it can be as exact as the longitude and latitude of where you're actually located at the time," said Bradstreet.
Investigators say the suspects may also have the ability to read and write on your phone.
Stephanie Sierra: "They can read and write on the phone?"
Shawn Bradstreet: "Yeah, so some of the links and counterfeit and malicious apps that you're downloading do have read and write capability and they have access to your email."
The Red Flags
In some cases, victims are provided a URL to download an app via WhatsApp or text message. Investigators say the links will take victims to counterfeit sites like "Comexvtn.com" which will require them to login.
"The biggest red flag here is downloading any sort of mobile app outside of the Apple app store or Google Play app store," said Frey.
But, keep in mind some of the apps and sites will try to trick you.
"Some of the sites are meant to look like the Apple app store and they'll even have ratings and say it's an Apple approved app with a high rating," said Frey. "They're getting more sophisticated."
For example, some sites will offer customer service help lines but victims' end up chatting directly with the scammers. In other cases, prompts pop up that ask if you're downloading to an iOS or android to make it appear the app or site is affiliated with the Apple or Google Play app stores.
And the worst part -- if you accidentally download a counterfeit app, it's not an easy fix. The invasion of privacy may persist even after the app is deleted.
"You can't just go in and delete the app and think it's gone off your phone," said Bradstreet. "At a minimum, you should reset your phone to factory settings."
A fear now facing victims across the Bay Area.
"It's very hard on my family," said a local victim who lost her life savings. "Every morning I wake up and it feels like a nightmare."
If you're on the ABC7 News app, click here to watch live