Losing money to a scam is painful enough the first time. Federal investigators are now warning about a second wave that targets the same victims again, this time by impersonating the very agency people turn to for help. Criminals are posing as employees of the FBI’s Internet Crime Complaint Center, contacting people who have already reported financial fraud and offering to recover the money they lost — for a price, or in exchange for sensitive personal information.
The scheme preys on a specific kind of vulnerability: victims who are already anxious, already out money, and already primed to trust anyone claiming to represent law enforcement.
What the FBI’s advisory describes
According to a public service announcement from the Internet Crime Complaint Center, the FBI received more than 100 reports of this impersonation scheme between December 2023 and February 2025. In each case, scammers falsely claimed to work for IC3 and either said they had already recovered a victim’s lost funds or offered to help recover them, a claim the bureau says is consistently false and used to revictimize people who have already suffered a fraud loss.
Initial contact varies by case. Some victims reported receiving an unsolicited email or phone call from someone claiming IC3 affiliation. Others said they were approached through social media platforms or online forums, sometimes by scammers using fabricated profiles designed to appear as fellow fraud victims rather than officials, a tactic the advisory says has been used to build trust before making a financial ask.
A more elaborate version of the con
One variant described in the advisory shows how far scammers have refined the approach. Rather than cold-contacting victims directly, some create female persona profiles on social media and join online support groups set up specifically for financial fraud victims. Posing as a fellow victim who successfully recovered their losses, the scammer builds credibility inside the group before steering targeted members toward a supposed recovery contact or process, which ultimately leads to a new financial loss rather than a resolved one.
That approach is notable because it exploits communities that exist specifically to help fraud victims, turning a support space into a hunting ground. The layered impersonation, appearing first as a peer rather than an authority figure, makes the eventual pitch harder to recognize as a scam, since it arrives with an implied endorsement from someone who claims to have already been through the same experience.
Why the IC3 name carries weight
The Internet Crime Complaint Center is the FBI’s designated channel for the public to report cybercrime and financial fraud, which is precisely why impersonating it is effective. Victims who have already filed a legitimate complaint with IC3, or who are simply aware that it is the correct place to report fraud, are more likely to assume a follow-up contact referencing the center is genuine. Scammers rely on that baseline credibility to lower a target’s guard at exactly the moment they should be most skeptical.
The FBI has separately warned that its IC3 website itself has been spoofed by threat actors building lookalike domains, adding another layer to the broader impersonation problem facing anyone trying to verify whether a fraud-related contact is legitimate.
The bureau’s core warning: recovery is never for sale
The advisory is direct about the central rule that should flag this scam immediately: the IC3 does not charge victims for help recovering lost funds, and it will not refer victims to a third-party company that charges a fee for recovery services. Any contact claiming to be from IC3 that asks for payment, gift cards, cryptocurrency or sensitive account information in connection with a “recovery” effort should be treated as fraudulent on its face, according to the bureau’s own guidance.
The FBI also urges caution around sharing sensitive personal or financial information with anyone met exclusively online or over the phone, regardless of how convincingly they present their credentials or how sympathetic their story sounds. That guidance applies with particular force to people who have already been victimized once, since scammers specifically target that population expecting lowered defenses and heightened desperation to recoup a loss.
What to do if contacted
The FBI’s recommended response is straightforward: anyone who believes they have been targeted by this scheme, or who has already lost additional money to a fake recovery scam, should report it directly through the official IC3 portal, rather than responding to or engaging further with the original contact. Verifying any claimed law enforcement contact independently, by looking up official phone numbers or web addresses rather than using ones provided by the person who reached out, remains one of the most reliable ways to avoid falling for an impersonation scheme in the first place.
For anyone who has already lost money to fraud, the bureau’s guidance amounts to a simple but important reminder: no legitimate recovery process starts with a stranger promising results in exchange for payment upfront.
Why fraud-recovery scams keep working
Recovery scams persist for the same reason the underlying fraud schemes do: they exploit a predictable emotional response. Victims of financial fraud frequently describe feeling embarrassed, angry and desperate to undo the loss, a combination that makes an offer of restored funds unusually persuasive even when it arrives from an unverified source. Fraud researchers who study repeat victimization note that people who have already lost money once are statistically more likely, not less, to be targeted again, since scammers actively trade lists of confirmed victims precisely because they have demonstrated a willingness to send money to a stranger under pressure.
That dynamic has made repeat victimization a growing area of concern for federal fraud investigators, who have increasingly focused public warnings on the specific pattern of a second scam following the first. The IC3 advisory fits into that broader effort, aiming to interrupt the cycle before a second financial loss compounds the first.
A pattern showing up beyond IC3 impersonation
Federal and state agencies have documented similar recovery-scam patterns tied to impersonation of other trusted institutions, including banks, government benefit programs and consumer protection agencies. In nearly every version of the scheme, the core mechanic stays the same: a scammer claims special access to funds a victim has already lost, then requests payment, personal information or remote computer access as a precondition for releasing money that does not actually exist. Recognizing that template, regardless of which agency or institution a scammer claims to represent, is one of the more reliable ways to identify the scheme before it produces a second financial loss.
Morning Overview produced this article with AI assistance and reviewed it against the cited sources.
More from Morning Overview
- 8 SUVs mechanics are quietly steering buyers away from in 2026
- The FBI says certain phone apps keep harvesting your contacts and home address in the background.
- A common joint supplement may speed dementia and raise the risk of death.
- Researchers say radar scans reveal vast structures beneath the Giza pyramids.