People who have already lost money to fraud are now being targeted a second time by scammers pretending to be government agents, attorneys, or recovery specialists who claim they can get that money back. The Federal Trade Commission (FTC), the FBI, and the Commodity Futures Trading Commission (CFTC) have each issued separate warnings about this growing scheme, in which con artists demand upfront fees or personal information from victims under the guise of recovering stolen funds. The FTC took direct action earlier this year, sending warning letters to domain registrars and forcing the takedown of websites that mimicked official FTC branding to lure victims into handing over even more cash.
Why recovery scams spike after real government payouts
The scheme works because it borrows credibility from real events. When the U.S. Department of Justice announced a formal compensation process for victims of the AirBit Club fraud, it created a template that scammers could exploit. Fraudsters reference genuine case names, cite real agency acronyms, and even quote actual docket numbers to make their pitch sound legitimate. The result is a feedback loop: every time a federal agency publicizes a real victim-compensation program, scammers gain fresh raw material they can recycle in cold calls, emails, and fake websites.
The CFTC has described this dynamic explicitly. Scammers retain or sell victim contact information and later re-contact those same people while impersonating government officials, attorneys, or recovery services, according to the agency’s advisory on recovery frauds. That means a single data breach or initial scam can generate a long tail of follow-on fraud attempts, each one dressed up with slightly different institutional branding.
How federal agencies describe the mechanics of the con
The FTC’s consumer guidance is blunt: anyone who contacts you claiming they can recover money you lost “for a fee” will take more money. That language, published on the agency’s refund guidance, strips away any ambiguity. The agency has also clarified that it will not demand money, threaten consumers, or direct wire transfers. Any caller who does those things while claiming to represent the FTC is lying.
The FBI’s Internet Crime Complaint Center has reinforced the same warning through public-service announcements identifying fraudsters who pose as lawyers or law firms and claim authorization to investigate or recover funds lost in cryptocurrency scams. These fictitious firms sometimes tell victims they have case information from the FBI, the Consumer Financial Protection Bureau, or other agencies. The Securities and Exchange Commission’s investor-education office has separately classified the tactic as an advance-fee fraud variant, noting that the fees are often described as taxes, commissions, or validation charges to make them sound routine.
The FTC also explains how scammers exploit the existence of real FTC refund programs as cover. Because the agency does issue legitimate refunds in certain enforcement cases, con artists pose as refund or recovery helpers and request payment or personal information from people who believe they are simply completing a government process. The agency’s refund explainer spells out the difference: real refunds arrive without any request for payment, and consumers can verify active programs through the FTC’s own refunds dashboard rather than through links in unsolicited messages.
Earlier this year, the FTC documented concrete enforcement steps against impersonation operations. The agency sent warning letters to domain registrars and secured the takedown of scam websites that mimicked ReportFraud and other official FTC branding, including at least one domain built around a “recovery” theme. In a March 2024 announcement, the agency specifically warned about impostors using FTC identities to pressure people into paying bogus fees or handing over sensitive information. Together, these actions marked one of the first times the agency publicly detailed its efforts to dismantle the digital infrastructure behind these schemes.
Gaps in the data and what to watch next
Several questions remain unanswered. Neither the FTC nor the FBI has released complaint-volume statistics or time-series data showing how many recovery-scam reports they received during 2024 or 2025. Without those numbers, it is difficult to measure whether the problem is growing at the rate the warnings suggest or whether it has plateaued. The FTC’s recent press materials reference domain takedowns but do not name specific defendants or disclose how many victims those sites reached before they were shut down.
The Department of Justice’s AirBit Club compensation process illustrates what legitimate recovery looks like: it is tied to an identified criminal case and forfeiture, runs through a formal remission process, and never requires victims to pay fees to participate. No public victim-loss figures from that remission have been released in a way that would allow direct comparison with the sums scammers have extracted through fake recovery pitches. That data gap makes it harder for researchers and journalists to quantify the full cost of re-victimization and the scale of the secondary market in stolen victim information.
How people can protect themselves
For anyone who has lost money to fraud and receives an unsolicited call, text, or email promising to get it back, the first step is verification. Instead of using phone numbers or links provided in the message, consumers can independently look up the official contact information for the agency or company being named and ask whether there is an actual case or refund program in their name. If the supposed representative resists that step or pressures the person to stay on the line, that is itself a warning sign.
Payment demands offer another clear signal. Federal agencies emphasize that they will not ask victims to pay fees up front to receive refunds or restitution, and they will not insist on payment via gift cards, cryptocurrency, or wire transfers. Any request for an “administrative fee,” “processing tax,” or “release charge” before funds can be returned should be treated as an attempt to extract more money from someone who has already been harmed.
Protecting personal data is just as important as guarding against new financial losses. Recovery scammers frequently ask for Social Security numbers, bank-account details, or copies of IDs under the pretense of verifying eligibility for payment. Sharing that information can open the door to identity theft and further fraud. Victims who suspect they have provided sensitive data to a scammer can consider placing fraud alerts or credit freezes with major credit bureaus and monitoring their accounts closely.
Finally, reporting remains a key part of the response. Even when lost money cannot be recovered, filing complaints with the FTC, the FBI’s Internet Crime Complaint Center, or state attorneys general helps agencies spot patterns, connect cases, and justify enforcement actions like the website takedowns the FTC has already pursued. Those reports, in turn, can feed future public warnings that make it harder for the same scripts and spoofed identities to keep circulating unchecked.
The emerging picture is of a persistent, adaptive threat that feeds on the aftermath of other crimes. As long as large frauds generate lists of victims and as long as legitimate restitution programs exist, scammers will try to insert themselves into that space, offering false hope in exchange for one more payment. Until better data is available, the most practical defense is individual skepticism: treating any unsolicited promise of easy recovery as suspect, and checking it against what federal agencies say they will-and will not-do.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
