Scammers pose as FBI IC3 specialists, offer ‘assistance’ to fraud victims

📟 News

Date: 22/04/2025

According to the FBI, scammers impersonating employees of the FBI Internet Fraud Complaint Center (IC3) contact fraud victims offering them ‘assistance’ in getting their money back

Over the past two years (December 2023 – February 2025), the FBI received more than 100 reports of scammers using this tactics.

“Complainants report initial contact from the scammers can vary. Some individuals received an email or a phone call, while others were approached via social media or forums. Almost all complainants indicated the scammers claimed to have recovered the victim’s lost funds or offered to assist in recovering funds. However, the claim is a ruse to revictimize those who have already lost money to scams,” – FBI Internet Crime Complaint Center (IC3).

Recently, scammers created a number of female social media profiles and joined groups for financial fraud victims posing as such victims. They then encouraged other victims to contact some Jaime Quin, the alleged “Chief Director” of IC3, via Telegram. The fake Quin claims that the lost funds have been recovered, but, in reality, his sole goal is to gain access to financial information and revictimize the victims.

The FBI reminds: to protect yourself from such scams, you should neither share sensitive information with people you’ve just met online or over the phone, nor should you send them money, gift cards, cryptocurrency, or other financial assets.

IC3 officers never directly communicate with individuals via phone, email, social media, phone apps, or public forums. They neither ask for payment to recover lost funds, nor refer a victim to a company charging fees for recovering funds.

Related posts:
2025.03.26 — Cloudflare to block all unencrypted traffic to its APIs

According to Cloudflare, effective immediately, only secure HTTPS connections to api.cloudflare.com will be accepted; while all HTTP ports are to be closed. The purpose of this decision…

Full article →
2025.02.06 — Let's Encrypt to stop sending expiration notification emails

The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision…

Full article →
2025.01.29 — Google to disable Sync in older Chrome versions

Google announced that in early 2025, Chrome Sync will be disabled in Chrome versions older than four years. Chrome Sync enables users to save and sync their…

Full article →
2025.01.26 — Cisco patched a critical vulnerability in Meeting Management

Cisco released updates to fix a critical (CVSS score: 9.9) vulnerability in Meeting Management. The bug enables an unprivileged remote authenticated attacker to gain administrative privileges. The vulnerability…

Full article →
2025.04.15 — Hackers exploit authentication bypass bug in OttoKit WordPress plugin

Hackers exploit an authentication bypass vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin used by more than 100,000 websites. First attacks were recorded just…

Full article →
2025.02.20 — Newly-discovered vulnerabilities in OpenSSH open the door to MiTM and DoS attacks

OpenSSH fixed two vulnerabilities that could result in MiTM and denial of service (DoS) attacks. Interestingly, one of these bugs appeared in the code more than 10…

Full article →
2025.04.29 — FBI Offers 10 million USD for information on Salt Typhoon members

The FBI offers up to 10 million USD for information about members of the Chinese hacker group Salt Typhoon and last year's attack that had…

Full article →
2025.01.25 — 18,000 script kiddies have been infected with backdoor via XWorm RAT builder

According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies' systems become infected with a backdoor that steals data and subsequently…

Full article →
2025.04.08 — Website of Everest ransomware group hacked and defaced

Last weekend, the darknet website of the Everest ransomware group was hacked and went offline. The attackers replaced its content with a sarcastic message: "Don't do crime…

Full article →
2025.01.22 — Fake Homebrew Infects macOS and Linux Machines with infostealer

Attackers use Google ads to disguise themselves as the Homebrew website and distribute malware targeting Mac and Linux systems and stealing logon credentials, browser data, and cryptocurrency wallets.…

Full article →