Scammers pose as FBI IC3 specialists, offer ‘assistance’ to fraud victims

📟 News

Date: 22/04/2025

According to the FBI, scammers impersonating employees of the FBI Internet Fraud Complaint Center (IC3) contact fraud victims offering them ‘assistance’ in getting their money back

Over the past two years (December 2023 – February 2025), the FBI received more than 100 reports of scammers using this tactics.

“Complainants report initial contact from the scammers can vary. Some individuals received an email or a phone call, while others were approached via social media or forums. Almost all complainants indicated the scammers claimed to have recovered the victim’s lost funds or offered to assist in recovering funds. However, the claim is a ruse to revictimize those who have already lost money to scams,” – FBI Internet Crime Complaint Center (IC3).

Recently, scammers created a number of female social media profiles and joined groups for financial fraud victims posing as such victims. They then encouraged other victims to contact some Jaime Quin, the alleged “Chief Director” of IC3, via Telegram. The fake Quin claims that the lost funds have been recovered, but, in reality, his sole goal is to gain access to financial information and revictimize the victims.

The FBI reminds: to protect yourself from such scams, you should neither share sensitive information with people you’ve just met online or over the phone, nor should you send them money, gift cards, cryptocurrency, or other financial assets.

IC3 officers never directly communicate with individuals via phone, email, social media, phone apps, or public forums. They neither ask for payment to recover lost funds, nor refer a victim to a company charging fees for recovering funds.

Related posts:
2025.04.29 — FBI Offers 10 million USD for information on Salt Typhoon members

The FBI offers up to 10 million USD for information about members of the Chinese hacker group Salt Typhoon and last year's attack that had…

Full article →
2025.04.15 — Hackers exploit authentication bypass bug in OttoKit WordPress plugin

Hackers exploit an authentication bypass vulnerability in the OttoKit (formerly SureTriggers) WordPress plugin used by more than 100,000 websites. First attacks were recorded just…

Full article →
2025.03.16 — Researchers force DeepSeek to write malware

According to Tenable, the AI chatbot DeepSeek R1 from China can be used to write malware (e.g. keyloggers and ransomware). DeepSeek was released in January 2025 and caused a stir…

Full article →
2025.01.25 — 18,000 script kiddies have been infected with backdoor via XWorm RAT builder

According to CloudSEK analysts, malefactors attack novice hackers using a fake malware builder. Script kiddies' systems become infected with a backdoor that steals data and subsequently…

Full article →
2025.04.23 — Improper authentication control vulnerability affects ASUS routers with AiCloud

ASUSTeK Computer Inc. fixed an improper authentication control vulnerability in routers with AiCloud. The bug allows remote attackers to perform unauthorized actions on vulnerable devices. The issue…

Full article →
2025.02.06 — Let's Encrypt to stop sending expiration notification emails

The nonprofit organization announced that, starting June 4, 2025, it will stop sending expiration notification emails to subscribers. The primary reason behind this decision…

Full article →
2025.02.08 — Hackers exploit RCE vulnerability in Microsoft Outlook

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned Federal Civilian Executive Branch (FCEB) Agencies that they have to secure their systems from ongoing…

Full article →
2025.01.28 — J-magic backdoor attacked Juniper Networks devices using 'magic packets'

A massive backdoor attack targeting Juniper routers often used as VPN gateways has been uncovered. The devices were attacked by the J-magic malware that…

Full article →
2025.04.16 — Android devices will restart every three days to protect user data

Google introduces a new security feature for Android devices: locked and unused devices will be automatically restarted after three days of inactivity to return their memory to an…

Full article →
2025.04.08 — Website of Everest ransomware group hacked and defaced

Last weekend, the darknet website of the Everest ransomware group was hacked and went offline. The attackers replaced its content with a sarcastic message: "Don't do crime…

Full article →