Online Fraud: How to Act Fast, Recover, and Report

How to Verify a Suspicious Request

To determine whether an online request is fraud, verify it through a contact method you find independently before you click, reply, pay, or share information.

Advertisement

Most scams follow the same pattern: impersonate someone you trust, create urgency or fear, promise an unusual reward, then demand a difficult-to-reverse action. That may mean sending cryptocurrency, wiring money, buying gift cards, sharing a verification code, scanning a QR code, or installing remote-access software.

This playbook appears in bank and government impostor messages, fake invoices, phishing links, marketplace transactions, romance and investment schemes, tech-support pop-ups, job offers, and account-takeover alerts. The FTC warns that scammers can spoof caller ID, so a familiar name or official-looking number proves nothing. Logos, websites, personal details, and accurate account information can also be copied or stolen.

Advertisement

Verify the request without using anything it provides.

  • Open the organization’s official app yourself.
  • Type its known website address directly into your browser.
  • Call the number printed on your card or statement.
  • Contact the supposed sender through a previously trusted channel.

If the request is legitimate, independent verification will confirm it. If someone pressures you not to verify, stop.

What to Do in the First Minutes

Fast action may prevent a suspicious interaction from becoming a larger loss. Take these steps in order:

Advertisement
  1. Stop communicating. Do not send another payment, share a verification code, provide identification documents, or follow more instructions—even if the sender threatens consequences.
  2. Contact the payment provider. Using a phone number or website you verify independently, call your bank, card issuer, payment app, wire service, gift card company, or cryptocurrency platform. Ask for the fraud department and request the appropriate action: a transaction hold, transfer recall, card freeze, dispute, or account restriction. The FTC says acting quickly may improve the chance of reversing a transaction.
  3. Secure compromised devices. If you installed remote-access software, disconnect the device from the internet and end active sessions if you can do so safely. Use a different, trusted device to contact financial institutions and change passwords.
  4. Preserve evidence. Save messages, screenshots, receipts, transaction IDs, account handles, phone numbers, and email addresses before blocking the sender. Do not click links or download files to collect more proof.

No bank, platform, or government agency can guarantee recovery. If the incident involves an immediate physical threat, extortion, stalking, or danger to another person, contact 911 or local law enforcement.

Choose the Right Payment-Recovery Step

The payment method—not the scammer’s story—determines the best recovery step.

  • Credit or debit card: Call the issuer, replace compromised card details, and ask whether the charge qualifies for a fraud claim or billing dispute.
  • ACH transfer or check: Notify your bank immediately. Ask about a stop payment, ACH return, or its process for unauthorized transfers.
  • Bank wire: Ask the sending bank to recall the wire and contact the receiving institution. A completed wire may be impossible to reverse.
  • Payment app: Report the recipient and transaction inside the app, then contact the linked bank or card issuer. Do not assume ordinary purchase protections apply.
  • Gift card: Keep the card and receipt. Contact the issuing company with the card number and transaction details; remaining funds may sometimes be frozen.
  • Cryptocurrency: Save the wallet address and transaction hash, then notify the exchange you used. Confirmed blockchain transfers are generally irreversible.

Tell the provider whether someone accessed the account without permission or whether you authorized a payment after being deceived; dispute rights may differ.

Advertisement

Secure Your Accounts and Identity

After contacting the payment provider, close any access the scammer may still have. Start with email because it often controls password resets for financial, shopping, and social accounts.

  1. Secure email first. From a clean, trusted device, replace exposed or reused passwords with unique passwords or passkeys—not slight variations of the old password. Then update other affected accounts. Enable multifactor authentication; prefer a passkey, security key, or authenticator app to text messages.
  2. Check for hidden access. Review recovery email addresses and phone numbers, forwarding rules, connected applications, trusted devices, and active sessions. Remove anything unfamiliar and sign out other devices.
  3. Protect your phone number. If you revealed a verification code, carrier password, or phone-account details, contact your mobile carrier and add an account PIN and port-out lock.
  4. Freeze your credit if identity data was exposed. If a scammer obtained your Social Security number or enough information to open accounts, place a free freeze separately with Equifax, Experian, and TransUnion. A freeze restricts access to your credit file. Credit monitoring sends alerts; a fraud alert asks lenders to verify your identity but does not lock the file.

If your Social Security number was disclosed or someone misused your identity, visit IdentityTheft.gov for a tailored recovery plan. Continue monitoring financial, email, credit, tax, and government-benefits accounts for follow-up activity.

Preserve Evidence Without Taking More Risks

Useful evidence can support a dispute or investigation, but collecting it should not require another click, download, or conversation.

  • Build a timeline: Record when contact began, what the person claimed, what information you shared, and when each payment, login, password change, or account update occurred.
  • Save identifying details: Keep emails and full headers when available, text messages, voicemails, usernames, profile URLs, phone numbers, website addresses, and screenshots showing dates and times. Preserve original messages and files when safe; cropped screenshots may remove context or metadata.
  • Document transactions: Retain receipts, bank reference numbers, wire instructions, gift card numbers, cryptocurrency wallet addresses and transaction hashes, shipping records, and order numbers.
  • Track your response: Note calls to banks or platforms, passwords changed, reports filed, case numbers, and the departments of legitimate representatives.

Do not reopen attachments, revisit suspected malicious sites, or provoke the scammer. Store copies somewhere secure that does not depend on a potentially compromised device or account.

Evidence can wait; stopping the money cannot. If a payment may still be blocked, recalled, or disputed, contact the provider before organizing the rest of your records.

Where to Report Online Fraud in the U.S.

Banks, platforms, regulators, and law enforcement have different powers and evidence systems, so more than one report may be appropriate.

  • Most scams: File at ReportFraud.ftc.gov. Reports enter the FTC’s consumer complaint database, helping investigators identify patterns and build cases. The agency generally does not resolve individual losses.
  • Identity theft: Use IdentityTheft.gov to report misuse of personal information and receive a recovery plan, including steps for creditors and credit bureaus.
  • Internet-enabled crime: Report to the FBI’s Internet Crime Complaint Center at IC3.gov, especially for transferred money, compromised accounts, business email compromise, or cryptocurrency.
  • Local police: Contact them for significant losses, threats, or stolen property, or when a bank, insurer, or identity-recovery process requires a police report.
  • Specialized complaints: Report mail-related fraud to the U.S. Postal Inspection Service and consumer disputes to your state attorney general.
  • The platform: Flag the fraudulent account, listing, advertisement, or message where it appeared.

IC3 does not charge victims, request payment to investigate or recover money, or partner with private recovery companies. Anyone claiming otherwise is likely running a follow-up scam.

Avoid Fraud-Recovery Scams

After a loss, the next person promising help may be the original scammer—or someone who bought the victim’s information.

Recovery scammers pose as investigators, attorneys, government officials, hackers, asset-recovery specialists, or IC3 representatives. Warning signs include:

  • Guaranteed recovery or “secret” tracing methods
  • Pressure to act immediately or keep the process confidential
  • Upfront fees before credentials or results can be verified
  • Payment requests involving cryptocurrency, wire transfers, or gift cards
  • Claims that taxes, bonds, deposits, or processing charges must be paid before funds are released

Legitimate government agencies do not demand gift cards or cryptocurrency. U.S. agencies do not charge victims to file reports or release recovered funds, and IC3 does not direct victims to private recovery partners.

Legitimate banks, insurers, attorneys, and law-enforcement agencies can explain their identity, authority, fees, and process through contact information you verify independently.

Recovery depends on the payment method, elapsed time, available evidence, and whether the money remains reachable. Filing a report does not guarantee reimbursement. For substantial losses, business fraud, contractual disputes, or questions about legal rights, consult a qualified attorney after checking licensing and disciplinary records through the relevant state bar.

Advertisement
Back to top button