Shame keeps the trap baited. Understand that part first. The people running recovery-room scams do not need to go looking for new victims. They wait for old ones to surface in the only places where talking about losing money still feels safe, Facebook groups, Telegram channels, private subreddits, anywhere somebody might listen without laughing.

That is where the second cut begins.

What follows is built layer by layer, the way the scheme itself was built. Year by year. Alert by alert. Somebody reading this article in the spring of 2026 has every right to ask whether any of this could still happen to them today. The honest answer is not the one anybody wants.

Back in March 2022 the Federal Bureau of Investigation published its first big public advisory on people impersonating government officials. The agency's Internet Crime Complaint Center, IC3 for short, the Bureau's main online-fraud reporting hotline, issued a formal public service announcement. The pattern was already old by then. Scammers phoning people, emailing them, messaging them through social media, posing as cops or federal agents or judges. Demanding payment. Threatening arrest.

Eight months on, in November 2022, the Federal Trade Commission posted something small and sharp on its consumer-advice blog. The author, Cristina Miranda, put it in one clean sentence any person could follow. Nobody legitimate contacts you out of the blue to get your lost money back. Not by phone, not by email, not by letter, not on social media.

That was autumn of 2022. Most people did not read it. Most people never do.

By August of 2023, the IC3 was back with a sharper alert. This one targeted a specific breed of operation. Companies with professional-looking websites, staff pages, phone numbers that rang through to somebody who sounded helpful, all of them claiming they could recover cryptocurrency losses. A few said they had partnerships with federal agencies. A few said they could get court orders. The Bureau's one-sentence answer is worth carrying in your head if you ever lose money in a crypto scam. No private company has the authority to seize cryptocurrency on behalf of a government. Not anywhere. Not ever.

Cryptocurrency fraud losses for 2022 had reached $2.5 billion by the Bureau's own count. Nobody reading those numbers in 2023 could have called them stable.

The Persona

Here is where the calendar matters. December 2023 was the first month where IC3 began receiving a new kind of complaint. One that would keep coming in for the next fifteen months straight. The complaints were not about the original scams at all. They were about what came after.

Somebody sets up a profile. Female, almost always. Retired nurse, former teacher, widow from somewhere that sounds real. Joins the Facebook groups and Telegram channels where people who have been burned in pig-butchering crypto scams go to talk to each other. Introduces herself as a fellow victim. Gets trusted. Then weeks later, sometimes months on, mentions casually that she knows a guy who actually got her money back.

The guy, in the one persona the FBI has documented by name, went by Jaime Quin. Alleged Chief Director of the IC3. A job title that does not exist. A person who does not exist either. Contact preferred through Telegram, of course.

Almost every one of those complaints carried the same hook. The scammers had approached, claiming the money was already recovered and ready to be released, just as soon as a small processing fee cleared. Or a tax. Or a retainer. Or a gas fee, which in cryptocurrency language means the cost of moving funds across a blockchain. The fee is always small compared to the amount supposedly recovered. And then another fee. And another.

Operation Level Up

Operation Level Up launched in January of 2024. FBI and U.S. Secret Service paired up, reaching out to suspected crypto-fraud victims proactively, before many of the victims even knew they were being scammed. By the end of the first year, the program had notified 4,323 people. Seventy-six percent of those people had no idea they were being defrauded when the call came. The program estimates it prevented $285.6 million in further losses through that first year. Forty-two people received referrals for suicide intervention.

Forty-two.

The most recent public figures on the program count 8,103 victims notified, 77 percent still unaware at the time of contact, an estimated $511.5 million in prevented losses, and eighty suicide-intervention referrals. Eighty. The FBI's own Operation Level Up page is careful to spell out something that should not need spelling out but obviously does. Level Up employees will never offer to recover lost money for a person. They will never refer anyone to a service that does. The program exists because nobody calls to get your money back. Nobody.

The Rule

April of 2024 brought the FTC's Government and Business Impersonation Rule online. The Commission can now sue anybody who pretends to be a government agency. In the rule's first year, five cases were filed and thirteen impersonating websites were taken down. Some of those websites had names chosen to look official enough that a desperate person might click. The civil penalty maximum, after the 2025 inflation adjustment, sits at just over fifty-three thousand U.S. dollars per violation.

In an alert dated June 24, 2024, the IC3 published a figure that said more about the second-cut economy than any piece of writing around it. From February of 2023 through February of 2024, one single calendar year, fraud victims had lost more than $9.9 million to fake law firms offering to recover funds from earlier cryptocurrency scams. Fake law firms, with fake websites, fake staff attorneys, sometimes fake case numbers. One year. Nine point nine million dollars.

On July 30 of the same year, the Commodity Futures Trading Commission posted its own advisory. Fraud in 3 Acts, they called it. Three acts like this. A relationship scam. Then a recovery scam. Then the use of the victim as an unwitting money launderer for the next round of victims. The CFTC page points to two academic studies, one from 2001 and another by AARP researchers in 2017. Both of them confirm something most people would rather not know. People defrauded once are measurably more likely to be defrauded again.

Not because they are stupid. Because their contact information is already on a list. The industry term for that list, in the FTC's own consumer-advice writing, is sucker list. Those lists get sold, resold, traded, copied. Your information outlives the original scam.

The Curve

In March of 2025, the FTC released its Consumer Sentinel Network data for the previous year. Reported fraud losses totalled $12.5 billion across 2.6 million reports. That figure represented a 25 percent jump over 2023. Imposter scams alone made up $2.95 billion of it. Government-imposter scams specifically accounted for $789 million of that.

On April 18, 2025, the IC3 issued its own alert about the fifteen-month pattern that had started back in December 2023. The agency had received more than a hundred separate reports from victims targeted through the fake-IC3-employee ruse across that window. More than a hundred. And that was only the people who thought to report the second attempt after already reporting the first.

Five days later, on April 23, 2025, the FBI released the 2024 IC3 Annual Report. Total reported cybercrime losses for the year came to $16.6 billion. Investment fraud specifically ran to $6.57 billion. Cryptocurrency investment fraud on its own reached $5.82 billion. Victims aged sixty and older reported $4.89 billion in losses, the highest of any age group by a country mile.

The year before, in 2023, the same two reports had shown $12.5 billion in total cybercrime losses and $4.57 billion in investment fraud. The year before that, in 2022, the comparable figures had been $10.3 billion total and $3.31 billion in investment fraud. The curve is the story.

The Machinery

On August 13 of that year, the IC3 updated the fake-law-firm alert. New red flags in the update. Scammers were now posing as staff for an invented regulator called the International Financial Trading Commission. Does not exist. They were also running WhatsApp group chats for victims, a creative innovation that gives the scammer full control of the conversation while squeezing several targets in parallel.

Five weeks after that, on September 19, 2025, the IC3 surfaced a second and separate impersonation operation. Criminals were buying up domain names that looked almost like ic3.gov. Same letters in a slightly different order. Different extensions. The sort of lookalike that nobody notices until after they have typed in their personal information and clicked submit. The scammers were also buying sponsored search ads, so a person typing IC3 or report cybercrime into Google might land on a fake above the real one. What those fake sites harvest, according to the FBI, is name, home address, phone number, email address, and banking details. Everything a person would normally put into a legitimate complaint form, funnelled straight to the people who scammed them in the first place.

One detail from that September alert is worth pulling out and taping to a fridge. The real IC3 has no social media presence. No Facebook, no Instagram, no LinkedIn, no TikTok. Anybody claiming otherwise is not the real IC3.

Eleven days later, on September 30, the Securities and Exchange Commission issued its own impersonator alert. The SEC itself was now being impersonated on social media and through text messages. Same exact pattern the IC3 had been flagging for fifteen months, only this time on somebody else's letterhead.

Can This Still Happen in 2026

Yes. Every single piece of infrastructure required for the recovery-room scam is still in place. The sucker lists still circulate. Victim support groups still have to exist, because genuine victims need somewhere to talk. Telegram still takes under sixty seconds to set up an anonymous account. Google still sells sponsored search ads to whoever pays for them. Lookalike domain registration is still legal, still cheap, still fast.

What has changed is that more federal agencies are shouting about the pattern than were shouting a year ago. That counts for something. A person who knows how the pattern works is meaningfully harder to hook than a person who does not. The catch is that the people running these operations read the warnings too. They adjust. New personas, new job titles, new fake agencies. The Chief Director line stops working, so the next one becomes something else.

One fact has not changed, and almost certainly will not. Nobody from any real U.S. federal agency is going to contact a fraud victim out of the blue and offer to recover their lost money. Not the FBI. Not the IC3. Not the FTC. Not the CFTC. Not the SEC. Canadian readers reporting through the Canadian Anti-Fraud Centre at antifraudcentre.ca can trust the same rule on this side of the border. The official channels never initiate the contact. The scammers always do.

The cruellest part of the whole thing is how neatly it closes the circle. A government reporting hotline built to help fraud victims, used to hunt those same victims a second time, by people who know exactly which wound to press on.

It is the second cut. Already being made.