Skip to main content

Columbia Business Monthly

New FTC Data Spotlight Offers Insights into Impersonation Scams

May 01, 2024 09:30AM ● By Lesley Fair

Is the person who contacted your employee really from the IRS or Social Security Administration? And what about those calls and texts to consumers claiming to be from your company? The Federal Trade Commission’s new Trade Regulation Rule on Impersonation of Government and Businesses took effect recently, and a just-released Data Spotlight underscores the rule’s critical importance to consumers and businesses.

According to the Data Spotlight, the statistics are staggering. In 2023, the FTC received more than 330,000 reports of business impersonation scams and nearly 160,000 reports of government impersonation scams. That’s nearly half of all frauds reported directly to us. The financial injury also is breathtaking – and cash-taking – with reported losses to impersonation scams topping $1.1 billion in 2023. That’s more than three times what consumers reported in 2020.

Here are some other notable findings in the Data Spotlight.

Scammers still use the phone, but their attention has turned increasingly to text or email as a way to get their foot in the virtual door. According to reports, their preferred payment methods are shifting to bank transfers and cryptocurrency. Even their pitches are getting more complicated. For example, the person who contacts the consumer may say they’re with a well-known company, but then claims to “transfer” the consumer to what turns out to be a fake bank, a fake FBI agent, or even a fake FTC staffer.

The Data Spotlight also lists the top five forms of impersonator scams – and when we say “top” we mean lower than a snake’s belly in a ravine:

·        Copycat security alerts. These messages claim to be about suspicious activity on a consumer’s account. When consumers respond, they’re told to “transfer” their funds for their own protection. But the only “transfer” that takes place is straight into a scammer’s often untraceable pocket.

·        Phony subscription renewals. Scammers email bogus “renewal” notices for subscription service the consumer didn’t order. When the consumer calls to report the mistake, the scammer promises a “refund,” but accidentally-on-purpose claims to process too much money. Next comes a demand that the consumer return the “overcharge,” often by buying gift cards and giving the scammer the digits on the back.

·        Fake giveaways, discounts, or money to claim. Scammers dangle the prospect of “free money” or sweepstakes winnings. All the consumer has to do is provide some upfront cash or gift cards to claim the non-existent big prize.

·        Bogus problems with the law. Scammers pose as government agents and contact consumers, claiming the consumer’s identity has been used in a crime. The fake agent’s “ask”? They often tell people to transfer their funds to bitcoin ATMs, which they may refer to as “safety lockers.” It’s a fraud through and through, and as the Data Spotlight warns, “Money you move is money they steal.”

·        Made-up package delivery problems. A consumer gets a message that looks like a delivery attempt notice from the U.S. Postal Service, UPS, or FedEx, directing them to click a link to a website. The next step may be to pay a small “redelivery fee” by inputting their credit card information. The message, “package,” and website are all phony. But one thing is genuine: the injury to the consumer now that their credit card number is in the hands of a crook.

The Spotlight points out three tactics scammers use to try to get an advantage: 1) their messages copy the look of genuine communications from well-known companies or government offices; 2) they play on people’s emotions either by creating a worrisome situation that needs immediate attention or by dangling a benefit like a prize; and 3) they “reframe their demands for money to avoid setting off alarm bells” – for example, by claiming they’re helping people “protect” their funds. 

The FTC has advice for your employees, family, friends – and yes, you:

Don’t click on links or respond to unexpected messages. If you’re unsure if a story is genuine, contact the company or agency using a phone number or web address you know for sure is legit. Never use the contact information in the iffy message. 

Don’t believe anyone who says you need to buy gift cards, use a bitcoin ATM, or move money to fix a problem. That’s not how real businesses and government agencies operate. Anyone who asks you to do that is a scammer.

Slow down. Scammers want to rush you. Instead, take the time to check it out and talk with someone you trust. Anyone who pressures you to act fast is almost certainly a scammer. 

Why should business executives care about what the latest Data Spotlight tells us? As the FTC’s new Impersonation Rule suggests, commandeering the name of a well-known business – perhaps yours – can be a key to their scammy success. You don’t want your company even remotely associated with fraudsters and fakes. What’s more, crooks can be convincing and even sophisticated business people need to keep their guard up.

The FTC has more resources about impersonator scams. If you spot a questionable pitch – whether or not you lost money – tell us about it at

Lesley Fair is a senior attorney with the Federal Trade Commission’s Bureau of Consumer Protection.