The Federal Bureau of Investigation has warned the public about fraudulent websites designed to impersonate its Internet Crime Complaint Center (IC3). The fake sites are being used to steal personal and financial data from unsuspecting individuals.
A September 19 advisory detailed how threat actors are spoofing the official www.ic3.gov portal, a primary tool for reporting cybercrime. The FBI noted the danger of the public “unknowingly visit[ing] spoofed websites while attempting to find FBI IC3’s website to submit an IC3 report.” This alert is part of a series addressing fraudulent websites, including fake charity and retail platforms, that have caused millions of dollars in losses.
Once on a spoofed site, individuals may be subjected to scams involving fraudulent payments, credential theft, or malicious software downloads. These sites act as a “honeypot” to capture sensitive data entered by users. The stolen information includes names, home addresses, phone numbers, email addresses, and banking details. This data is then leveraged by criminals for identity theft and financial fraud.
The attacks began in mid-September 2025, redirecting users from the official IC3 portal to fraudulent domains. According to a Cybersecurity News report, IC3 analysts identified the sites on September 18, 2025, after receiving multiple reports of deceptive phishing emails. These messages falsely confirmed an IC3 report submission and contained links leading to cloned pages where users were prompted to enter extensive personally identifiable information (PII).
The fraudulent sites utilized “client-side scripting” to intercept data from submission forms. This script rerouted user inputs to an external “exfiltration endpoint” before displaying a generic error message. To bolster their credibility, the attackers registered look-alike URLs like “ic3-gov.com” and “ic3gov.org.” The pages also mimicked authentic branding by reproducing the official FBI seal and IC3 banner, making the deception more effective.
The FBI’s announcement clarified its official protocols, stating it “will never ask for payment to recover lost funds, nor will IC3 refer someone to a company requesting payment for recovering funds.” This counters a common tactic where criminals impersonate law enforcement to demand payments. Furthermore, the bureau confirmed that “IC3 does not maintain any social media presence.” This addresses previous schemes where social media lures directed users to fake IC3 sites with false promises of fund recovery assistance.
To help the public avoid these scams, the FBI issued specific guidance for accessing its IC3 portal:
- Direct Navigation: Type www.ic3.gov directly into the browser’s address bar, rather than using a search engine.
- Search Engine Use: Avoid any “sponsored” search results, as these are often paid imitators looking to divert traffic from the legitimate website.
- URL Verification: Verify the website URL ends in “.gov” and is the exact address, www.ic3.gov.
- Link Scrutiny: Avoid clicking links with URLs that differ from the official IC3 site to mitigate fraud risk.
- Visual Cues: Do not click on links accompanied by suspicious or low-quality graphics meant to imitate a legitimate website.
- Information Sharing: Never share sensitive information on a website if its legitimacy is uncertain.
The FBI asks the public to “report any interactions with websites or individuals impersonating IC3.” To do so, individuals are directed to use the official IC3 website at www.ic3.gov. This directive underscores the need for users to ensure they are on the correct, verified site before submitting any information, including a report about an impersonator.
