Skip to main content

Is the person who contacted your employee really from the IRS or Social Security Administration? And what about those calls and texts to consumers claiming to be from your company? The FTC’s new Trade Regulation Rule on Impersonation of Government and Businesses takes effect today and a just-released Data Spotlight underscores the Rule’s critical importance to consumers and businesses.

According to the Data Spotlight, the statistics are staggering. In 2023, the FTC received more than 330,000 reports of business impersonation scams and nearly 160,000 reports of government impersonation scams. That’s nearly half of all frauds reported directly to us. The financial injury also is breath-taking – and cash-taking – with reported losses to impersonation scams topping $1.1 billion in 2023. That’s more than three times what consumers reported in 2020.

Read the Data Spotlight for the specifics, but here are some other notable findings.

Scammers still use the phone, but their attention has turned increasingly to text or email as a way to get their foot in the virtual door. According to reports, their preferred payment methods are shifting to bank transfers and cryptocurrency. Even their pitches are getting more complicated. For example, the person who contacts the consumer may say they’re with a well-known company, but then claims to “transfer” the consumer to what turns out to be a fake bank, a fake FBI agent, or even a fake FTC staffer.

FTC Data Spotlight Impersonators graphs

The Data Spotlight also lists the top five forms of impersonator scams – and when we say “top” we mean lower than a snake’s belly in a ravine:

  • Copycat security alerts. These messages claim to be about suspicious activity on a consumer’s account. When consumers respond, they’re told to “transfer” their funds for their own protection. But the only “transfer” that takes place is straight into a scammer’s often untraceable pocket.
  • Phony subscription renewals. Scammers email bogus “renewal” notices subscription service the consumer didn’t order. When the consumer calls to report the mistake, the scammer promises a “refund,” but accidentally-on-purpose claims to process too much money. Next comes a demand that the consumer return the “overcharge,” often by buying gift cards and giving the scammer the digits on the back.
  • Fake giveaways, discounts, or money to claim. Scammers dangle the prospect of “free money” or sweepstakes winnings. All the consumer has to do is provide some upfront cash or gift cards to claim the non-existent big prize.
  • Bogus problems with the law. Scammers pose as government agents and contact consumers, claiming the consumer’s identity has been used in a crime. The fake agent’s “ask”? They often tell people to transfer their funds to Bitcoin ATMs, which they may refer to as “safety lockers.” It’s a fraud through and through and as the Data Spotlight warns, “Money you move is money they steal.”
  • Made-up package delivery problems. A consumer gets a message that looks like a delivery attempt notice from the U.S. Postal Service, UPS, or FedEx, directing them to click a link to a website. The next step may be to pay a small “redelivery fee” by inputting their credit card information. The message, “package,” and website are all phony. But one thing is genuine: the injury to the consumer now that their credit card number is in the hands of a crook.

The Spotlight points out three tactics scammers use to try to get an advantage: 1) their messages copy the look of genuine communications from well-known companies or government offices; 2) they play on people’s emotions either by creating a worrisome situation that needs immediate attention or by dangling a benefit like a prize; and 3) they “reframe their demands for money to avoid setting off alarm bells” – for example, by claiming they’re helping people “protect” their funds. 

The FTC has advice for your employees, family, friends – and yes, you:

Don’t click on links or respond to unexpected messages. If you’re unsure if a story is genuine, contact the company or agency using a phone number or web address you know for sure is legit. Never use the contact information in the iffy message. 

Don’t believe anyone who says you need to buy gift cards, use a Bitcoin ATM, or move money to fix a problem. That’s not how real businesses and government agencies operate. Anyone who asks you to do that is a scammer.

Slow down. Scammers want to rush you. Instead, take the time to check it out and talk with someone you trust. Anyone who pressures you to act fast is almost certainly a scammer. 

Why should business executives care about what the latest Data Spotlight tells us? As the FTC’s new Impersonation Rule suggests, commandeering the name of a well-known business – perhaps yours – can be a key to their scammy success. You don’t want your company even remotely associated with fraudsters and fakes. What’s more, crooks can be convincing and even sophisticated business people need to keep their guard up.

The FTC has more resources about impersonator scams. If you spot a questionable pitch – whether or not you lost money – tell us about it at If you know someone who did lose cash to a fraudster or had personal information stolen, share What To Do if You Were Scammed.

It is your choice whether to submit a comment. If you do, you must create a user name, or we will not post your comment. The Federal Trade Commission Act authorizes this information collection for purposes of managing online comments. Comments and user names are part of the Federal Trade Commission’s (FTC) public records system, and user names also are part of the FTC’s computer user records system. We may routinely use these records as described in the FTC’s Privacy Act system notices. For more information on how the FTC handles information that we collect, please read our privacy policy.

The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.

  • We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
  • We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
  • We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
  • We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to

We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.

More from the Business Blog

Get Business Blog updates