The ‘Sucker List’: Why Scam Victims Get Hit Again

The short answer

When you pay a scammer, your details — name, contact, the scam that worked on you, and how much you lost — are recorded on what fraudsters call a “sucker list,” which they buy, sell and trade. A prior victim is the easiest target there is: the data lets the next con tailor a believable story, and shame keeps you isolated. The second approach — the “reload” — usually arrives as a fake refund or recovery offer. The rule that defeats all of it: anyone who contacts you about the money you lost is the next scam, and no honest recovery ever charges a fee upfront.

“Scammers buy lists of people who’ve paid scammers. They call it a ‘sucker list,’ with information about people — like your name, address, and phone number, the kind of scam that tricked you, and how much money you paid. Scammers buy, sell, and trade these lists.”
— U.S. Federal Trade Commission, “Refund and Recovery Scams,” consumer.ftc.gov

Most fraud advice ends at the moment of the loss, as if the story is over once the money is gone. It isn’t. For a large number of victims, the loss is the start of a relationship with the fraud industry — because the act of paying once writes you into a ledger that gets resold. I’ve spent a long time studying how these operations are actually run, close enough to understand the economics from the inside, and the sucker list is one of the coldest, most rational pieces of the whole machine. It is not bad luck that the calls multiply after a scam. It is a business model.

And the data doesn’t appear from nowhere. A great deal of it is handed over willingly, in the moment, on a form that looks like ordinary due diligence — the “identity verification” step of an unregulated investment platform, a slick crypto broker, a prize you need to “confirm.” You believe you’re proving you’re real so your money can start earning. What you’re actually doing is filling in your own line on a future list.

Where the data comes from, recreated. The ‘verification’ step of an unregulated platform harvests everything in one form — identity, contact, bank details, even a passport scan — while promising returns no regulator would ever allow. Example only; fictional company, fabricated data.

The list is real, and it has a name

“Sucker list” is not our phrase or a journalist’s flourish — it’s the term the fraudsters use, documented by the FTC. Each entry is a small dossier: your name, address and phone number, the kind of scam that tricked you, and how much you paid. That last detail is the one that should make your skin crawl, because it turns you from a random phone number into a graded lead. A person who lost $5,000 to a crypto ‘investment’ is a completely different sales target than someone who lost $50 to a parcel-fee text, and the list tells the buyer which one you are.

These lists are bought, sold and traded between criminal groups exactly like any other marketing asset — except the ‘qualified leads’ are people in the worst financial moment of their lives. The buyer doesn’t need to find victims; the seller already did. All the second operation has to do is dial.

Recreated mockup of a fraudster’s ‘sucker list’ spreadsheet — a victim database with columns for name, phone, the scam type that worked, amount paid, and a ‘reload’ status — illustrating how scammers record and resell people who have already been defrauded. Labelled EXAMPLE; all data is fabricated. — What a sucker list looks like, recreated. Fraudsters record each victim with the scam that worked and the exact amount lost, then grade and resell the file. Example only — all names, numbers and figures are fabricated and the data is not real.

Why a scammed person is the best target there is

Step into the buyer’s shoes for one uncomfortable minute, because that’s where the defence comes from. Why pay good money for a list of people who’ve already been burned, when you could chase fresh, unsuspecting ones? Because a prior victim beats a stranger on every metric a fraud operation cares about:

—The data writes the script. Knowing which scam hit you and how much you lost lets the next caller ‘helpfully’ tell you about the earlier fraud in convincing detail — the FTC notes the scammer can use the bought information to ‘make up a story that sounds believable.’ They sound informed because they are.

—The emotional state is pre-loaded. A recent victim is anxious, desperate to undo the loss, and often carrying it in secret. That is the exact state of arousal scams are built to exploit — and someone else already did the work of creating it.

—You’re a proven payer. You have demonstrated, on the record, that under the right pressure you will move money to a stranger. To a list buyer that isn’t a character judgement — it’s a conversion statistic. You are not a long shot; you are a warm lead.

—Shame keeps you isolated. The thing that makes you least likely to phone a relative, the bank, or the police is the same thing that makes you the perfect mark for the second approach: you don’t want anyone to know. Isolation is the scammer’s favourite condition, and the first loss manufactures it for free.

Read the logic again and notice what’s missing from it: any judgement about you being foolish. The list doesn’t target the gullible. It targets the proven — people who were beaten once by professionals and are now, through no failing of their own, the highest-probability sale on the sheet. Being on it is evidence you were attacked well, not that you were weak.

The reload: how the second con reaches you

In the trade, hitting a known victim again is sometimes called the “reload.” It usually wears the most welcome mask imaginable — someone offering to fix the first disaster. The FTC describes the move precisely: a scammer calls, emails, texts or messages you claiming they’ll get back the money you lost or the prize you never received, often pretending to be a government agency, a consumer advocacy group, a law firm, or the very company that took your money in the first place. The reload doesn’t feel like a new attack. It feels like rescue. That’s the whole design.

The FBI has watched this play out at scale. Between December 2023 and February 2025 it received more than 100 reports of criminals impersonating its own Internet Crime Complaint Center (IC3) — and in nearly all of them, the scammers claimed to have recovered the victim’s lost funds or offered to help, which the Bureau bluntly calls “a ruse to revictimize those who have already lost money.” In one variant, fraudsters create personas, join online support groups for fraud victims, and pose as fellow victims to win trust before making their pitch. In another, fake “recovery” law firms tell people they’re on a government-affiliated list of scam victims and can reclaim money through “legal channels.” Every one of these borrows authority and aims it at someone the list already flagged.

Strip the costumes away and the reload always pulls the same levers — the ones every con runs on. Name them, and the spell breaks:

—Authority. ‘I’m with the FBI / a federal recovery unit / a law firm.’ Real agencies don’t cold-call victims to arrange a paid recovery. The IC3 will never ask you for payment to get funds back.

—Hope. ‘We can get your money back.’ Hope is the phantom-riches lever pointed at a wound. It works because you desperately want it to be true — which is exactly why it should raise suspicion, not lower it.

—Familiarity. ‘I lost money too — here’s who helped me.’ The fake fellow-victim in a support group is manufactured trust. Shared pain is the liking lever, weaponised.

—Urgency. ‘The recovery window is closing; pay the release fee today.’ Any deadline attached to getting your own money back is the accelerator pedal, there to make you pay before the doubt arrives.

From the field. The detail that tells me someone has hit a sucker list isn’t the first scam — it’s the timing of the second. A person loses money on a Tuesday and by the following week the ‘help’ arrives from three directions at once: a refund department, a recovery agent, a kind stranger in a Facebook victims’ group. People read that as terrible luck. It isn’t luck. It’s a file being worked. Once you understand that the second wave is bought, not random, the fear changes shape into something you can actually act on: you stop asking ‘why me again?’ and start treating every inbound rescue as the same crime, phase two.

How to get off the list — or make being on it useless

You can’t recall a list that’s already been sold, and there is no register to scrub yourself from. So the defence isn’t a cleanup — it’s a posture. The goal is to make your line on the sheet worthless: a number that never confirms anything, never pays, and reports every attempt. Here is the whole of it.

1Assume you are on a list — and pre-decide the rule. If you’ve been scammed, work from the assumption that your details are already circulating. That isn’t paranoia; it’s the documented reality of how sucker lists work. Decide now, while you’re calm, the rule you’ll follow later when you’re not: anyone who contacts me out of the blue about the money I lost is the next scam until I’ve proven otherwise on my own terms.

2Never pay upfront to get money back. This single rule defeats the entire reload economy. No legitimate bank, agency, lawyer or recovery service takes a fee before returning scammed money, and none can guarantee a recovery. An upfront fee — in cash, gift cards, crypto, or ‘taxes and release charges’ — is the tell. The moment money has to leave you first, it is the second con.

3Verify only on a channel you chose. A scam controls the channel it reached you on. Hang up and contact the bank, agency, or company on a number from your own statement or the official website — never the number, link, or contact in the message. The FBI’s IC3 does not phone victims to arrange a recovery or ask for payment; any ‘IC3 agent’ who does is an impersonator.

4Give the list nothing new. Every inbound approach is also an attempt to enrich the file on you. Don’t confirm your address, don’t ‘verify’ the last four digits, don’t say how much you lost. Silence on the details starves the next pitch of the specifics that make it convincing. You owe an unsolicited caller no information at all.

5Report every approach — it flags the reload. Tell your bank, then report to the FTC at reportfraud.ftc.gov and the FBI at ic3.gov. Reporting isn’t only about your own case; it logs the re-targeting attempt and feeds the data that lets investigators see the lists in motion. It costs nothing and asks you to admit nothing except that you were targeted by a professional.

6Drop the shame — it’s the door the reload walks through. The reason re-targeting works is that the first loss is wrapped in shame, and a person sitting in silence is easy to isolate and easy to rush. Tell one person you trust. The instant the secret is shared, the recovery scammer loses the privacy they need — and you get a second set of eyes on the very approach that’s trying to finish what the first scam started.

The single most important sentence in this piece: anyone who contacts you out of the blue offering to recover money you lost — for a fee, a tax, a “release charge,” or any payment at all — is the second scam, not the rescue. No bank, agency, lawyer, or honest service charges upfront to get scammed money back, and none can guarantee it. The free, legitimate path is your bank first, then the official reporting channels — and the people who refuse to pay the reload are the ones who stop losing.

The takeaway

The sucker list is the proof of something this whole site is built on: fraud is not a morality test you failed, it’s an industry that processed you. Being scammed once doesn’t mark you as gullible — it marks you, in a criminal ledger, as experienced inventory. That’s a brutal way to say it, and I say it on purpose, because the people who understand they’ve become a target are the ones who see the second con coming. The first loss may not have been preventable. The reload almost always is.

If you remember one thing: after a scam, the next person who offers to help you get the money back is statistically far more likely to be the second scammer than the first honest hand. Make them earn your trust on a channel you chose — and never, ever pay to be rescued.

Already been scammed — and now someone’s offering to fix it? Run it past a human first.

If you’ve lost money and a “recovery” offer has appeared, describe it in a free, confidential case review and a real expert replies within 24 hours — no fee, no judgement, nothing to sell. The whole point is to catch the reload before it lands.

Submit a free case review →Try the Scam Checker

Common questions about sucker lists and re-targeting

What is a “sucker list”?

A sucker list is a list of people who have already paid a scammer, traded among fraudsters as a ready-made set of targets. The FTC describes it plainly: “Scammers buy lists of people who’ve paid scammers” — with each entry holding the person’s name, address and phone number, the kind of scam that tricked them, and how much money they paid. Scammers buy, sell and trade these lists because someone who has been deceived once is, in their cold arithmetic, the most likely person to be deceived again.

Why do scammers target people who have already been scammed?

Three reasons, and none of them are about you being careless. First, the data is gold: knowing exactly which scam hit you and how much you lost lets the next caller build a story you’ll believe. Second, a prior victim is in a vulnerable emotional state — desperate to undo the loss, ashamed to ask for help, and therefore easy to isolate. Third, you’ve already shown you’ll move money to a stranger under pressure. To a fraud operation buying a list, that’s a qualified lead, not a long shot.

I was scammed once — why am I suddenly getting more scam calls and emails?

Because your details almost certainly went onto a sucker list and were resold. A single loss often triggers a wave of follow-up approaches — fake refund offers, “recovery” agents, government impersonators, even people posing as fellow victims in support groups. It is not a coincidence or bad luck. It is the predictable second stage of the same crime, run by people who paid for your name.

Someone says they can recover my lost money for a fee — is that real?

No. An upfront fee to recover scammed money is itself a scam — the “reload,” the second con aimed at people on the list. No government agency, bank or legitimate firm asks you to pay first to get your money back, and none can guarantee a recovery. The FBI has warned that fake “recovery” operators — including fictitious law firms — specifically target people who were already defrauded, sometimes claiming you’re on “a government-affiliated list of scam victims” to sound official. The FBI’s own IC3 will never ask for payment to recover funds.

How do I stop being targeted after a scam?

You can’t un-sell a list that’s already out there, so the defence is a rule, not a cleanup: treat anyone who contacts you about the earlier scam as the next scam until proven otherwise. Don’t confirm personal details to inbound callers, never pay upfront to “recover” anything, verify only on a phone number or website you chose yourself, and report each approach to your bank and to the FTC or FBI IC3. Reporting also flags the reload attempt so it can be tracked.

Is there really a government list of scam victims that recovery agents use?

No — that claim is itself a manipulation tactic. The FBI has documented fake recovery operators telling victims they appear on “a government-affiliated list of scam victims” and can reclaim money through “legal channels” — a script designed to borrow authority and lower your guard. The only lists that single out prior victims are the criminal sucker lists. Legitimate agencies don’t cold-call you off a victim register and charge to help.

Sources & further reading

Every claim in this piece is drawn from these authorities. Click any of them to verify.

The moment a scammer takes your money, your name goes onto a list. And other scammers pay for it.