Report a Scam
Government fraud sites are a maze of overlapping agencies, and when you've just been scammed the last thing you need is confusion. This page cuts through it: who to report to, what each agency actually does, and what to have ready — for every major country. All official, all free.
Contact your bank now. Before anything else, call your bank or card provider and ask them to stop or recall the payment. Speed matters most here — minutes can decide whether money is recoverable.
Stop all contact with the scammer. Don't reply, don't pay a 'release fee', don't let them talk you into one more step. The pressure is the trap.
Then report it (using this page). Once your money is safe, reporting to the right agency below creates the official record and helps stop them hitting someone else.
For the full hour-by-hour playbook, see our scam recovery guide. If your personal details were exposed, read identity theft.
I know reporting feels pointless when you're panicking. But every report contributes to databases that block scam sites for millions of people. Some of the biggest fraud takedowns happened because enough individuals reported what they saw. Your report matters — and you don't have to figure out the bureaucracy alone.
Which one do I actually use?
You don't need to report everywhere — pick by what happened. As a rule of thumb:
- ▸
Lost money online: your national cyber/fraud centre (US: FBI IC3 · UK: Report Fraud · AU: ReportCyber · CA: Anti-Fraud Centre) — plus your bank.
- ▸
A scam, but no money lost: your consumer protection body (US: FTC · UK: Report Fraud / NCSC · AU: Scamwatch). It still helps others.
- ▸
A phishing email or text: forward it (US/global: APWG · UK: report@phishing.gov.uk or 7726) and report the website to Google Safe Browsing.
- ▸
An investment or crypto scam: your financial regulator (US: SEC · UK: FCA · AU: ASIC) plus the cyber centre above.
- ▸
Identity theft: the dedicated identity service (US: IdentityTheft.gov · AU: IDCARE via Scamwatch).
When in doubt, reporting to more than one is fine — it never hurts.
🇺🇸 United States
Any online or cyber-enabled crime: investment & crypto fraud, business email compromise, ransomware, romance scams, online extortion, hacking.
The FBI's central hub for internet crime. Reporting fast can help the FBI's recovery team try to freeze stolen funds — so file the moment money moves. They can't reply to every report individually.
Almost any scam, fraud, or dishonest business — even if you didn't lose money, and even attempted scams.
Your report goes into Consumer Sentinel, a database used by 2,000+ law-enforcement agencies. The FTC builds cases against scammers but does not resolve individual disputes or recover your money directly. You'll get tailored next-steps after filing.
Identity theft: someone opened accounts, filed taxes, or made charges in your name.
Run by the FTC. Its real value is the personalized recovery plan it generates — pre-filled letters, checklists, and step-by-step actions to undo the damage and reclaim your identity.
Problems with a bank, credit card, loan, mortgage, debt collector, money transfer, or credit report.
The CFPB forwards your complaint to the company and works to get you a response — usually within 15 days. Best route when a financial company itself is the problem or won't help you.
Investment fraud: fake or unregistered investment offers, Ponzi schemes, crypto 'opportunities', misleading claims about a company.
The SEC polices securities markets. Use the TCR (Tips, Complaints & Referrals) form for fraud. It investigates and brings enforcement cases; it generally won't recover an individual's losses, but your tip can stop the scheme.
Scams that arrive by physical mail, or where you sent cash, checks, or gift cards through the postal system.
Postal inspectors are federal law-enforcement officers with authority over mail fraud. Useful when the scam has a physical-mail component.
🇬🇧 United Kingdom
Any fraud or cybercrime where you've lost money or been hacked (England, Wales & Northern Ireland).
The UK's national fraud reporting service — it replaced Action Fraud on 4 December 2025. You'll get a crime reference number — keep it, your bank may ask for it. (Scotland: report to Police Scotland on 101.)
Suspicious emails (forward to report@phishing.gov.uk) and suspicious text messages (forward to 7726).
Run by the National Cyber Security Centre. They analyse and take down malicious sites behind reported emails. Use this when nothing was lost but you want to report a phishing attempt — it protects others.
Suspected investment or pension scams, and checking whether a firm/offer is a known scam.
The Financial Conduct Authority's tool. Check its Warning List before investing, and report unauthorised firms targeting UK consumers.
When you're unsure if something is a scam, or want guidance on what to do next.
A trusted UK charity offering free, practical consumer advice. A good first stop if the official routes feel overwhelming and you just want a human explanation.
🇦🇺 Australia
Any scam, to help authorities track trends and warn the public.
Run by the ACCC. Important: a Scamwatch report is NOT a police report and they can't respond individually. If you lost money, also file an official report with ReportCyber. For identity support, they connect you with IDCARE.
Cybercrime where you've lost money or data — this is the official police-referred channel.
Run by the Australian Signals Directorate. Your report is referred to the relevant state/territory police. Use this (in addition to Scamwatch) when there's a real loss.
Investment fraud, financial misconduct, and unlicensed financial firms in Australia.
Australia's corporate & financial regulator. Report misconduct by companies, advisers, or investment schemes.
🇨🇦 Canada
Any fraud or scam across Canada — the central national collection point.
Jointly run by the RCMP and partners. Collects reports nationwide and coordinates with police and the National Cybercrime Coordination Centre. Also report to your local police if you lost money.
🇪🇺 European Union
Serious cross-border cybercrime affecting people in multiple EU countries.
Europol itself doesn't take individual complaints for minor cases — it links to each member state's official reporting channel. Use it to find your own country's national portal.
Cross-border consumer disputes within the EU (a trader in another EU country won't refund or deliver).
The ECC-Net helps EU consumers resolve disputes with businesses based in another member state — free of charge.
🌍 Global Resources
Phishing or fake websites, so browsers warn other users away from them.
Reporting a malicious URL here helps Google flag it across Chrome and other browsers — one of the fastest ways to protect strangers from the same site.
Phishing emails — forward them to reportphishing@apwg.org.
The Anti-Phishing Working Group feeds an industry-wide database used to detect and block campaigns globally.
Not a reporting tool — a free check of whether your email or data appeared in a known breach.
Enter your email to see which breaches exposed you. If you appear, change those passwords and enable two-factor authentication.
Country-specific reporting guides
For a deeper, country-by-country walkthrough — who to report to, what each agency does, and exactly what your bank will and won’t refund — see the dedicated guides:
A complete report is far more useful than a fast one. Gather what you can:
- ✓Dates and times of contact
- ✓The scammer's details — phone, email, social profile, website, or company name
- ✓Amounts paid and the payment method (card, bank transfer, crypto, gift card)
- ✓Any transaction IDs, reference numbers, or receipts
- ✓Screenshots or copies of messages, emails, and pages (don't delete them)
Frequently Asked Questions
Not sure who to report to?
Tell us what happened and we'll point you to exactly the right agencies for your situation — and how to give yourself the best chance of recovery.
Get free guidance →