Recovery scam sucker lists are databases of fraud victims bought and sold on the dark web, used to identify people most likely to pay again for a fake recovery service. Quick Answer: Recovery scammers find victims through “sucker lists” — databases of known fraud victims compiled from public complaint filings, dark web data breaches, social media posts, and information sold or shared between criminal networks. If you’ve publicly reported a scam or posted about it online, you are likely already on one of these lists.
Recovery scam sucker lists: What Is a Sucker List?
This guide covers everything about recovery scam sucker lists so you can make informed decisions. A sucker list (also called a “mooch list” or “vic list” in criminal slang) is a database of individuals who have previously been defrauded. These lists contain identifying information — name, email, phone number, approximate loss amount, type of scam — and are traded, sold, and rented between fraud operations as leads for secondary scams.
The term is blunt and cruel, and it accurately reflects how criminal operations view people who have been victimized: as “proven converters” — people who have already demonstrated they can be persuaded to transfer money under fraudulent pretenses. From a scammer’s perspective, a confirmed fraud victim is a far more valuable lead than a cold prospect.
Where These Lists Come From
Public Complaint Databases
When victims file complaints with the FTC, IC3, BBB, or similar agencies, some of that information becomes part of public or semi-public records. Scammers actively monitor these databases. More directly: many victims post publicly in forums, Reddit, Facebook groups, and YouTube comments describing their experiences — providing scammers with names, amounts, and contact information directly.
Fake Victim Support Communities
Some online “victim support” groups and forums are created or infiltrated by the same scammer networks that defrauded the victims in the first place. Victims sharing their stories in these spaces are providing lead information directly to criminals posing as sympathizers.
Dark Web Data Markets
Data from previous fraud operations — including victim databases compiled by now-defunct scam operations — is sold on dark web marketplaces. A successful pig butchering operation that “burned” (completed) its victims will often sell their database to other criminal operations before shutting down or rebranding.
Information Brokers and Data Leaks
Legitimate data brokers compile and sell consumer data including demographics, financial indicators, and interests. While they don’t specifically mark people as fraud victims, scammers use these lists to target demographics with higher vulnerability — seniors, people who have searched for investment opportunities, and people who have engaged with financial content online.
How You Get Contacted After Landing on a List
Contact after a scam typically comes via: unsolicited phone calls from people claiming to be investigators, lawyers, or government agents; emails from “law firms” claiming to be pursuing your case; WhatsApp or Telegram messages from “fellow victims” who know suspiciously specific details about your situation; and social media direct messages from people offering recovery services.
The common thread: they know something about your situation before you’ve told them anything. This is how they establish false credibility — by demonstrating knowledge that appears to only be possible if they are legitimate insiders. In reality, they obtained it from a sucker list.
The Secondary Scam Playbook
Recovery scammers use several distinct scripts when approaching sucker list victims. The “legal action” script claims a lawsuit or government action has frozen scammer assets and you’re entitled to a share — for a processing fee. The “government agent” script impersonates the FBI, FTC, or Interpol claiming they’ve traced your funds and need a cooperation fee to release them. The “recovery specialist” script offers a no-risk recovery service that then immediately demands an upfront fee. All end in the same place: additional money lost, no recovery.
Protecting Yourself from Secondary Targeting
There is no way to remove yourself from a sucker list once you’re on one. What you can do: file complaints with agencies that accept confidential reports rather than public filings where possible; be cautious about how much detail you share in public forums; assume any unsolicited contact claiming knowledge of your past fraud is itself fraudulent until proven otherwise; and never pay any fee to any party claiming to be able to recover funds on your behalf without extensive independent verification.
The FTC, FBI, and all legitimate law enforcement agencies do not charge fees to return recovered assets, do not contact victims through WhatsApp or Telegram, and do not require prepayment to process claims.
A Note on Our Own Complaint Form
Our site’s “File a Complaint” intake form is used exclusively for our own investigation and research purposes — to understand the patterns of fraud affecting our readers. Information submitted through it is never shared, sold, or provided to any third party, including recovery companies. We reference this explicitly because readers who have been defrauded may reasonably wonder whether submitting information to any site creates additional risk of targeting.
Frequently Asked Questions
How do scammers know what happened to me before I tell them?
They obtained your information from a sucker list — a database compiled from public complaint filings, dark web data, fake victim support communities, or from the original scam operation that defrauded you. The appearance of insider knowledge is deliberate false credibility, not evidence of legitimate access.
Is it safe to report my scam publicly in forums?
There’s value in public reporting for warning others, but be aware that detailed public posts identifying you by name, amount lost, and scam type will likely land you on sucker lists. Consider using pseudonyms in public forums and reserving detailed identifying information for official confidential agency complaints.
If someone contacts me claiming to be from the FBI about my case, how do I verify them?
Do not use any contact information they provide. Look up the FBI field office for your area independently (on fbi.gov) and call that number directly to verify whether there is an active investigation involving your name. Legitimate agents will never ask for fees, cryptocurrency payments, or wire transfers.
For official reporting, visit the FTC scam reporting center or the FBI Internet Crime Complaint Center (IC3).
