Scam Alert: The Federal Trade Commission (FTC) Does Not Email Regarding Pending Investigations
Image: NCCC

Scam Alert: The Federal Trade Commission (FTC) Does Not Email Regarding Pending Investigations

Fraudsters send fake FTC messages to trick you into clicking malicious links

August 1, 2025

Cybercriminals continue to exploit fear of government enforcement by impersonating the Federal Trade Commission (FTC). In mid-2025, North Carolina consumers have reported a surge in phishing emails claiming the FTC is investigating them for alleged violations of the Consumer Credit Protection Act or other federal statutes. The messages instruct recipients to click a link to download complaint documents or “settlement forms”, but the links actually install malware or harvest personal information. Understanding how this scam operates and knowing where to report it can protect you, your family, and your devices.

Why scammers impersonate the FTC

The FTC is a trusted federal agency that enforces consumer protection and antitrust laws. Scammers impersonate it because people assume any communication from the FTC is legitimate and urgent. By invoking formal-sounding statutes and threatening legal action, these fraudsters pressure recipients, especially small businesses, sole proprietors and individuals unfamiliar with FTC procedures—into clicking links or paying fees via gift cards or cryptocurrency.

Typical characteristics of the scam email

  • Spoofed sender address – The email appears to come from “noreply@ftc.gov” or similar, but deeper inspection of the full header reveals mismatched domains.
  • Urgent subject line – Examples include “FTC Formal Investigation Notice,” “Notice of Violation – CCPA Complaint” or “Immediate Action Required by FTC.”
  • Threatening tone – Scammers warn of civil penalties, asset seizures or legal summons if you do not respond within 24 or 48 hours.
  • Download link or attachment – The email directs you to “download case files” or “view complaint documents” via a link to a non-FTC domain or an attachment labeled “FTC_Complaint.pdf.exe.”
  • Instructions for wire transfers or gift cards – In follow-up messages, vict ims may be told to pay “administrative fees” via iTunes cards, Bitcoin or prepaid debit cards.

How the attack unfolds

Once you click the link or open the attachment, one of two things typically happens:

  1. Malware installation – The file installs ransomware or remote-access trojans (RATs) that encrypt your files or give attackers control of your machine. You may see a fake “encryption in progress” screen or a remote desktop window without realizing the damage until personal data is compromised.
  2. Data harvesting – The link leads to a phishing website that mimics the official FTC design. It prompts you to enter personal details, Social Security numbers, driver’s license data or bank account credentials—allegedly to verify your identity or schedule a hearing. This information goes straight to the attackers, who can commit identity theft.

Red flags to watch for

  • Unsolicited contact – The FTC does not send email investigations or demands for immediate payment.
  • Lack of personalization – Scam emails use generic greetings like “Dear Taxpayer” or “Dear Business Owner” rather than your legal name.
  • Incorrect URLs – Hover over links (without clicking) to view the actual domain. FTC links always use “.gov” and begin with “https://www.ftc.gov.”
  • High-pressure tactics – Threats of arrest, fines or license suspension within hours are hallmarks of a scam.
  • Requests for gift cards or cryptocurrency – Government agencies never demand payment via gift cards or Bitcoin.

Official FTC communication methods

The real FTC will:

  • Send letters via U.S. Postal Service on official letterhead if you are the target of a formal investigation.
  • Use authoritative domain names only, emails from “@ftc.gov” are legitimate, but fraudsters can spoof the display name. Always verify full sender addresses.
  • Never demand instant payment or specific payment methods over email or phone.
  • Provide clear instructions for dispute resolution and appeal processes in mailed notices.

What to do if you receive a suspicious FTC email

  1. Do not click links or open attachments. Delete the message immediately. If you accidentally clicked or downloaded something, disconnect from the internet and power off the device.
  2. Report the scam to TIGTA. File a complaint online at treasury.gov/tigta or call 1-800-366-4484. The Treasury Inspector General for Tax Administration handles IRS-related scams.
  3. Report to the FTC. Go to ReportFraud.ftc.gov to submit details. Include full email headers and screenshots if possible.
  4. Contact local authorities. If you suffered financial loss or your data was compromised, file a report with your campus or county police department.
  5. Notify your financial institution. If you provided banking or credit card information, alert your bank immediately, freeze or close affected accounts and request new cards.
  6. Scan for malware. Use reputable antivirus and anti-malware tools to perform a full system scan. Consider professional IT help if you suspect a breach.
  7. Monitor your credit. Place a fraud alert or credit freeze with the three major bureaus, Equifax, Experian and TransUnion—to block unauthorized accounts.
  8. Educate your peers. Share scam alerts with roommates, classmates and campus organizations to prevent further victimization.

Additional protective measures

  • Enable multi-factor authentication on email, banking and campus accounts to prevent unauthorized access.
  • Keep software updated, install operating system and application patches promptly to close security vulnerabilities.
  • Use strong, unique passwords for each account and consider a reputable password manager to store credentials securely.
  • Be wary of social media links and unsolicited messages from unknown senders.
  • Verify any urgent request by calling the agency directly using official numbers rather than clickable links.

North Carolina reporting and support resources

  • NC Department of Justice, Consumer Protection Division: file consumer complaints and get fraud-prevention advice at ncdoj.gov/consumers or call 1-919-716-6000.
  • IC3 (Internet Crime Complaint Center): report cybercrime nationwide at ic3.gov.
  • Campus police departments: most North Carolina colleges maintain 24/7 hotlines for student safety and fraud incidents.
  • FTC Scam Alerts page: review current alerts and subscribe to updates at ftc.gov/scam-alerts.
  • State Treasurer’s Office: identity theft resources at nctreasurer.com.

Scammers continually refine their tactics, but awareness and caution remain your best defenses. Remember that the FTC never emails investigation notices or demands immediate payment. When you, or someone you know—receive such messages, delete them, report the scam and safeguard your accounts. Sharing this alert on social media and campus bulletin boards can help protect North Carolina students and families from falling victim to these dangerous schemes.