The FBI Funds Recovery Dept email is a fake recovery-payment scam when it claims the FBI is working with HSBC to release money you lost to fraud. The message promises an approved $10.5 million payout, then says you need an Affidavit of Claims and a Payment Deed of Assignment before the bank can release the funds. Do not reply, do not call the number in the email, and do not send identity documents, bank details, passwords, or any release fee.
This lure is built for people who have already been scammed or who fear they may have lost money. Real law-enforcement victim notices do not move a multi-million-dollar payout through a random reply-to address, a personal mailbox, or a private “agent” in an unsolicited email. Verify any real case through an official website or a known phone number opened separately from the message.
What the fake FBI funds recovery email claims
The current version uses a subject similar to Funds Recovery Dept. and a display name such as F.B.I. Funds Dept. It claims that an FBI department is working with HSBC Bank to release money lost to fraud back to the recipient’s bank account. The message says the funds are waiting in the recipient’s name or company name, then introduces document names that sound official enough to create pressure.
The message may also name a supposed FBI agent, mention a director, and include a phone number or reply-to address that does not match the visible sender. Those details are meant to make the email feel personal and urgent. They are not proof that the message is real.
Example wording to recognize
This is a safe illustrative version of the lure, rewritten without private recipient data or real contact details:
Subject: Funds Recovery Dept.
From: F.B.I. Funds Dept <notice [at] example [dot] com>
Reply-To: recovery-office [at] example [dot] net
We are working with a bank to release funds you lost to fraud.
The approved amount is $10.5 million.
To receive it, obtain an Affidavit of Claims and a Payment Deed of Assignment.
Contact this office before the bank can release the money.

Red flags in the message
- The payout is unsolicited. A surprise multi-million-dollar recovery notice is a classic advance-fee setup.
- The sender and reply-to do not match. A display name can say FBI while replies go to a Gmail account, a private domain, or a third-party mailbox.
- The document names are pressure props. “Affidavit of Claims” and “Payment Deed of Assignment” sound legal, but the email uses them to push you into contacting the scammer.
- The bank is used as decoration. HSBC may be named to make the story feel financial, but the message does not route you through a real HSBC account, branch, or secure banking channel.
- The next step is hidden. Recovery scams often begin with a reply, then ask for a processing fee, tax, certificate fee, courier fee, identity scan, or bank-account details.
Why this is a recovery scam
Refund and recovery scams target victims twice. The first hook is hope: someone says stolen money has been found, a case has been approved, or a bank is ready to release funds. The second hook is the “small” action needed to unlock it: pay a fee, obtain a document, send identity information, or continue the conversation through a private channel.
The FBI and IC3 warn that scammers impersonate government and law-enforcement contacts to make victims trust the request. The FTC also warns that recovery scammers commonly ask for upfront payment or account information while pretending they can get money back. The safest assumption is simple: if an unsolicited email says a government office recovered money for you and wants you to reply privately, treat it as a scam until verified through official channels.
What to do if you received it
- Do not reply. Replying confirms that your mailbox is active and may move you into a longer social-engineering thread.
- Do not call the number in the email. Use official contact pages opened from a typed address if you need to verify a real case.
- Do not send documents. ID scans, bank statements, company records, and signatures can be reused for identity theft or further fraud.
- Save evidence. Keep the email, headers, sender, reply-to, phone number, and any requested payment details for reporting.
- Report it. In the United States, report internet crime attempts to IC3 and consumer fraud to the FTC. If HSBC is named, use HSBC’s official fraud-reporting guidance rather than contacts inside the message.
- Mark it as phishing or spam. Then delete it after evidence is saved.
If you are unsure whether the message is safe, paste the wording or headers into the Gridinsoft Email Scam Checker or ask your mail administrator to review it. Do not forward the message with live links or phone numbers as if it were legitimate.
If you already replied or sent information
- Stop the conversation. Do not pay a release fee, certificate fee, tax, courier fee, or “document” charge.
- Contact your bank from a known channel. Tell them if you shared account numbers, routing details, card data, wire information, or online-banking credentials.
- Change exposed passwords. If you sent email, banking, business, or cloud passwords, change them from a clean device and enable multi-factor authentication.
- Watch for identity-theft follow-up. Monitor bank activity, credit alerts, business-email changes, mailbox forwarding rules, and password-reset messages.
- Warn coworkers or family if needed. Recovery scammers may reuse your name, company details, or old fraud story to target others.
If the email led you to download a file, install a support tool, open an attachment, or allow browser notifications, scan the device before logging back into sensitive accounts. A visible email scam can still lead to a local malware or remote-access problem if a later step involved a download.
If the page or email made you download an invoice, coupon, tracking app, browser extension, or support tool, scan the PC before opening it again or logging into sensitive accounts.
Scan suspicious filesRelated scam patterns
This message belongs to the same family as fake compensation, fake bank-transfer, and second-chance recovery scams. Compare it with our Internet Fraudsters Arrested compensation scam, First Abu Dhabi Bank funds transfer documents scam, and crypto recovery scam guide if the email you received uses a different agency, court, bank, or payment story.
FAQ
Is the FBI Funds Recovery Dept email real?
Treat it as fake unless you can verify the case through an official government channel opened separately from the email. A real recovery process will not ask you to reply to a random private mailbox to unlock a surprise $10.5 million payout.
Does HSBC send recovery payments through emails like this?
No legitimate bank payment should be verified through an unsolicited message that routes replies to a personal or unrelated address. Open your bank account or contact the bank from the official site if you need to check a real transfer.
What if the sender address appears to use fbi.gov?
Do not rely on the visible sender alone. Attackers can spoof display names and sender fields, and forwarded mail can make headers confusing. The reply-to address, the request for documents, and the private-contact workflow are stronger warning signs.
Can I recover money by paying for an affidavit or deed?
Do not pay. Recovery scammers often invent document, tax, release, or courier fees to extract more money. Save the evidence and report the attempt instead.
References
- Internet Crime Complaint Center. “Scammers Impersonating Law Enforcement Personnel.” IC3, published April 18, 2025, accessed July 6, 2026. https://www.ic3.gov/PSA/2025/PSA250418
- Federal Trade Commission. “Refund and Recovery Scams.” FTC Consumer Advice, accessed July 6, 2026. https://consumer.ftc.gov/articles/refund-and-recovery-scams
- HSBC Bank USA. “Report Fraud.” HSBC, accessed July 6, 2026. https://www.us.hsbc.com/help/security/report-fraud/

