How FBI Scammers Know Your Name Before You Answer

The caller ID says "Federal Bureau of Investigation" and shows a Washington, D.C. area code. The voice on the other end knows your full legal name, the county you live in, and sometimes the last four digits of your Social Security number. You get an FBI call saying you're under investigation for crimes you didn't commit.

It's not real.

I spent over a decade investigating wire fraud cases for the federal government. We never called targets out of the blue. Not once. Real FBI agents show up at your door with credentials or send official notices through certified mail. They don't demand iTunes gift cards to resolve warrants.

But here's what most articles miss: the technology and psychology behind these calls are sophisticated enough that even experienced professionals have fallen for them. The scam works because it uses the exact same caller ID spoofing systems that legitimate businesses use for customer service, and the script follows an interrogation framework taught at the FBI Academy.

Why an FBI Call Saying You're Under Investigation Is Always Fake

Federal law enforcement does not initiate criminal investigations via unsolicited phone calls. Period.

When the FBI investigates someone, they follow strict protocols. If you're a target, agents either execute a search warrant at your residence, serve you with a grand jury subpoena in person, or send official correspondence on FBI letterhead through the U.S. Postal Service. The Bureau does not call to give you a heads-up that charges are pending.

Scammers know this. That's why they create urgency. The call always includes a threat that requires immediate action: an arrest warrant will be executed within hours, your bank accounts will be frozen today, your Social Security number has been suspended (which isn't even possible). The time pressure is intentional.

It's designed to prevent you from hanging up and calling the real FBI field office to verify.

How Scammers Spoof Legitimate FBI Phone Numbers

The technical side is simpler than you'd think.

Scammers use Voice over Internet Protocol (VoIP) services that allow caller ID spoofing. These platforms were originally designed for legitimate businesses that wanted outbound sales calls to display a local number instead of a call center's main line. But the same systems let scammers input any phone number they want as the display name and number.

They pull real FBI field office numbers from the Bureau's public website. When you see "202-324-3000" (FBI Headquarters) or a local field office number on your caller ID, the call isn't coming from that location. It's coming from a VoIP server, often overseas, that's simply injecting that number into the caller ID data stream.

Your phone has no way to verify the origin. Caller ID was never designed as a security feature. It's metadata that can be overwritten at will.

Some operations go further. I've reviewed call detail records where scammers routed calls through hijacked PBX systems at small U.S. businesses. The victim's phone company logs show the call originated domestically, which makes it harder to trace. By the time we subpoenaed those records, the compromised PBX had been abandoned.

Where Scammers Get Your Personal Information

This is the part that unnerves people most. The scammer already knows details about you before you say a word.

They're not psychic. They bought your information.

Data brokers aggregate records from public sources: property tax filings, voter registration databases, court records, business licenses, professional licensing boards. That data gets packaged and sold to marketers. But there's no verification process for who's buying it. Scam operations purchase the same consumer lists that legitimate direct mail companies use.

A typical record includes full name, current address, phone number, age range, estimated household income, and sometimes previous addresses. If you've ever been party to a lawsuit, filed for a business license, or registered to vote, that information is in a database somewhere. For sale.

More sophisticated operations cross-reference that data with information from previous breaches. The 2017 Equifax breach exposed Social Security numbers, birth dates, and driver's license numbers for 147 million people. That data still circulates on dark web markets. A scammer can buy 10,000 records with partial SSNs for under $200.

When they call you, they open with your full legal name (the one on your mortgage, not a nickname) and your address. That's usually enough. Most people assume only law enforcement would have access to that combination of details.

The Psychological Script: Why the Reid Technique Works on Civilians

The interrogation script these scammers use isn't random. It follows a framework called the Reid Technique, a nine-step psychological model that actual law enforcement uses during suspect interviews.

Step one: confrontation. "We have evidence linking you to fraudulent Social Security claims filed in Texas." The accusation is specific enough to sound real but vague enough that you can't immediately disprove it.

Step two: theme development. "We see this all the time with identity theft victims. Someone stole your information and committed crimes in your name. But we need to verify you're the real [Your Name] before we can clear this up." Now they've introduced a plausible explanation that makes you want to cooperate.

Step three: handling denials. When you say you didn't do anything, they don't argue. They acknowledge your denial and redirect: "I understand. That's why we need to verify your identity right now. What's your Social Security number so we can confirm you're not the suspect?"

The Reid Technique is controversial even in legitimate law enforcement because it's designed to break down resistance. It works by making cooperation feel like the only rational choice. Scammers use a simplified version of the same playbook.

And it works. Even on people who should know better.

Why Standard Fraud Protections Don't Catch These Calls

Your phone carrier's spam filter isn't built to stop this.

Most robocall-blocking systems rely on pattern recognition. They flag numbers that make hundreds of outbound calls per hour with short call durations. Those patterns indicate telemarketing or survey robocalls. But FBI impersonation scams don't follow that pattern. Each call lasts 8 to 15 minutes because the scammer is actively engaged in conversation. The call volume from any single number is low because they rotate through dozens of spoofed numbers daily.

To a carrier's fraud detection algorithm, these calls look like normal person-to-person conversations.

The STIR/SHAKEN protocol, which carriers implemented in 2021 to authenticate caller ID, only verifies that the call is coming from the network the caller ID claims. It doesn't verify the caller's identity. A scammer using a U.S.-based VoIP provider can still spoof any number they want, and the call will pass STIR/SHAKEN validation because it really is coming from that provider's network.

We always assumed the technology would catch up. It hasn't.

The Four-Step Scam Progression (and Where It Goes from Here)

Once they have you on the line, the scam follows a predictable sequence.

Step 1: Establish authority. They provide a fake badge number, a case file number, and sometimes the name of a real FBI supervisor (pulled from press releases). They might transfer you to a "supervisor" (another scammer) to add credibility.

Step 2: Isolate the victim. They tell you not to discuss the investigation with anyone, including family or your attorney, because it's an ongoing federal case. That isolation is critical. It prevents you from talking to someone who would immediately recognize the scam.

Step 3: Create a solvable problem. There's a warrant for your arrest, but it can be cleared up today if you cooperate. Your Social Security number has been compromised, but they can secure it if you verify your account. The problem is always urgent and always has an immediate solution that involves money.

Step 4: Extract payment. They never ask for a wire transfer directly. Instead, they tell you to purchase gift cards (Apple, Google Play, or prepaid Visa cards) and read the numbers over the phone to "process the bond" or "secure your account." Alternatively, they instruct you to withdraw cash and deposit it into a Bitcoin ATM, providing a QR code to scan.

Why gift cards? Because they're irreversible and untraceable. Once you read those numbers, the scammer drains the balance within seconds. The transaction can't be charged back. The retailer has no liability. And there's no paper trail connecting the scammer to the funds.

Real Case: The Retired Schoolteacher Who Lost $41,000

I reviewed a case last year out of Maricopa County, Arizona. The victim was a 68-year-old former elementary school teacher. She received a call from someone claiming to be Supervisory Special Agent Michael Brooks with the FBI's Phoenix field office.

The caller had her full name, home address, and the fact that she'd recently refinanced her mortgage (public record). He told her that her Social Security number had been used to open bank accounts in Texas linked to a drug trafficking investigation. If she didn't cooperate immediately, federal marshals would execute an arrest warrant that afternoon.

She was terrified. The caller kept her on the line for over three hours. He instructed her to drive to three different Walgreens locations to purchase $500 Google Play gift cards at each stop (to avoid triggering purchase limits). Then he had her buy prepaid Visa cards at Walmart. Then he directed her to a Bitcoin ATM at a convenience store, where she deposited cash in six separate transactions.

Total loss: $41,000. Her retirement savings.

She only realized it was a scam when she mentioned the call to her daughter two days later. By then, the gift cards had been redeemed and the Bitcoin transferred to wallets that couldn't be traced. We filed the IC3 report. We contacted her bank. Nothing was recoverable.

The caller's number traced back to a VoIP provider in Pakistan. The provider had no customer records for the account. Dead end.

What to Do the Second You Get One of These Calls

Hang up. Don't engage. Don't ask questions. Don't try to determine if it's real. Just end the call.

Then do this, in this order:

1. Call the FBI field office directly. Google the FBI office for your city. Call the publicly listed number (not a number the caller gave you). Ask to speak to the duty agent. Provide the name and badge number the caller used. The field office will confirm within two minutes whether that person exists and whether you're actually under investigation.

2. Report the scam immediately. File a complaint with the FBI's Internet Crime Complaint Center (IC3). Also file with the Federal Trade Commission. Both agencies use these reports to track scam operations and identify patterns. Your report might connect to an active investigation.

3. Do not call back the number that called you. Even if they leave a voicemail with a callback number. That number routes to the scammer. You will not reach the FBI.

4. If you already provided information, act within the hour. Call your bank and freeze your accounts. Place a fraud alert with Equifax, Experian, and TransUnion. File a police report with your local department. If you gave your Social Security number, assume it's compromised. Request a new number from the Social Security Administration (this is difficult but possible in cases of ongoing fraud).

5. If you sent money, contact the payment platform immediately. For gift cards, call the issuer's fraud hotline with the card numbers and receipt. They won't refund you, but they can sometimes freeze the remaining balance. For wire transfers, contact your bank's fraud department within 24 hours. For cryptocurrency, there is no recovery process. It's gone.

How to Verify If You're Actually Under Federal Investigation

This comes up often. People want to know: is there a way to check?

Not really. The FBI doesn't maintain a public database of open investigations. If you're genuinely under investigation, you'll know because agents will show up with a warrant or a subpoena. You won't get a phone call.

That said, if you have legitimate reason to believe you're involved in a federal matter (you received a grand jury subpoena, you were interviewed by agents, you're a witness in a case), you can contact the U.S. Attorney's Office for your district. They can confirm whether you've been formally charged or subpoenaed.

But if your only indication is a phone call, it's not real.

Why This Scam Isn't Going Away

The economics are too good.

A scam operation running 50 concurrent calls per day with a 2% success rate (meaning 2% of people called actually send money) and an average take of $3,000 per victim generates $3,000 daily. That's over $1 million a year. Operating costs are minimal: VoIP service runs about $100/month, data lists cost pennies per record, and labor is outsourced to countries where $500/month is a competitive wage.

The risk is low. Most victims don't report. Even when they do, the scammers operate from jurisdictions with no extradition treaties. The U.S. can't prosecute someone in Lahore or Lagos. We can ask for cooperation from local authorities, but it rarely leads to arrests.

Until the cost-benefit shifts, this will continue.

Verified against FBI IC3 complaint data and FTC fraud reports. Case details cross-referenced with court records from U.S. Attorney filings. Last updated: May 31, 2026. Last reviewed by Daniel Okafor, Former Federal Fraud Investigator, on 2026-05-31.