Broker Clone Scams In 2026: AI, PhaaS & How To Stay Safe
Regrettably, it has become extremely easy for fraudsters to piggyback on the good reputation of a serious online broker and use their good name to lure in scam victims. It is easier than ever to simply copy (clone) a real brokerage site and put up a clone on a domain that seems legit. Example: If the true site is ABCtrading.com, the scammer will use domain names such as ABCtraders.com, ABCtrading.nu, or ABC-Trading.com.
Unsuspecting traders are lured to the cloned website and will sign up, share their personal information, and make a deposit to an account controlled by the fraudster.
Why Has It Become Even Easier?
Impersonation scams around brokers and trading platforms used to be a cottage industry. A small group of fraudsters would throw up crude fake sites, blast spam emails and hope someone clicked. That model is now largely gone. By 2026, cloning a broker has become a sleek and streamlined process, where attention is paid to even the smallest details. Of course, this has also made it much more difficult to spot the fakes.
Two things have changed the game:
- Better AI tools, and
- The rise of Phaas
What Is Phaas?
Phishing-as-a-service (PhaaS) makes it very easy for scammers to carry out large-scale website cloning scams even if they themselves do not have the necessary technical knowledge. Security research and threat reports describe PhaaS platforms as full-service businesses that offer ready-made phishing kits, hosting, templates, and dashboards on subscription. They copy login pages for brokers and trading platforms, handle two-factor bypass, and more.
Recent investigations show that more than 90 percent of high-volume phishing campaigns in 2025 relied on such kits, with some single kits delivering up to ten million attacks in a short period. ENISA’s 2025 threat report notes that phishing remains the main entry point for many attacks and that PhaaS has “industrialised” operations, enabling attackers of all skill levels to launch convincing clones at scale.
AI Tools For Website Cloning
AI tools can now generate polished, cloned websites, with accompanying advertising copy, chat responses, and even deepfake voice and video content. A 2026 analysis of crypto scams by Chainalysis found that AI-enabled scams were four and a half times more profitable than traditional ones, with higher daily revenues and larger average payments. That profitability flows back into better infrastructure, which means even more polished clones, more targeted lures, and more professional money laundering.
For traders, that means a criminal crew can spin up dozens or hundreds of near-perfect copies of a well-known broker in a day. A Finance Magnates summary of the Chainalysis data describes trading platform impersonation scams exploding by more than 1,400 percent year on year, with brokers reporting that takedown requests for fraudulent clones have become a routine task.
In this environment, a well-known logo and a familiar website layout are no longer much of a safety signal. They can just as well be the starting point of a scam.
A rising concern in 2026 is the use of AI scam video calls. Scammers use deep fakes of famous investors, influencers and even broker personnel (such as the CEO) to make fake video call to convince you to sign up with scam websites and trick you out of your money.
The Statistical Reality: 1,400 Percent Growth, 17 Billion Lost
The numbers behind this trend are not small. Chainalysis estimates that crypto scams and fraud pulled in at least 14 to 17 billion USD on chain in 2025, depending on the methodology, with a large part of the jump driven by impersonation. Impersonation scams alone grew by around 1,400 percent compared to the prior year. The average payment to scammers in these schemes tripled from roughly 780 USD in 2024 to more than 2,700 dollars in 2025.
These figures are for cryptocurrency-focused fraud, but the same tools are used across the wider investment space and staying away from the crypto world will not be enough to protect you. UK data show that investment scams, many of them involving clone firms, stripped more than £97 million from consumers in the first half of 2025 alone, accounting for more than a third of authorized push payment fraud losses. Canadian and European Union regulators report similar trends, with a combination of cloned regulator websites and fake trading portals used to harvest credentials and divert money.
The point is not to memorize these numbers. We have included them in our article to show how broker impersonation is no longer a fringe problem.
Sometimes, Only The Finest Of Details Are Different
Many scammers do not invent random company names any more for their broker scams. Instead, they go to the Financial Conduct Authority’s register in the UK, ASIC’s registers in Australia, the SEC’s public tools in the USA, or the website of some other financial authority that suits their needs.
At the site, they pull a genuine firm’s name and head over to their official website. They clone this website and put the clone on a domain that they control. Therefore, everything will seemingly be correct, including the Firm’s name, the license reference number, the firm’s official office address and post addresses, and so on. The scammer may even embed links to the regulator’s website to add legitimacy.
UK FCA warnings about clone firms show a clear pattern. The fraudulent site uses a genuine authorized firm’s name and Firm Reference Number (FRN), and only changes a few details to remain in control.
Examples of details that may be changed are contact points, such as phone numbers, email addresses and live chat links, since the fraudster wants to be in control of the communication. Of course, the fraudster also needs you to send your personal data to them (and not to the real firm) and deposit your money into an account they control.
To a trader who checks only the name and license number without verifying the exact domain, the contact details, and the payment details from an independent source, everything looks fine.
This mirror effect is precisely what makes modern clones so effective. You are not being asked to trust a totally unknown entity. You are being shown real data and invited to believe that you are dealing with the real firm.
The Anatomy Of A Clone Scam
Step One: The Hook
Most victims do not stumble onto clone sites from Google in 2026. The initial contact usually comes through messaging channels, where scammers can be more selective and harder to monitor. Common patterns include “investment clubs” on WhatsApp and Telegram, unsolicited direct messages on social apps, and what look like accidental texts.
Someone might send, “Hi, is this John from the trading group? The EUR/USD signal hit again,” (we did a study on the pressure tactics in signals groups), acting as if they reached the wrong number. When you respond, the conversation shifts to tips, screenshots of profits and an invitation into a group.
There is also the combo-scam, where the old-fashioned romance scam is used in connection with a clone broker scam. The lovely lady or handsome gentleman will never ask for your money (that could set off your alarm bells), but they will introduce you to a wonderful investment opportunity with a well-known broker. Just follow this special link to sign up at the VIP site instead of the regular one.
Investment groups and individual agents that funnel victims to clone sites often mix real commentary with staged success stories. They reference recognizable broker names to build trust. At some point, a “relationship manager” or “account expert” can be introduced, one who suggests moving from “demo strategies” in the group to a real account on what they describe as the official broker portal.
Because this hook plays out in a social environment, it bypasses usual caution. You are not being asked to click a random spam email. You are joining others in what looks like a community.
Step Two: The Lookalike Portal
Once trust is established, the victim receives a link. It leads to a login or registration page that (at least at first glance) looks indistinguishable from a major broker’s real site. Logos, fonts, color schemes and wording are copied exactly. PhaaS kits now supply cloned pages for many well-known banking and trading brands by default, designed to be convincing on both desktop and mobile.
Experienced traders sometimes assume they would spot a fake instantly. In practice, the differences are often one or two characters in the domain name or a different top-level domain. For example, a real broker might operate at “brokername.com”, while the clone uses “brokername-trading.com”, “brokername.app-login.com” or “brokernameVIP.com”.
This so-called typosquatting and domain padding is known to work well. Under the time pressure of a conversation, and after seeing repeated references to the brand, many people do not scrutinize the bar at the top of the browser. Or, the difference in domain name is explained away in a convincing manner. Brokername.ke is a special site for traders in Africa. You have received a special invitation to BrokernameVIP.com, where you will enjoy superior terms and conditions.
| Type of URL Manipulation | Example (Using 'Pepperstone') | Why it Works |
|---|---|---|
| The “Country” Tactic | pepperstone-uk.com or pepperstone-au.com | Scammers add a country suffix to make the site look like a localized regional branch. |
| The “Action” Tactic | pepperstone-login.com or pepperstone-trade.com | Users expecting to log in are less likely to notice the extra word in the root domain. |
| The “Extension” Swap | pepperstone.co or pepperstone.biz | Most users don’t notice the difference between .com and .co at a quick glance. |
| The “Typosquat” | peperstone.com or peppersttone.com | Relies on natural human typing errors or visual “skimming” where the brain fills in the missing letters. |
| The “Subdomain” Trap | pepperstone.secure-verify.com | The real domain is “secure-verify.com,” but the brand name is used as a prefix to create a false sense of security. |
| The “Character” Trick | pepperst0ne.com (zero instead of ‘o’) | Uses visually similar characters (Homoglyphs) to bypass casual inspection. |
If you already have an account with the real broker, but want to enjoy the special VIP offer (or similar), the fake site will happily accept your real credentials. If you do not have an account with the broker, it will walk you through a sign-up flow that looks legitimate. Either way, the scammers now control a front end that you treat as the genuine broker environment. In the first scenario, they have also gotten their hands on your login credentials to your real broker account.
Step Three: Hybrid Human And AI Strategies
Exactly what happens next can vary depending on the scam, but a common route is to provide you with one or two “advisers” or “analysts” who will contact you regularly by phone or video calls. Instead of simply accepting your first (and probably small) deposit and run, some scammers want to bleed you for a longer time, and establishing personal trust even before your first deposit will help with this.
In 2026, this layer of interaction is increasingly hybrid. Human operators use AI tools to generate tailored scripts, responses, and even synthetic voices and videos. Voice cloning systems can imitate real employees whose names and roles were scraped from LinkedIn, firm websites, and conference videos. Recent threat reports and media coverage describe scammers using cloned voices of well-known finance professionals and influencers to promote fake investment platforms.
The conversation is structured to feel personalized. The adviser appears to know your trading goals, risk appetite, and even bits of your personal life that you shared in the group. They walk you through the platform, show supposedly live trades and explain how the “segregated account” or “custody wallet” works.
Because parts of the interaction are live and responsive, victims often do not realise that other elements, such as automated chat or pre-recorded “support” responses, are AI-driven. The overall effect is a highly scalable process that feels authentic.
Step Four: The “Safe” Deposit
A crucial moment of the scam is to convince you to deposit; hopefully not just once but multiple times (depending on the type of scam). When money has left your existing bank, crypto-wallet, or broker account, and entered the clone’s orbit, it will usually be impossible to get back.
Scammers rarely say, “Send funds to my personal account.” They label the destination as a client money account, a segregated trust account, or a secure wallet. In practice, investigations by regulators and banks repeatedly show that these are ordinary mule accounts or crypto wallets.
Alerts from the National Australia Bank (NAB) in early 2026 warn of investment scams where criminals impersonate high profile analysts such as nabtrade markets expert Tom Piotrowski, directing people to fake platforms and then on to bank accounts or digital wallets controlled by the scammers.
The victim sees balances and trades on the cloned portal. Often, at first, the numbers go up. Withdrawal requests for small sums may even be honored to build confidence. Behind the scenes, the money has already left the country, and probably has also been flipped through multiple exchanges and mixers.
Tension only rises when the victim tries to withdraw a larger amount or all their capital. At that point, the clone portal may show invented “taxes”, “clearance fees” or “margin deposits” that must be paid before release, or it may simply freeze access. Perhaps you accepted a welcome bonus, and now you suddenly have a huge trading requirement to work through. Often, traders are told they must deposit even more to unlock their own money.
The exact explanation can vary, but the goal is always to get even more money out of you before you finally give up.
Regulatory Responses
United Kingdom: FCA Firm Checker And Social Media Scams
The UK has become one of the more visible battlefronts for broker impersonation, partly because of the size of its retail market and partly because the FCA publishes detailed warnings about clone firms. The FCA maintains a public “Warning List” highlighting unauthorized firms and clone firms, and its consumer advice pages explicitly describe clone scams where fraudsters copy names, addresses and firm reference numbers of FCA-authorized firms while using different contact and payment details.
Guidance aimed at UK consumers emphasizes that checking the register is necessary but not sufficient. You must verify the firm using details from the register, not from anywhere else. This includes using the exact contact info and website listed for the brokerage company at the FCA website.
In August 2025, the FCA disclosed that it had already received nearly 5,000 reports of fake FCA scams in the first half of the year, many of them involving fraudsters pretending to have recovered funds from illegal crypto wallets or investment schemes. The Advertising Standards Authority, working with major platforms, also reported more than 2,500 scam ad reports in 2025, underlining the scale of investment related fraud adverts in the paid online space.
The regulator’s response has expanded into social media, which is not surprising considering how important social media channels are for many types of trading scams. FCA enforcement against “finfluencers” jumped sharply in 2024 and 2025, with more than seventy enforcement actions in 2025 and hundreds of social media takedown requests.
Industry commentary notes that scammers increasingly use targeted ads and account switching to show misleading promotions to specific users while avoiding easy detection. A polished broker advert on social media, even with a familiar brand name, is no guarantee that the account behind it is genuine.
European Union: Payee Verification Under PSD3 And PSR
Within the European Union, regulators are trying to choke off one of the clone scam’s lifelines, the easy movement of stolen funds into mule accounts. The new payment framework involving PSD3 (the revised Payment Services Directive) and the directly applicable Payment Services Regulation (PSR) introduces stronger obligations for payment service providers, including real time monitoring and payee verification for credit transfers.
Legal analyses of the PSR text emphasize that providers must check whether the payee name matches the IBAN or other unique identifier and must warn customers if there is a mismatch.
In parallel, the EU’s Verification of Payee mandate, live since October 2025 for euro transfers, requires banks to perform name checks on SEPA transfers and to alert payers when the intended recipient’s name does not match the account. The new rules aim to combat authorized push payment fraud, where victims willingly send money to accounts controlled by scammers, often after being lured by clones or impersonators.
If your banking app shows a “Name Mismatch” warning during a SEPA transfer, CANCEL immediately.
For clone broker scams, these changes raise the bar for moving stolen fiat. If a victim in the EU tries to send money to an account whose name does not match the broker they think they are paying, a warning about the discrepancy can be very helpful, provided traders understand the underlying implications. The new rules will not stop all clone frauds, but they do add another hurdle for scammers.
Australia: ASIC, NAB And Impersonated Experts
Australia has seen a surge in investment scams built around impersonation of trusted brands and personalities, including not only broker brands but also reviewers and advisors. The Australian Securities and Investment Commission (ASIC) has issued a series of warnings about scammers using fake comparison sites and cloned adviser profiles to funnel investors to illegitimate trading and crypto platforms.
One prominent example involves National Australia Bank (NAB). In January 2026, NAB warned that criminals were using social media and messaging apps to impersonate well known Australians, including nabtrade markets expert Tom Piotrowski, to lure people into investment scams. (Nabtrade is NAB’s online investing and share trading platform, launched in 2012.)
These scams often start with fake ads that look like news stories or research notes, feature AI-generated images or deepfake videos of the expert, and lead to cloned sites that mimic NAB branding and nabtrade login pages.
Scam alerts from NAB and other Australian institutions stress common features: unsolicited contact, pressure to act quickly, requests to move money into new accounts supposedly linked to investment opportunities, and difficulty withdrawing funds once deposited.
ASIC’s own investor resources reinforce the message that consumers should verify any firm through ASIC Connect Professional Registers and should treat any unexpected contact about investments, especially involving crypto or forex, with suspicion.
United States: SEC Impersonators And Fake Recovery
In the United States, impersonation takes a slightly different shape. Alongside fake broker sites, there is a growing category of “SEC impersonators” who pretend to be from the Securities and Exchange Commission itself. In September 2025, the SEC’s Office of Investor Education and Advocacy issued a specific investor alert warning that fraudsters may impersonate the SEC or its staff via social media or text messages. These impostors offer stock tips, solicit fees, or pretend to help investors recover losses from earlier scams.
The alert notes that scammers sometimes use personal information they have already stolen to make their pitch sound more credible. The pattern familiar from broker clones repeats here: a fake authority contacts a victim, often after a previous loss, references real details, and then requests fees to “unfreeze” or “return” funds. From a trader’s standpoint, any unsolicited message claiming to be from the SEC, especially one that asks for payment, is a serious red flag.
How To Spot The “Glitch In The Matrix”
The URL Litmus Test
The most basic test for a clone is still the web address. Scammers rely heavily on typosquatting, which means they add words or characters to the name of a genuine domain to create credible fakes. They might turn a real address like “brokerexample.com” into “brokerexample-trading.com” or “secure-brokerexample.com”.
The rest of the page can be pixel-perfect, because cloning a website is now very easy. Security vendors and threat researchers repeatedly note that cloned login pages are now produced and updated at speed by PhaaS kits.
LEAVE the website immediately if the URL in your browser bar does not match the official URL of the website exactly. Be wary of small variations!
A simple rule helps: do not click on links provided by anyone except the regulator (financial authority). Go to the regulator’s website and find the correct official web address of the broker you wish to sign up with.
On mobile, where addresses are often truncated, make a habit of expanding the bar and checking the core domain before entering any credentials.
Do not chase promotions or special perks. If you question the address discrepancy, scammers will often try to lure you onto the wrong web address by claiming it is for a special promotion, for VIP clients, for clients in your specific region, and so on.
The Contact Disconnect
Clone firms borrow genuine addresses and license numbers, but they almost always change the contact points. FCA guidance on clone firms is explicit about this. In warnings, the regulator lists the fake firm’s phone numbers, emails and websites and then contrasts them with the authorized firm’s details on the register.
Media pieces on UK investment scams point out that clone sites often use the name and address of a genuine firm, but different contact information compared to the channels registered with the FCA. That disconnect is deliberate. It ensures that if you call, email or use live chat using the details shown on the clone, you reach the fraudsters, not the real firm.
In practice, this means that checking a firm’s name and reference number with the regulator is not enough. You need to match the contact details as well. If a website you are on claims to belong to an authorized firm but lists a phone number or email that does not appear on the regulator’s register, you should treat it as suspect. Go to the official website (the one listed with the regulator) and contact the firm using those details, or use the contact routes listed for the firm directly on the regulator’s page.
As you can see, the safest way to verify a broker is to reverse the direction of contact. Instead of trusting information given to you by the site or the person who reached out, you go to the regulator’s own tools and work from there. In the UK, that means using the FCA’s Financial Services Register or its simplified “Firm Checker” interface to search for the firm by name or reference number. In Australia, you use ASIC Connect. In EU markets, you use the relevant national regulator’s register. Many regulators now have pages that explicitly explain clone scams and how to cross-check firms.
Once you have the official record, you take the contact details from that record and use them to reach the firm. You do not reuse numbers, emails or URLs from the message or website that raised the question in the first place. This small shift cuts out a large class of clone scams, because it removes the attacker’s control over the channel.
The same logic applies if someone claims to represent the regulator itself. SEC alerts on SEC impersonators remind investors to verify any communication through the official investor.gov contact channels and to be wary of anyone claiming to be from the SEC who asks for money.
Deposit Red Flags
Another important check is where your money is going. Legitimate brokers and banks do not ask you to deposit into personal payment accounts or use gift card codes.
Regulators and banks repeatedly highlight payment method red flags in scam alerts: requests for transfers to newly opened accounts, accounts in names that do not match the broker, mobile wallets controlled by individuals, or crypto wallets presented as “segregated client accounts”.
If you are told to send funds to an account that does not clearly belong to the firm you believe you are dealing with, stop. If the payment is supposed to be in euros or pounds, pay attention to any new payee name verification alerts under confirmation of payee or verification of payee (VoP) regimes. Mismatches there are a signal to recheck everything, and reconsider the deposit.
Once money has left your bank account (or similar) and found its way into a mule account or a crypto wallet controlled by a scammer, your practical ability to get the money back is very slim.
What To Do If You Have Been Lured In By A Clone
Report
Contact your bank or payment provider immediately to report the transaction as fraud or an authorized push payment scam, and ask for any possible recall.
In places like the UK and EU, the rules sometimes (under certain circumstances) allow partial reimbursements if victims report quickly.
Cut Bait Right Now
If you realize you have been dealing with a clone, immediately step back and stop sending any more money their way. Do not get tricked into depositing any more money. Sending the scammer more money will not unlock your account, you are simply feeding more money into the scam.
During this stage of the scam, when the fraudsters understand that you are getting suspicious, they can be very convincing. They will make you feel that getting your money back is so close and if you only make one more deposit everything will be resolved. This is probably not true, and you should not eat it up.
Reduce The Risk Of Identity Theft
You should take steps to prevent scammers from using your personal information and credentials elsewhere. This includes changing any passwords that may have been compromised, e.g. to a legitimate brokerage account and any other log-in where you use the same or similar credentials.
Reusing log-in credentials is a bad habit that puts you at increased risk of fraud. If you reused passwords, this is the moment to stop doing that. Unique, strong passwords give you a better chance of containing damage to a single account.
Contact your bank and any other payment processors and ask them to flag your account for the increased risk of identity theft.
In some jurisdictions, it is possible to temporarily block your identity when you suspect that your personal information might be in the hands of scammers. This will be a bit of a hassle for you, because using your identity for legitimate purposes (e.g. applying for a new credit) will be more difficult or impossible while your identity is blocked. Still, it can be worth it.
Security research on phishing incidents shows that stolen personal information is resold on criminal markets for further scams. Moving fast reduces the window in which others can leverage that data.
Everything you have sent to a false broker to verify your identity can be used by someone who claims to be you. This includes copies of your ID/passport/driver’s license, copies of utility bills, copies of your bank statements, selfies and videos, and so on. A scammer can either attack you directly (e.g. try to open a line of credit in your name) or use your identity to scam others.
It is not nice to find out much later that your name is included in a major fraud investigation because a fraudster has been posing as you online, opening offshore businesses in your name in lax jurisdictions, and so on.
Clean Your Device
If you have clicked on links and/or downloaded anything, including a trading app, your computer or mobile device can be compromised. Learn how to purge it. Among other things, this will include running a powerful anti-virus check. You should also fully remove and revoke permissions for any app that is associated with the fraudster or is unknown to you.
Report The Evil Twin
Once you have pulled the immediate brakes, the next step is to alert the right organizations. Your local police or national fraud reporting center should have procedures for investment scams.
In the UK, for example, that means Action Fraud and the UK FCA’s consumer helpline. Action Fraud is the United Kingdom’s national reporting center for fraud and cybercrime. It is operated by the City of London Police on behalf of the government.
In Australia, contact the applicable state police and Scamwatch. Scamwatch is an Australian government-run website and service that helps people identify, avoid, and report scams. It is managed by the Australian Competition and Consumer Commission (ACCC).
Inform the regulator whose register was abused and the genuine firm that was cloned. In the UK, the FCA clone warnings explicitly invite consumers to report clone firms so new warnings can be issued and the domains can be added to public lists. Similar processes exist with CySEC, ASIC and other strict financial authorities around the world.
Reputable brokers usually maintain abuse reporting channels and work with hosting providers and domain registrars to take down clones. Your report adds one more data point to the firm’s fight against the evil twins.
Quick Table For Reporting Scams (2026)
| Regulator | Jurisdiction | Reporting URL | Primary Phone |
|---|---|---|---|
| FCA | United Kingdom | fca.org.uk/contact | 0800 111 6768 |
| SEC | United States | sec.gov/tcr | (800) 732-0330 |
| FINRA | United States | finra.org/complaint | (301) 590-6500 |
| CySEC | Cyprus | cysec.gov.cy/complaints | +357 22506600 |
| ASIC | Australia | scamwatch.gov.au | 1300 300 630 |
| FMA | New Zealand | fma.govt.nz/report-scam | 0800 434 566 |
| MAS | Singapore | mas.gov.sg/contact-us | +65 6225 5577 |
| SFC | Hong Kong | sfc.hk/complaint | (852) 2231 1222 |
| SEBI | India | scores.gov.in | 1800 266 7575 |
| BaFin | Germany | bafin.de/complaints | 0800 2 100 500 |
| AMF | France | amf-france.org/report | (+33) 1 5345 6200 |
| FINMA | Switzerland | finma.ch/reporting | +41 31 327 98 88 |
| CMA | Saudi Arabia | cma.org.sa/file-report | 00966 11 205 3000 |
| CMA | Kuwait | cma.gov.kw/contact | +965 22903000 |
| FSCA | South Africa | fsca.co.za/hotline | 0800 20 3722 |
| CMA | Kenya | onlineservices.cma.or.ke | +254 20 2221000 |
| OSC | Canada (ON) | osc.ca/contact | 1-877-785-1555 |
| CIRO | Canada | ciro.ca/complaint | 1-877-442-4322 |
| FSA | Japan | fsa.go.jp/consultation | 03-3506-6000 |
Detailed Information on Where to Report Clone Scams
Reporting In The UK
| Contact Channel | Specific Detail | Institutional Purpose |
|---|---|---|
| Primary Scam Reporting Hotline | 0800 111 6768 | Direct line for reporting clones and unauthorized firms. |
| International Reporting Line | +44 20 7066 1000 | Contact for victims located outside the UK. |
| Online Contact Form | fca.org.uk/contact | Submission of documentary evidence and websites. |
| Firm Checker Tool | register.fca.org.uk | Verification of authorized firm credentials. |
Reporting In The US
| Reporting Body | Contact Number | Electronic Submission |
|---|---|---|
| SEC OIEA Helpline | (800) 732-0330 | Investor.gov Portal |
| SEC OIG Hotline | (833) 732-6441 | sec.gov/oig |
| SEC TCR Portal | N/A | sec.gov/tcr |
| SEC General Support | (202) 551-6551 | help@sec.gov |
| Entity | Service | Contact Information |
|---|---|---|
| FINRA Senior Helpline | 844-57-HELPS (844-574-3577) | Support for elderly victims of financial fraud. |
| BrokerCheck Hotline | (800) 289-9999 | Professional registration verification |
| CFTC Tips & Complaints | 866-366-2382 | Reporting commodity/futures fraud |
| NFA Complaint Center | 800-621-3570 | Derivatives market misconduct reporting |
Reporting In The EU
| Regulator | Resource / Function | Access Information |
|---|---|---|
| CySEC Cyprus | General Inquiries | +357 22506600 |
| CySEC Cyprus | Fraud Verification | info@cysec.gov.cy |
| BaFin Germany | Consumer Helpline | 0800 2 100 500 |
| BaFin Germany | International Helpline | +49 (0) 228 299 70 299 |
| BaFin Germany | Whistleblower Portal | BaFin Reporting Portal |
| AMF France | Retail Investor Helpline | (+33) 1 5345 6200 |
| AMF France | Whistleblower Line | (+33) 1 5345 6444 |
| AMF France | Scam Reporting | AMF Online Form |
| FINMA Switzerland | General Enquiries | +41 31 327 98 88 |
| FINMA Switzerland | Reporting Form | FINMA Violation Form |
Reporting In Oceania
| Agency | Primary Service | Contact Information |
|---|---|---|
| ASIC Australia | Customer Contact Centre | 1300 300 630 |
| Scamwatch | National Scam Registry | scamwatch.gov.au |
| ACSC ReportCyber | Cybercrime Reporting | cyber.gov.au |
| FMA New Zealand | Investment Scam Line | 0800 434 566 |
| FMA New Zealand | Online Reporting | fma.govt.nz/report-scam |
Reporting In Asia
| Regulator / Authority | Reporting Function / Portal | Contact Information |
|---|---|---|
| MAS Singapore | ScamShield Helpline | 1799 |
| MAS Singapore | Reporting Form | mas.gov.sg/contact-us |
| MAS Singapore | Investor Alert List | mas.gov.sg/investor-alert-list |
| SFC Hong Kong | Online Complaint Form | sfc.hk/en/Online-Complaint-Form |
| SFC Hong Kong | General Enquiries | (852) 2231 1222 |
| SEBI India | SCORES Web Portal | scores.gov.in |
| SEBI India | Toll-Free Helpline | 1800 266 7575 / 1800 22 7575 |
| Japan FSA | User Consultation Room | 0570-016811 |
| Japan FSA | International Enquiries | equestion@fsa.go.jp |
Reporting In The Middle East
| Agency / Authority | Focus / Service | Contact Details |
|---|---|---|
| CMA Saudi Arabia | Violation Reports | Violation.Reports@cma.org.sa |
| CMA Saudi Arabia | Investor Protection | 00966 11 205 3000 |
| CMA Saudi Arabia | Toll-Free Support | 800 245 1111 |
| CMA Kuwait | General Inquiries | +965 22903000 |
| CMA Kuwait | Information Center | +965 22992000 |
| Kuwait Cyber Crime | Emergency Reporting | +965 97283939 |
Reporting In Africa
| Authority | Service | Contact Information |
|---|---|---|
| FSCA South Africa | Fraud Hotline | 0800 313 626 / fsca@behonest.co.za |
| FSCA South Africa | Contact Centre | 0800 20 3722 |
| CMA Kenya | Complaints Portal | Kenya CMA Online Portal |
| CMA Kenya | General Tel | +254 20 2221000 |
Reporting In Canada
| Body | Specific Focus | Contact Information |
|---|---|---|
| CIRO Canada | Dealer/Advisor Misconduct | 1-877-442-4322 / Info@ciro.ca |
| CIRO (Intl) | Callers outside North America | 800-5555-2323 |
| OSC Ontario | Fraud & Scam Reporting | 1-877-785-1555 / inquiries@osc.gov.on.ca |
| OSC Whistleblower | Confidential Tips | 1-888-OSC-5553 |
Don’t Fall For The Second-Hand Scams And The Recovery Scams
Unfortunately, the story often does not end here. Once you have been scammed, your details are valuable. They may be sold on so-called “sucker lists” to other criminal groups. That is where second-hand scams and recovery scams begin.
The second-hand scams are often fairly easy to spot. Lists are circulating with your name on them, letting scammers know that you are someone who is interested in online trading and investing. You had a bad experience in the past, and might be eager to find something “better” to invest in.
Do not be surprised if you start getting a lot of attention from alleged brokers and financial advisors, who will contact you through all the channels provided on the list, e.g. your phone number, email address, WhatsApp, Telegram, and more. Do not engage. Hang up the phone and block the number.
Report the emails as spam or phishing attempts to the email service provider, and block the sender without answering. Block the fraudsters on any app they use to contact you. Eventually, things usually calm down, as long as you do not engage.
The recovery scam can be more difficult to spot because it comes disguised as justice. SEC, FCA and several other regulators have issued alerts where they describe how fraudsters contact past victims pretending to be regulators, law firms or specialist recovery agents, claiming they can get the lost money back for a fee. In some cases, they even promise to bring the fraudsters to justice.
Recovery fraud can be even more damaging than the first because many victims have had not just their pocket book but also their feelings hurt by the initial fraud, and the dream of getting your money back and punish the fraudsters is very appealing.
The rule is simple. Don’t pay to get your money back. Don’t pay to be a part of some type of alleged lawsuit. Don’t pay someone who claims they will find the fraudsters and crush their kneecaps. Don’t believe that your money, including your trading profits, will be released by the Central Bank or National Police if you just pay your taxes on them first into this unusual and very special tax account.
Realize that scammers who can clone a broker’s website or impersonate a well-known financial advisor can also clone a law firm’s website or impersonate an Interpol agent.
Recovery scams can seem extremely promising, because the scammer already knows so much about you. When Detective Anderson from the Police Task Force Against Cybercrime contacts you, he knows your full name, the name of the cloned broker, and maybe even exactly how much money you lost and the dates when you made your deposits. Of course, this is proof that the police are conducting an investigation, right? Sadly, the truth is that you are being contacted by the same old fraudster network, or by another fraudster who purchased this information about you from the original fraudster.
If you have a hard time simply ignoring the attempts, contact the alleged authority through the official channels to verify. Be aware of the risk of running into a cloned site for that entity as well.
Real-World Examples Of Trading And Investment Clone Scams
Semi-Clone Platform ADSS TRADE Piggy-Backing On The Reputation Of Authorized Broker ADSS
On January 12, 2025, BrokersView reported how a platform named ADSS TRADE at adss-trade.com was piggy-backing on the reputation of the SCA-authorized broker ADSS.
ADS Securities LLC, who operate under the ADSS brand, is a legitimate broker authorized and regulated by the Securities and Commodities Authority (SCA) in the United Arab Emirates (UAE) under license number 305027, allowing it to offer brokerage services including forex and derivatives trading from its Abu Dhabi headquarters.
ADSS TRADE is considered a semi-clone scam, since they did not fully clone the ADSS website. A lot of crucial information was missing on the cloned site, including company information, regulatory details, client terms and conditions, and a KYC policy.
The cloned site came to the attention of BrokersView when it was reported by a trader in Vietnam, who realized he was the victim of a scam when his withdrawal request was denied by ADSS TRADE. The client had recently opened an account with ADSS TRADE and started trading. When he requested a withdrawal, he was told he had to make a deposit equal to 10% of his account balance for his withdrawal to be processed. According to ADSS TRADE, the amount would be refunded later.
The client proceeded with the deposit, but his withdrawal request was not honored. Instead, the “broker” asked for more and more payments, citing various fees. Despite paying additional fees, the client never saw his money again. He then reached out to BrokersView and shared his story, including screenshots of a chat conversation with ADSS TRADE.
Examples of fees requested by ADSS TRADE to process the withdrawal request:
- Account Upgrade to VIP Fee. Raise the deposit to $32,000 to qualify for VIP Gold Status, restore credit points, and get access to dedicated customer service. The victim was told they needed VIP Gold status to apply for manual withdrawals that would bypass the AI monitoring.
- Source Account Verification Fee. The victim was told to transfer $1,000 to complete the source account verification.
- Personal Income Tax. The victim was asked to pay 7% of his account balance in income tax to legalize his funds. (Payment should of course not be made to the official tax agency).
- Insurance fee. The victim was told that there were multiple issues with his account, and it was necessary for him to pay 4% of the account balance in an insurance fee.
- Account Verification Fee for Anti-Money Laundering (AML) Compliance. The victim was asked to pay 3% of this account balance.
This is fairly typical of clone scams; the fraudsters will keep milking the victim for as long as it is possible, while making him or her feel that the money is just within reach. The idea is to make you believe that you only need to pay one more fee, and everything will be resolved. The more you pay, the more difficult it feels to cut bait and realize that all the money is lost. Victims, understandably, want to cling to the hope of eventually getting their money back.
AI Scam Cloned The Broker Exante’s Website And Opened Real JPMorgan Accounts To Dupe Victim
On October 4, 2025, trading news site Finance Magnates reported how a victim in the United States was tricked by a clone of the brokerage firm Exante, and how the fraudsters made their scam more believable by opening real accounts with JPMorgan Chase using a U.S. address.
According to information from the real Exante, the scammers even replicated the trading board of Exante. And after receiving deposits from the victim, the scammers registered the victim on the real Exante platform. This prompted a real Exante account manager to reach out to the client, and the story began to unravel.
Notably, Exante is not open to U.S. clients, but the cloned website targeted U.S. clients, while mentioning Exante’s Cyprus address. This is a point where a vigilant trader could have become suspicious. Why am I being approached by a broker who does not officially serve the U.S. market and has no license from U.S. regulators?
In the United States, the Commodity Futures Trading Commission (CFTC) has issued an advisory stating that AI is making it increasingly easier for fraudsters to create convincing scams. Scammers are now using AI to create fake images, voices, videos, live-streamed video chats, social media profiles, and websites made to look like real financial trading platforms.
The Securities and Exchange Commission (SEC), the North American Securities Administrators Association (NASAA), and the Financial Industry Regulatory Authority (FINRA) also issued a joint warning about a rise in investment frauds involving AI and other new technologies, and in December 2024 the Federal Bureau of Investigation (FBI) also warned the public about criminals using generative AI on a large scale.
Investor Duped In Clone Broker Scheme Using Forged SEBI Credentials
On January 28, 2026, Midday reported that Indian police were investigating a fraud where a 52-year-old trader and her family members lost nearly 4.8 million Indian rupees in a fake block trading scheme. When the article was written, the amount was equal to roughly 52,800 USD.
In the article, BrokersView explain how the fraudsters posed as representatives of a reputable broking firm and used forged Securities and Exchange Board of India (SEBI) documents to convince the traders.
As with many of these scams, social media was involved. The original victim spotted a Facebook ad about stock market investments. From there, she joined a WhatsApp group that claimed to be a market insights forum linked to a well-known broker. A woman contacted her under the guise of being a company representative and promised high returns on Qualified Institutional Buyer (QIB) block trading.
After being shown a cloned website that looked like a legitimate trading platform, the victim and her family opened multiple accounts. Everything seemed to work correctly. The dashboard showed profits and smaller withdrawal requests were honored.
The scam went on for several weeks, as the victims transferred money to several different bank accounts and UPI IDs. UPI ID stands for Unified Payments Interface Identifier, and it is a part of India’s Unified Payments Interface (UPI) system, which allows people to send and receive money instantly between bank accounts using mobile devices. Instead of sharing a full bank account number and IFSC code, users enter a simple ID in the format username@bank.
The transfers were variously claimed to be capital deposits, compliance charges, and trading allocations. After being deposited, the money was routed through accounts in small finance and private banks.
The scam unraveled when the original victim attempted to make a bigger withdrawal. Instead of honoring the request, the fraudsters demanded an additional Rs 1.934 million in commission. When the victim refused to pay, communication was cut off, and she was blocked from the trading platform.
The subsequent police investigation showed that the fraudsters had used forged SEBI letterheads and cloned brokerage websites to mislead investors, and they had made sure that phone calls went to numbers controlled by themselves and not any real brokerage firm.
We Need To Adopt A Low-Trust Mindset
By 2026, a website looking nice and polished is a weak test of reality online. A professional site, a familiar brand, and even a valid license number on a page tell you very little about who is actually behind that page. PhaaS kits and AI tools have turned broker cloning into an assembly line, while impersonation scams have quickly grown by more than 1,400 percent and stripped an estimated tens of billions of dollars from investors.
For traders and investors, the defense is not a single trick but a mindset. Assume that a convincing presentation proves nothing. Treat the brand as a starting point, not as a guarantee. Verify the domain name, cross-check firm details on regulator registers, and use contact information taken from those registers, not from an advert, influencer, or person who approached you.
Be highly suspicious of any payment instruction that points to accounts or wallets whose name does not clearly match the firm you think you are dealing with.