リカバリー詐欺は暗号資産の被害者を再び標的にします。
その見分け方、そしてCryptoLeekがなぜ異なるのか。
リカバリー詐欺は、この分野で最も悪質なカテゴリーです。実行者は、過去に暗号資産詐欺の被害に遭った人々を狙い撃ちにします。被害者が当初の損失を取り戻すことに感情的に強く執着しており、それゆえ二度目の搾取に対して脆弱であることを知っているからです。リカバリー詐欺の実行者は、公開されている詐欺報告データベース、ソーシャルメディアの投稿、リカバリーをテーマとしたフォーラムから連絡先情報を収集し、当初の被害発生から数日から数週間以内に、被害者へ一方的に接触します。手口は一様であり、見分け方を知ってさえいれば認識は容易です。
Contact arrives unsolicited shortly after you filed a scam report or posted publicly about your loss. The operator claims to be from a recovery firm, a regulator, a law-enforcement agency, or an exchange compliance team. They name-drop credentials: "FBI partner agency", "registered with the FCA", "Interpol cyber unit".
They tell you they've already started tracing your funds and have located them at an offshore exchange. To complete the recovery, they need an upfront retainer, court filing fees, or "asset-freeze deposit". The amount is calibrated to feel small relative to what they claim to have located — typically a few thousand dollars against a recovery promised in the high five or six figures.
Once the retainer is paid, communication degrades. Excuses about court delays, additional fees, regulatory hurdles. The operator continues to extract additional payments under various pretexts, until either you stop paying or you recognise the pattern. The "recovery" was never real; the contact was farming for a second extraction from the start.
詐欺被害を公開で報告した方、または暗号資産の損失についてソーシャルメディアに投稿した方は、誰もが対象となり得ます。連絡先リストは詐欺の実行者の間で出回っており、一度被害に遭うと、「リカバリー」勧誘の格好の標的になります。実行者はしばしば連携します。ある実行者が最初の詐欺を仕掛け、別の実行者(時には別の身元を装った同一人物)が、数か月後にリカバリー詐欺による追い打ちを仕掛けるのです。
Signals victims and bystanders should know.
- 01
Cold contact from a "recovery specialist" you didn't reach out to
Legitimate recovery firms don't cold-call. Regulators don't cold-call victims. Law enforcement don't cold-call to demand upfront fees. Any unsolicited contact offering recovery in exchange for upfront payment is the scam.
- 02
Name-drops major agencies without verifiable credentials
"FBI partnered", "Interpol crypto unit", "FCA-authorised recovery specialist" — search the agency's official register. Real firms appear there; recovery scammers don't.
- 03
Unsolicited contact + no written scope before payment
The defining marker is HOW the engagement is offered, not just whether payment is involved. Legitimate firms assess your case first, then issue a written scope of work with a fixed retainer you can review before paying anything. Scam operators cold-contact you, name-drop credentials they cannot substantiate, and demand "court filing fees" or "asset-freeze deposits" with no defined deliverables. If you cannot get a written, specific scope of work in advance, treat the offer as the extraction.
- 04
Asks for crypto payment specifically
Recovery scammers often request payment in crypto (or via gift cards / wire transfers to obscure addresses) precisely because those payments are harder to dispute later.
- 05
Pressure to act immediately
"The window is closing", "your funds will be moved tomorrow", "this opportunity expires". Manufactured urgency is engineered to prevent verification.
The first 24 hours matter most.
- 01
Refuse any unsolicited recovery offer without a written, specific scope
A real firm answers an inbound enquiry from you, assesses the case, then issues a written quote that lists exactly what the retainer buys (trace, evidence pack, exchange escalation, etc.). If you were cold-contacted and the offer skips that step, end the conversation regardless of how official the credentials sound.
- 02
Verify any firm against their official register
If they claim authorisation by FCA / SEC / ASIC / BaFin / MAS, search the regulator's public register for the firm name. Real firms appear; scammers don't. If they claim to be law enforcement, call the agency directly via a number from the agency's official website (not a number they provide).
- 03
Report the contact to your national fraud-reporting centre
IC3, Action Fraud, CAFC, ScamWatch, ASC. Recovery-scam reports are taken seriously because they target already-vulnerable victims; the FBI explicitly warns about this pattern.
- 04
Engage CryptoLeek's free 24-hour case review for honest framing
We operate on a no-upfront-fee, success-fee-only basis specifically because the legitimate model doesn't need upfront payments. The free review tells you honestly whether the original loss is recoverable, without asking for a cent.
Questions victims of this pattern ask us most.
How can I tell if a recovery firm is legitimate? +
Why is CryptoLeek different from a recovery scam? +
I already paid a recovery scammer. Can I recover that money? +
Lost crypto to this pattern?
We can help you recover it.
We trace the funds on-chain, identify the recovery choke points, and coordinate action with exchanges, payment processors, and counsel across 40+ jurisdictions. Free assessment within 24 hours, with an honest yes/no on whether the funds are realistically recoverable.
The vocabulary this pattern uses.
Definitions of the terms that come up across this guide. Each links to the full glossary.
暗号資産詐欺の過去の被害者を標的とし、求めてもいない「回収(リカバリー)」の申し出で一方的に連絡を取り、作業範囲を書面で示さないまま支払いを要求する詐欺です。実際の回収は一切行われず、複数の段階を通じてさらに金銭を吸い上げることも少なくありません。
本来のコンプライアンス・ホールドとは、AML/KYC審査の過程で規制当局の要請により取引所が資金を凍結する措置であり、既存の残高から差し引かれる形で行われ、利用者による追加の支払いは一切必要ありません。一方、出金ブロック型恐喝とは、いかなる解除の前にも利用者へ追加手数料の支払いを要求する、偽の凍結措置です。
詐欺的な取引プラットフォームが、被害者が次々と増額される手数料、すなわち納税証明、AML確認、口座ランクのアップグレードなどを支払うまで、被害者が「獲得した」資金の払い戻しを拒否する、第二段階の搾取の手口。しかし、これらの手数料をいくら支払っても、資金が払い出されることはありません。
調査会社が回収案件のために編成する構造化されたドシエ(証拠資料一式)。トランザクションハッシュのトレース、ウォレットクラスター分析、取引相手の特定、補足となるスクリーンショットおよびやり取りの記録、そして回収経路に関する提言を含み、規制当局や裁判所が受理する水準にまとめられたものを指します。
オンチェーンのフォレンジック手法であり、共通入力ヒューリスティック、共通の支出パターン、行動上の指紋を用いて、同一の運営者によって管理されていると考えられる複数の暗号資産アドレスを「クラスター」としてグループ化します。