A practical first-response manual for the moment you realize you got played and the next 24 hours matter more than your embarrassment
This is one of those moments where people lose twice.
First, they get scammed.
Then, in the panic after, they:
- wait too long
- secure the wrong account first
- keep talking to the scammer
- trust a fake “recovery” service
- treat shame as a task
The first rule is simple:
Your job is not to understand the scam perfectly right now. Your job is to stop the damage.
FTC guidance breaks scam recovery into three practical buckets:
- you paid a scammer
- you gave a scammer personal information
- a scammer has access to your computer or phone. (Consumer Advice)
1) What this manual is for
Use this if:
- you paid a scammer
- you gave them login details, codes, or personal information
- they got into your email, phone, laptop, or bank account
- you clicked a phishing link and now you are not sure what happened
- you need the first 24-hour sequence, not generic “be careful online” advice
FTC says it is always worth asking the company you used to send the money whether there is a way to get it back, and IdentityTheft.gov is the federal recovery hub if the scam exposed identity information. (Consumer Advice)
2) The first truth: the right response depends on what the scammer got
There are four main damage types:
A. They got your money
Then speed with the payment company matters most.
B. They got your account access
Then your first job is to lock down the login chain.
C. They got your personal information
Then identity-theft cleanup may matter.
D. They got into your device
Then your phone or computer may no longer be safe for banking or password resets.
FTC’s recovery guidance is structured around those exact distinctions. (Consumer Advice)
3) The first 15 minutes
Do this first:
- Stop replying to the scammer.
- Save screenshots, receipts, usernames, phone numbers, wallet addresses, emails, and messages.
- If money moved, contact the payment company or bank immediately.
- If you gave passwords, start with your email account first.
- If the scammer got remote access to your device, disconnect it from the internet.
- If identity information was exposed, prepare to use IdentityTheft.gov.
FTC says if you paid a scammer, it is always worth asking the company you used to send the money whether there is a way to get it back, and if a scammer had access to your computer or phone, you should secure your accounts and device. (Consumer Advice)
4) If you paid money, move fast by payment type
This is where delay gets expensive.
FTC says:
- if you paid by credit or debit card, contact the card company or bank and report it as a fraudulent charge
- if there was an unauthorized transfer from your bank account, contact the bank and report it
- if you paid with a gift card, contact the gift card company right away and keep the card and receipt
- if you sent a wire transfer, contact the wire transfer company or bank immediately and ask them to reverse it. (Consumer Advice)
Script
I was scammed and need to report a fraudulent transaction immediately. I need to know whether the payment can be reversed, blocked, or treated as fraud.
That is the right first sentence.
Not: “I think I made a mistake.”
5) If you paid by gift card
Treat this as urgent.
FTC says to contact the gift card company immediately, tell them it was used in a scam, ask for a refund, and keep the card and receipt. (Consumer Advice)
Practical rule
Do not waste the first hour arguing with the scammer.
Use it on the gift card issuer.
6) If you paid by bank transfer, card, or payment app
Call the bank or issuer first, not later.
FTC says to report unauthorized debits or fraudulent card charges to the issuing bank or card company and ask them to reverse the transaction. (Consumer Advice)
Practical rule
Your first goal is not “justice.”
It is stopping more money from leaving.
7) If you gave passwords, start with email first
People often change random passwords and leave the most important one exposed.
That is backwards.
If a scammer gets your email, they may be able to reset:
- bank logins
- shopping accounts
- social accounts
- cloud storage
- password manager access
- recovery codes
FTC phishing guidance says scammers use phishing to steal passwords, account numbers, and Social Security numbers, and with that information they can get access to email, bank, or other accounts. (Consumer Advice)
The right order
- primary email
- bank and payment accounts
- phone carrier account if relevant
- major shopping and social accounts
- everything else
Script to yourself
Do not optimize. Lock the control tower first.
8) If you gave one-time codes, SSN, or other identity info
Now this may be an identity-theft problem, not just a scam problem.
IdentityTheft.gov is the FTC’s official recovery site for reporting identity theft and getting a personalized recovery plan. (IdentityTheft.gov)
Practical rule
If the scammer got:
- SSN
- driver’s license
- tax info
- bank details
- date of birth plus account access
- enough information to open accounts
then move into identity-theft containment:
- report it
- consider a fraud alert or freeze
- monitor credit and account activity
9) If the scammer had access to your computer or phone
This is different from just clicking a bad link.
If you installed remote-access software or let someone control the device:
- disconnect it from the internet
- stop using it for banking
- do not use it for password resets until you trust it again
FTC’s scam-recovery guidance specifically separates scams where someone got access to your computer or phone from ordinary payment scams. (Consumer Advice)
Practical rule
A device that was remotely controlled is not “probably okay.”
Treat it as compromised until cleaned or reset.
10) If it started with phishing
FTC says phishing emails and texts are designed to steal passwords, account numbers, or SSNs, and may pretend there is suspicious activity, a billing problem, or an account issue to push you into clicking. (Consumer Advice)
Practical rule
If you clicked and then entered data:
- assume the data is exposed
- secure the affected accounts immediately
- report the phishing
FTC says phishing can be reported by forwarding emails to [email protected] and suspicious texts to 7726. (Consumer Advice)
11) If this was a romance scam or relationship scam
Do not keep negotiating with the scammer because you want the story to resolve.
FTC says romance scammers build trust, then push for money using urgency and stories, often directing people to wire money, gift cards, money transfer apps, or cryptocurrency. (Consumer Advice)
Practical rule
Once money has been requested or sent, switch from relationship mode to fraud mode.
That means:
- stop contact
- save evidence
- contact the payment provider
- report the scam
- report the account/profile on the platform where you met them
FTC says suspected romance scams should also be reported on the social network or app where the contact happened. (Consumer Advice)
12) Report it in the right places
At minimum:
A. ReportFraud.ftc.gov
FTC says this is where to report scams and fraud. (Consumer Advice)
B. IdentityTheft.gov
Use this if identity information was exposed or misused. (IdentityTheft.gov)
C. The payment company / bank
Because that is where money recovery may still be possible. (Consumer Advice)
D. The platform where it happened
Especially for romance scams, phishing pages, fake sellers, or fake support accounts. FTC says to report scam profiles to the site, app, or social platform involved. (Consumer Advice)
13) The second scam: fake recovery services
This is where people get hit again.
FTC says refund and recovery scams specifically target people who already lost money to a scam. The pitch is usually that someone can recover your money, prize, or goods if you pay them first. FTC says if you pay, you will lose more money. (Consumer Advice)
Practical rule
Anyone asking for an upfront fee to “recover” your money is a danger sign, not a solution.
Script
I do not pay upfront recovery fees. Goodbye.
14) What not to do
Avoid these mistakes:
Mistake 1: trying to reason with the scammer
That is not recovery.
Mistake 2: changing random passwords but not your email
That leaves the control center exposed. (Consumer Advice)
Mistake 3: waiting to report because you feel stupid
Delay helps the scammer, not you.
Mistake 4: paying a recovery service
FTC says that is often just another scam. (Consumer Advice)
Mistake 5: assuming a small loss means no risk
Even a “small” scam may have exposed credentials, device access, or identity data. (Consumer Advice)
15) The clean sequence
If you were scammed, the right order is:
- stop contact
- save evidence
- contact the payment provider or bank
- secure email and money accounts
- disconnect compromised devices if access was given
- report the scam to FTC
- use IdentityTheft.gov if personal info was exposed
- ignore “recovery agents” asking for upfront fees
That is the sequence.
Not:
- shame
- rage
- bargaining
- hoping it fades
16) Panic-mode version
If your brain is fried, do only this:
- call the bank/payment company now
- change your email password now
- stop replying to the scammer
- save screenshots and receipts
- report it at ReportFraud.ftc.gov
- if personal info was exposed, go to IdentityTheft.gov
- do not pay anyone who says they can recover your money for a fee (Consumer Advice)
17) One-paragraph summary
If you were scammed online, the first 24 hours are about containment. FTC guidance says that if you paid a scammer, you should contact the payment company or bank immediately and ask whether the transaction can be reversed. If you gave personal information or account access, secure your accounts, starting with email, and use IdentityTheft.gov if the scam could lead to identity theft. If a scammer accessed your computer or phone, stop using it for sensitive activity until it is secured. And do not fall for a second scam: FTC says “refund” or “recovery” services that ask for upfront payment are often just another fraud. (Consumer Advice)
Super-useful reads:
Micro Crisis Survival Manual #3: Your Parent Scam Shield
Micro Crisis Survival Manual #8: Identity Theft - The First 24 Hours
31 Days of Money Confidence (Without Getting Scammed)
