How to report a scam website without using the link

Report a scam website by saving the exact URL and evidence, then choosing the official reporting path that matches what happened. If you paid, signed in, entered personal information, downloaded a file, or allowed remote access, handle that risk first; reporting the URL should not delay bank, account, identity, or device steps.

If you paid, signed in, or entered personal information

Start with the thing that changed, not the report form. These steps are more time-sensitive than a takedown report.

• If you paid or shared payment details, contact the connected bank, card issuer, payment app, crypto exchange, or money-transfer service first.
• If you entered a password or one-time code, go to the real site or app, change the password, sign out of other sessions, and review recovery settings.
• If you shared sensitive personal information, start with the exact information exposed: SSN, ID image, bank login, card number, address, phone number, email, document, or verification code.
• If you downloaded something, installed an app, allowed remote access, or approved a browser profile, disconnect from the site and check the device or account before continuing.

Save the evidence before you report

Keep what you already have. Do not click deeper into the site, create another account, place a test order, or send more information just to prove the site is fake.

• The exact website URL, including unusual spelling, extra words, numbers, dashes, subdomains, and the top-level domain.
• Screenshots of the page, fake checkout, fake login screen, product listing, business name, contact page, wallet address, or payment instructions.
• Messages that sent you there, including emails, texts, DMs, ads, search results, social posts, marketplace listings, QR codes, or invoices.
• Payment or account details such as dates, amounts, transaction IDs, order numbers, wallet addresses, card alerts, bank notices, account warnings, and support ticket numbers.
• A short timeline of what you clicked, entered, paid, downloaded, installed, approved, or changed.

For IC3 reports, the FBI asks for accurate details such as website, transaction, contact, and incident information. IC3 also tells people to keep original evidence because attachments are not collected through the complaint form.

Where to report a scam website

Most people need one or two reports, not every form on the internet. Use the row that matches the risk, then report to any platform, bank, payment app, exchange, marketplace, or real company involved.

If you are not sure which government route applies, USAGov’s reporting tool can route the scam by where it happened and the category.

What reporting can and cannot do

Reporting is worth doing, but it is not the same as a refund request, police case update, or takedown guarantee. The FTC says reports can help it build cases, spot trends, educate the public, and share community data. IC3 says complaints are reviewed and may be referred, but contact or investigation is at the receiving agency’s discretion.

The practical takeaway: report the URL, but also contact the organization that can act on your specific loss or account risk. A browser report may help with warnings, a bank dispute may help with payment, a platform report may remove an account or listing, and an FTC or IC3 report helps the larger fraud record.

Avoid fake reporting and recovery sites

A reporting search can become another scam. The FBI warned in 2025 that criminals spoofed IC3 websites, sometimes using slightly altered domains to steal personal and banking information from people trying to report crime.

Common questions

Can ScamClarity report the website for me?

No. ScamClarity can help you choose a reporting path, but formal reports should be filed directly with the official agency, platform, company, bank, payment provider, or local authority that applies.

Will the scam website be taken down?

Maybe, but do not count on it happening quickly. Browser warnings, platform removals, hosting action, law enforcement review, and payment-provider review all depend on the facts, the receiving organization, and the evidence available.

Should I report it if I only saw the website?

Often, yes. A report that includes the exact URL and how you found it can still help show that the site is being used in a broader scam.

Should I report a scam website to both FTC and IC3?

Sometimes. The FTC route fits many consumer fraud reports. IC3 is the better fit when the scam involved online fraud, account takeover, crypto, remote access, payment movement, or other cyber-enabled crime. If both fit, filing both can be reasonable, but do not delay provider actions.