Unveiling Recovery Room Fraud: How Scammers Exploit Belgian Victims Twice Over
Fraud is on the rise in Belgium, with reports of online scams surging year after year.
Among these, recovery room fraud—a particularly insidious scheme targeting victims of previous scams—has become a growing concern. What can banks do to protect their customers?
The rising prevalence of online fraud in Belgium is evident from recent statistics. For instance, in 2022, the Federal Public Service (FPS) Economy recorded 51,874 cases of fraud—an 8.26% increase from the previous year. Even more concerning, during the first six months of 2024, online fraud reports increased by almost 45% year-on-year, according to data from the Belgian Financial Services and Markets Authority (FSMA).
Fraudsters are targeting Belgian citizens primarily through investment fraud. In 2023, fake investment opportunities reached record levels, with the FSMA recording 2,170 reported cases. Fake online investment platforms are particularly prevalent, with reports indicating that victims lost 15.5 million euros in 2023 alone—an average of almost 16,000 euros per victim.
The latest data suggests that 2024 will once again be a dismal record year for Belgium in this respect. To provide perspective, since May 2019, Belgian victims of investment fraud have reported losses totaling a staggering €82 million.
Recovery room fraud: A growing threat in Belgium
However, this is far from all. Another type of scam appears to be quickly gaining traction among fraudsters targeting Belgians: recovery room fraud. Reports of this scam increased by 60% in the first half of 2024. But what exactly does it involve?
Recovery room fraud occurs when fraudsters offer to “help” victims of investment fraud recover their lost assets or obtain compensation for their losses. In other words, recovery room fraud targets individuals who have already fallen victim to a previous scam. This is because fraudsters often possess important information about the victim (obtained from what is known as a “suckers list”), enabling them to deceive the victim more easily in the next round of fraud.
Fraudsters most often contact their victims by phone or email. However, the FSMA has found that, in some cases, victims encounter fraudulent “helpers” while searching online or on social media. During the initial contact, scammers typically introduce themselves as employees of law firms, accountants, financial authorities, or police officers. To make their impersonation more convincing, they often misuse the identities of real companies and institutions, along with publicly available information about them. Recent examples include Atomic Wallet, Belton Accounting, and CertiK.
As of October 2024, the FSMA identified the following companies as operating unlawfully:
- Akin (www.akin.com.co)
- Bitcity (https://bitcity.cc/ and https://bitcity.ac/)
- Concord Services (http://concord-services.org/)
- Ledgible (https://ledgible.io/)
- Recovery AI (https://recovery-ai.org/)
- Trade Control (www.tradecontrol.org)
- World Blockchain Organization (https://uwnbo.info/; euwbo.com)
Under the pretext of helping to resolve the fraud and secure reimbursement, fraudsters ask victims for money (or payment in cryptocurrency)—sometimes presenting the request as a deposit, and other times as a tax or administrative fee. In some cases, these scammers offer “free” services and persuade the victim to grant access to their computer through a remote desktop application, such as AnyDesk. This access allows the scammers to install malware and gain entry to the victim’s internet banking.
No rest for the defrauded: The impact of repeated victimization
It is clear that recovery room fraud tactics are highly sophisticated and insidious, relying on social engineering and impersonation.
First, victims are already vulnerable, with diminished self-confidence and judgment, as they have previously fallen for an initial fraud. The emotional and financial stress of prior victimization make them more susceptible to additional scams. Second, as the victim is already on a “suckers list” (read more in our interview with Becky Holmes), the fraudster possesses critical information to make the recovery scam highly convincing. Finally, by impersonating well-known firms or authorities, scammers create a sense of authority and trust in the victim.
As a result of these factors, recovery room frauds can be extremely damaging for victims. Being victimized a second time is devastating not only to their financial and psychological well-being but also to their trust in banking and financial institutions. This diminished confidence may make customers hesitant to engage with financial entities.
How financial institutions can combat recovery room fraud
The consequences of recovery room fraud directly impact Belgian banks and PSPs. Detecting and preventing this type of fraud is highly complex, requiring reliable anti-fraud systems to address the challenge effectively. Fundamentally, if banks could detect the initial fraud—such as investment scams—it would prevent fraudsters from executing recovery room fraud altogether. In this sense, recovery room fraud represents a double blow: it not only exacerbates financial losses but also further erodes customer trust in financial institutions..
Regardless of whether the fraud is primary or secondary—ranging from investment scams to recovery room schemes—it is vital for banks to implement advanced tools capable of identifying even the most sophisticated tactics. This includes scenarios involving social engineering, in which fraudsters manipulate victims into authorizing seemingly legitimate payments from their own accounts.
Leveraging behavioral intelligence for effective fraud protection
ThreatMark’s Behavioral Intelligence Platform can serve as a powerful tool in combating sophisticated fraud. With a holistic approach that combines data from multiple sources—including transactional records, device information, and user behavioral patterns—the platform can detect even complex fraud schemes, such as investment scams and recovery room fraud. This is because both types of fraud involve deviations from the user’s normal behavior, whether through unusual transactions or atypical interactions on the banking platform.
In the case of recovery room fraud, ThreatMark’s solution effectively addresses scenarios where the fraudster offers their services seemingly for free but requires the victim to install a remote access tool on their computer. The Behavioral Intelligence Platform can reliably detect the presence of remote access tools, such as AnyDesk or TeamViewer, and prevent the fraud before it occurs.
Learn more about ThreatMark Behavioral Intelligence
What recovery room fraud teaches us
Recovery room fraud highlights yet another important lesson: a technological approach must go hand in hand with efforts to destigmatize fraud victims and provide them with effective support. This dual strategy is essential for addressing the currently low levels of fraud reporting, which significantly enable recovery room fraud.
Low reporting rates play directly into the hands of fraudsters. When victims fail to report fraud cases, banks are unable to protect them effectively. For example, victims miss out on critical support, such as guidance through the investigation process and advice that could discourage them from seeking risky “solutions” online. Additionally, non-reporting leaves banks unaware of the true scale of recovery room fraud, hindering their ability to combat it effectively.
A changing liability landscape could help encourage victims to report fraud. By offering victims hope of recovering at least some of their lost funds, banks and other institutions can build trust and foster a sense of accountability, ultimately reducing the impact of (not only) recovery room fraud.
Read more about the liability shift
Last but not least, recovery room fraud is not limited to Belgium; it is a growing trend in other countries as well. For instance, the Canadian Anti-Fraud Centre (CAFC) reported that recovery scams more than doubled in 2023, resulting in over $1.6 million in losses. Similarly, Australia’s ACCC recorded a 129% increase in such cases during the first six months of 2024, with total losses exceeding $2.9 million.
Providing strong anti-fraud protection, clear guidance, and accessible support boosts reporting rates, safeguards vulnerable customers, and strengthens trust in financial institutions. Banks must adopt advanced fraud protection systems and offer recovery assistance to victims—both in Belgium and globally—rather than leaving fraudsters with more opportunities to exploit them for profit.
Related Articles
-
December 5, 2024
Purchase Scams: The Emerging Threat Banks Can’t Afford to Ignore
Purchase scams are becoming increasingly common among scammers.
While their average financial impact on victims is typically lower than...
-
November 19, 2024
Floods in Poland: How Scammers Exploit Crises to Target Vulnerable Victims
Central Europe was recently struck by severe flooding, which, unfortunately, triggered a surge of scam attempts.
In Poland, fraudsters...
-
November 13, 2024
Imposter Fraud: Trends, Tactics, and Effective Mitigation
Impersonation (or imposter) scams are some of the most common and effective tactics used by scammers.
In these schemes,...