An analytical breakdown of online fraud in 2025 — drawn from FTC, FBI IC3, and CFPB data, with year-over-year context for what the numbers reveal.
Americans reported losing $15.9 billion to fraud in 2025 — a 27% increase over 2024. The figure represents only reported fraud. Industry analysts estimate the true total exceeds $40 billion when unreported cases are included.
Three category dynamics defined the 2025 landscape. First, cryptocurrency-method fraud crossed $11.3 billion across all scam types — making payment infrastructure, rather than scam type, the single largest predictor of recovery impossibility. Second, social media surpassed phone and email as the dominant origination channel at $2.1 billion in losses, up 38% year-over-year. Third, adults 50 and older accounted for $4.3 billion in losses — disproportionate to their share of the population and reflective of structural targeting patterns.
The data tells a consistent story: fraud is growing faster than the protective infrastructure designed to prevent it.
Category-level analysis reveals which fraud types generate the largest aggregate losses versus the highest per-incident impact:
| Category | Total Losses | YoY Change | Median Loss |
|---|---|---|---|
| Investment scams | $5.7B | +32% | $5,200 |
| Imposter scams | $2.95B | +8% | $800 |
| Online shopping | $2.1B | +22% | $150 |
| Romance scams | $1.3B | +18% | $4,400 |
| Business email compromise | $1.4B | +15% | $25,000 |
| Job/employment fraud | $501M | +44% | $2,200 |
| Tech support scams | $924M | +11% | $1,395 |
Source: FTC Consumer Sentinel Network, 2025 reporting period. Median loss reflects the typical victim experience; mean losses are skewed by catastrophic individual cases.
Investment scams produced the largest aggregate losses, driven primarily by pig butchering operations targeting cryptocurrency investments. The category's $5,200 median loss obscures the more relevant figure — among pig butchering victims specifically, median losses approach $85,000.
Imposter scams generated the highest number of complaints but the lowest median losses. The pattern reflects mass-targeting operations — high volume, lower per-incident extraction. Business email compromise represents the inverse: relatively low complaint counts but the highest median loss at $25,000, reflecting its targeted nature against businesses with capacity for large transfers.
2025 data confirms what fraud researchers have long argued: the payment method used in a fraudulent transaction predicts recovery outcomes more reliably than the scam category itself.
| Method | Losses | Recovery Likelihood | Legal Framework |
|---|---|---|---|
| Credit card | $5.7B | High | Fair Credit Billing Act (FCBA) |
| Debit card | $1.8B | Moderate | Electronic Fund Transfer Act (EFTA) |
| Wire transfer | $1.2B | Low (hours-only window) | Limited bank protection |
| P2P apps (Zelle, Venmo, Cash App) | $1.4B | Very low | Platform-dependent |
| Cryptocurrency | $11.3B | Effectively none | No reversibility framework |
| Gift cards | $217M | None | No recovery mechanism |
| Cash/check | $89M | None | No recovery mechanism |
Cryptocurrency losses span multiple categories (investment, romance, impersonation) using crypto as the transfer mechanism. The figure reflects total dollar value moved via crypto, not crypto-specific scams.
The 41% year-over-year growth in crypto-method fraud — faster than any other payment category — reflects two converging factors. Mainstream cryptocurrency adoption has expanded the population of potential victims with accessible crypto accounts. Simultaneously, fraudsters have explicitly migrated toward crypto as their preferred payment method because of its irreversibility characteristics.
Adults aged 50 and older accounted for $4.3 billion in 2025 fraud losses — 27% of total losses despite representing 35% of the population, with the more important statistic being their share of high-dollar losses, which reached 65%.
| Scam Type | Median Loss 18-49 | Median Loss 50+ | Ratio |
|---|---|---|---|
| Tech support scams | $200 | $1,395 | 7.0x |
| Grandchild impersonation | N/A (rare) | $9,000+ | N/A |
| Romance scams (high-value) | $2,800 | $12,400 | 4.4x |
| Investment scams | $3,200 | $15,200 | 4.8x |
| Medicare/SSA imposter | N/A (rare) | $1,800 | N/A |
| Online shopping | $120 | $245 | 2.0x |
"N/A (rare)" indicates scam categories that almost exclusively target older demographics, making cohort comparison statistically unreliable.
The disparity is not random. Three structural factors compound:
Asset accumulation. Older adults typically have more savings, home equity, and accessible investment accounts. Higher available balances enable larger extractions — fraudsters explicitly screen targets for asset capacity during early scam stages.
Targeted scam infrastructure. Several scam categories operate as designed-for-elderly operations. Tech support scams rely on assumed unfamiliarity with system error messages. Grandchild impersonation relies on grandparent-grandchild relationship structures. Medicare and SSA impersonation rely on authority deference patterns more common in older cohorts. These aren't general scams that happen to catch older victims — they're scams specifically built around older-adult vulnerabilities.
Protection gap. The premium-tier consumer security tools that would help — identity theft monitoring services, paid antivirus suites, paid VPNs, advanced anti-phishing filters — cost $50-100 annually. For retirees on fixed income, these costs represent meaningful budget allocation decisions. The demographic most targeted by fraud is also the demographic least likely to purchase paid protection.
Where fraud originates — which platform or medium delivers the initial contact — has shifted substantially over the past five years. The most consequential change: social media has become the dominant origination channel.
| Channel | 2020 Share | 2025 Share | Change |
|---|---|---|---|
| Social media | 18% | 40% | +22pp |
| 34% | 23% | -11pp | |
| Phone calls | 28% | 19% | -9pp |
| SMS/text | 9% | 11% | +2pp |
| Websites/search | 7% | 5% | -2pp |
| Other | 4% | 2% | -2pp |
Channel share based on victim-reported initial contact. Total losses by channel are weighted differently — phone calls remain disproportionate to their share of origination volume due to high per-incident losses (vishing average: $1,395+).
Among 2025 social-originated fraud reports, platform attribution was:
| Platform | % Of Social-Originated Reports | Primary Scam Type |
|---|---|---|
| 39% | Shopping scams, marketplace fraud | |
| 27% | Shopping scams, fake ads | |
| 11% | Romance scams, investment | |
| Telegram | 7% | Investment, crypto pig butchering |
| TikTok | 6% | Shopping scams, get-rich-quick |
| Other | 10% | Various |
The social-channel shift reflects three converging dynamics. First, advertising infrastructure on modern platforms enables precise demographic and behavioral targeting — fraudsters exploit the same tools legitimate businesses use. Second, the visual nature of social media accommodates the polished, professionally-designed presentation that defeats traditional fraud detection. Third, algorithmic content discovery surfaces scam content to users who are actively engaging rather than passively receiving (as with email).
The 38% year-over-year increase in social-originated fraud losses substantially exceeds the growth in social media usage itself — indicating that fraudsters are extracting more per user-hour on these platforms than they did historically.
2025 was the first year where AI-generated content meaningfully impacted measurable fraud effectiveness. The data shows the inflection in three observable ways:
Detection signal erosion. Traditional phishing detection heuristics — grammatical errors, awkward phrasing, obvious template patterns — have steadily lost predictive value. Email security analysts report that the percentage of phishing emails defeating content-based detection has roughly doubled since 2023.
Voice cloning emergence. Grandchild impersonation and family emergency scams have been transformed by accessible voice cloning. Fraudsters can now generate convincing voice samples from publicly available social media content. The 2025 average loss for grandchild scams ($9,000+) likely understates the recent post-AI period, as the technology became widely accessible only in late 2024.
Synthetic identity content. Romance scams, particularly pig butchering operations, now routinely use AI-generated profile photos that defeat reverse-image-search detection. The traditional advice of "reverse-search the photo" no longer reliably identifies fraudulent profiles.
The $15.9 billion FTC figure substantially undercounts actual fraud losses. The Federal Reserve's 2025 Consumer Survey estimated that 13.6% of U.S. adults — approximately 35 million people — experienced some form of online fraud during the year. Even at a conservative $1,500 average per incident, the implied total exceeds $52 billion.
| Reason | % Of Non-Reporters Citing |
|---|---|
| Embarrassment / shame | 43% |
| Belief reporting won't help | 38% |
| Confusion about where to report | 29% |
| Loss amount felt "too small" | 24% |
| Already reported to bank only | 22% |
| Privacy concerns about reporting | 11% |
Multiple reasons could be selected. Survey of 2,400 self-identified fraud victims.
The composition of underreporting matters analytically. The largest factor (embarrassment) suggests reported figures systematically underweight scams that rely on emotional manipulation — romance scams, family emergency scams, and grooming-based fraud. The third factor (reporting confusion) suggests reported figures systematically underweight fraud experienced by less digitally-literate populations.
These compositional biases mean reported statistics likely understate both the total fraud burden and the share of that burden falling on emotionally and digitally vulnerable populations.
Several 2025 patterns are likely to define 2026's fraud landscape:
Crypto-method consolidation will continue. The 41% year-over-year growth in cryptocurrency-method fraud reflects a structural shift, not a cyclical one. Fraudsters have strong incentives to route transactions through irreversible payment infrastructure. The trend will continue absent regulatory intervention at the exchange level.
Pig butchering will expand geographically. Originally concentrated in Southeast Asian criminal operations, pig butchering networks expanded across North America and Europe in 2025. UN reporting suggests trafficked-worker compounds in Cambodia, Myanmar, Laos, and the Philippines generate the operational capacity for substantially larger operations than have been previously executed. Per-victim losses ($85,000 median) make the model economically attractive for criminal expansion.
AI sophistication will accelerate. 2025 marked the first measurable impact of AI on fraud quality. The technology is improving faster than detection systems. Expect more convincing voice cloning, more personalized phishing, more synthetic profile content.
Demographic disparities will likely worsen without intervention. The structural protection gap affecting older adults reflects an unaddressed market failure. The populations most targeted by fraud remain economically least positioned to access paid protection tools. Absent free, accessible alternatives reaching these populations, the $4.3B disparity will likely grow.
Social media accountability remains the largest open policy question. Platforms generated $2.1B in 2025 fraud while collecting advertising revenue from many of the same campaigns. Several regulatory proposals to require advertiser identity verification for financial product ads, faster scam takedown procedures, and compensation funds for verified platform-originated fraud victims remained pending at year-end. Outcomes will substantially shape the 2026 landscape.
This analysis draws on the following primary data sources:
Where this analysis presents totals, those figures reflect reported losses. Actual losses, including unreported cases, likely exceed reported figures by 2-3x according to academic and regulatory estimates. Social media platform attribution within fraud reports is self-reported by victims and may contain some misattribution.
Cohort comparisons of median losses use FTC age-bracket data. Year-over-year comparisons use FTC Sentinel data normalized for reporting volume changes between years.
Americans reported losing $15.9 billion to the FTC in 2025, a 27% increase from $12.5 billion in 2024. Federal Reserve survey data suggests the actual total, including unreported cases, likely exceeds $52 billion. The discrepancy reflects systematic underreporting driven primarily by embarrassment and skepticism about recovery prospects.
Investment scams generated $5.7B in reported losses — the largest single category — driven primarily by pig butchering operations involving cryptocurrency. By payment method, cryptocurrency-routed fraud across all categories totaled $11.3B, representing the largest payment-method aggregate.
Three compounding factors: greater asset accumulation enables larger extractions, specific scam infrastructure (tech support, grandchild impersonation, Medicare imposter) is designed around older-adult vulnerabilities, and the affordability gap for paid protection tools leaves the targeted demographic with less access to commercial defenses. Per-incident losses for adults 50+ run 2-7x higher than younger cohorts across most scam categories.
Credit cards offer the strongest recovery rates due to Fair Credit Billing Act protections, which cap liability at $50 for unauthorized charges and provide chargeback rights. Recovery rates progressively decline through debit cards (EFTA), wire transfers (limited bank cooperation), P2P apps (minimal protection), and cryptocurrency (effectively no recovery mechanism). Gift cards offer no recovery.
Social media's share of fraud origination grew from 18% in 2020 to 40% in 2025. Three structural factors drove the shift: advertising targeting infrastructure that enables precise victim selection, visual presentation capabilities that defeat traditional fraud detection signals, and algorithmic content discovery that surfaces scam content to actively engaging users rather than passively receiving them (as with email).
The FTC figures represent only reported fraud and substantially undercount actual losses. Federal Reserve population survey data suggests roughly 35 million Americans experienced fraud in 2025 — approximately 13.6% of adults. The discrepancy with FTC's reported figures reflects underreporting driven primarily by embarrassment (43% of non-reporters), perceived futility of reporting (38%), and confusion about reporting channels (29%).
Pig butchering is an organized criminal operation pattern combining romance manipulation with fake cryptocurrency investment schemes. It's tracked separately because median per-victim losses ($85,000) are dramatically higher than traditional romance scams ($4,400) or other investment fraud, and the criminal infrastructure (Southeast Asian compounds with trafficked workers, multi-stage crypto laundering networks) differs materially from individual-fraudster operations.
2025 was the first year showing measurable AI impact on fraud effectiveness. Specific patterns include: erosion of traditional grammatical and stylistic detection signals in phishing, accessible voice cloning enabling more convincing family emergency scams, AI-generated profile photos defeating reverse-image-search detection in romance scams, and personalized phishing content at scale that defeats generic-email detection heuristics.
Crypto-method fraud grew 41% year-over-year — faster than any other payment category. Two converging factors: mainstream cryptocurrency adoption expanded the population of potential victims with accessible crypto accounts, and fraudsters explicitly migrated toward crypto as the preferred payment method due to its irreversibility characteristics. As consumer protection strengthened around credit cards and traditional banking, fraud routed through infrastructure with no equivalent protections.
Florida, Georgia, Nevada, Delaware, and Maryland reported the highest per-capita fraud complaint rates in 2025. State-level variations reflect demographic composition (retiree concentration affects per-capita rates), targeted scam patterns, and reporting infrastructure differences. Per-capita complaints don't necessarily correlate with per-capita losses — some states with high complaint volume have lower average losses per incident.
Business email compromise (BEC) involves targeted phishing impersonating executives, vendors, or customers to manipulate business financial transactions. The $25,000 median loss reflects its targeted nature against businesses with transfer capacity. Total BEC losses ($1.4B) are lower than retail-targeted fraud, but per-incident impact is dramatically higher due to the business context — fraudsters targeting wire transfers tied to legitimate business transactions.
Four patterns appear likely based on 2025 data trajectories: continued migration toward irreversible payment infrastructure (crypto and P2P), geographic expansion of pig butchering operations, accelerating AI sophistication outpacing detection systems, and worsening demographic disparities absent intervention in the protection accessibility gap. Social media platform accountability remains the largest open regulatory question shaping the 2026 landscape.