⚠ Data Disclaimer: Statistics are sourced from public government reports, peer-reviewed research, and reputable industry studies. Dollar figures reflect reported losses; actual losses are estimated to be significantly higher due to widespread under-reporting. All statistics have specific temporal and geographical contexts — refer to primary sources for full methodology.
Online fraud has grown into one of the most significant financial crime categories globally. In 2024, the FBI's Internet Crime Complaint Center (IC3) recorded its highest-ever total annual loss of $16.6 billion — a figure that represents only reported incidents. Industry research consistently estimates that fewer than 15% of fraud victims report their experience to authorities, suggesting the true global cost is measured in the hundreds of billions annually.

§1 — Key Fraud Statistics (2024)

The following headline figures are drawn from the FBI IC3 2024 Internet Crime Report, the FTC Consumer Sentinel Network, and affiliated law enforcement data published in early 2025.

$16.6B
Total IC3 reported fraud losses in 2024 — highest in IC3 history
Source: FBI IC3 2024 Report
298K+
Phishing, smishing & vishing complaints filed with IC3 in 2024
Source: FBI IC3 2024 Report
$5.6B
Cryptocurrency fraud losses in 2024 — largest single category
Source: FBI IC3 2024 Report
$3.4B
Losses reported by fraud victims aged 60 and over in 2024
Source: FBI IC3 Elder Fraud Report 2024
$2.9B
Business Email Compromise (BEC) adjusted losses in 2024
Source: FBI IC3 2024 Report
880K
Total cybercrime complaints received by IC3 in 2024
Source: FBI IC3 2024 Report

Data reflects calendar year 2024 as reported to the FBI's Internet Crime Complaint Center (IC3). Losses represent adjusted amounts where available; actual losses may differ.

§2 — Top Fraud Categories by Reported Loss (IC3 2024)

Investment fraud — dominated by pig-butchering cryptocurrency schemes — reclaimed the top position for total dollar loss in 2024, displacing BEC for the first time since 2016. The following table presents the primary fraud categories ranked by adjusted reported losses.

Rank Fraud Category Adjusted Loss (2024) Complaints Trend
1 Investment Fraud (incl. crypto) $6.57B 69,823 ↑ +28%
2 Business Email Compromise $2.90B 21,442 ↑ +9%
3 Tech Support Fraud $1.01B 37,560 → stable
4 Personal Data Breach $494M 55,851 ↑ +14%
5 Romance Scam $700M 17,823 ↑ +11%
6 Government Impersonation $394M 14,190 → stable
7 Non-Payment / Non-Delivery $309M 69,368 ↓ -3%
8 Extortion $137M 48,223 ↑ +22%

Source: FBI IC3 2024 Internet Crime Report. Adjusted losses account for IC3 Recovery Asset Team (RAT) successful fund freezes where applicable. Trend compared to 2023 figures.

§3 — Scam Prevalence by Type (% of Reported Incidents)

The following chart shows the distribution of reported scam incidents by primary type based on aggregated data from the FBI IC3, FTC Consumer Sentinel, and Global Anti-Scam Alliance (GASA) 2024 annual reports. Note that high-prevalence types (phishing) may differ from high-loss types (investment fraud) because individual incidents vary dramatically in value.

Sources: FBI IC3 2024 Internet Crime Report; FTC Consumer Sentinel Network Data Book 2024; GASA Global State of Scams 2024. Percentages represent share of total incidents reported, not dollar losses.

§4 — Phishing Detection Accuracy by Tool Type

No scam detection technology achieves perfect accuracy. The table below summarizes typical detection rates across different categories of phishing and fraud detection tools, based on published evaluations and industry benchmarks. Detection accuracy varies significantly based on threat age, domain reputation, and model freshness.

Tool Category Known Threats (Blocklisted) Zero-Day Phishing False Positive Rate Notes
Browser safe-browsing APIs
Google Safe Browsing, Microsoft SmartScreen
95–98% 60–75% <0.01% Block delay of 1–24 hrs for new domains
Email security gateways
Proofpoint, Mimecast, Microsoft Defender
97–99% 70–85% 0.05–0.2% AiTM proxy attacks bypass most filters
URL analysis tools
VirusTotal, URLhaus, URLScan
90–95% 30–55% <0.05% Dependent on multi-engine consensus
AI/ML-based detectors
BERT-based classifiers, heuristic engines
93–97% 80–92% 0.5–2% Best zero-day performance; needs retraining
DMARC enforcement
Email authentication protocol
~99% N/A <0.5% Prevents spoofed-domain email only; not content
Human detection (untrained) 45–65% 25–40% High (over-reporting) Training improves rates significantly

Sources: Proofpoint State of the Phish 2024; Google Safe Browsing Transparency Report; Verizon DBIR 2024; published academic evaluations (Oest et al. 2020; Lin et al. 2021). Detection rates are approximate ranges from published benchmarks.

§5 — Timeline of Major Online Fraud Milestones

Understanding how online fraud has evolved over three decades provides context for current threats and helps anticipate emerging vectors. The following timeline highlights pivotal moments in fraud history.

1994
Nigerian 419 Scams Migrate to Email
Advance-fee fraud (already decades old via postal mail and fax) reaches mass scale as commercial internet access expands. The low cost of sending millions of emails makes mass fraud economically viable for criminal organizations for the first time, establishing the template for subsequent mass-scale scam campaigns.
2003
CAN-SPAM Act Enacted (USA)
The US Controlling the Assault of Non-Solicited Pornography And Marketing Act sets requirements for commercial email, establishes the right to opt out, and gives the FTC enforcement authority. Despite limited practical impact on international criminal operations, it establishes the legal framework for spam and phishing email prosecution in the United States.
2007
IRS Phone Scam Surge
A dramatic increase in government impersonation phone scams — particularly fraudsters claiming to be IRS agents threatening immediate arrest — signals the maturation of vishing as a major fraud vector. Caller ID spoofing technology becomes widely accessible, allowing fraudsters to display legitimate government phone numbers to victims.
2013
Bitcoin Enables Anonymous Fraud Payment
The mainstream emergence of Bitcoin creates an irreversible, pseudonymous payment method that becomes the preferred collection mechanism for ransomware, extortion, and investment fraud. The first large-scale ransomware campaign, CryptoLocker, demands Bitcoin payment and infects an estimated 250,000 machines globally within months.
2016
BEC Crosses the First Billion-Dollar Year
Business Email Compromise losses exceed $1 billion in a single year for the first time, according to FBI IC3 data. High-profile cases including the $81 million Bangladesh Bank heist via SWIFT network compromise demonstrate the capability of organized cybercrime to orchestrate sophisticated multi-stage fraud against major financial institutions.
2019
Pig Butchering Scams Emerge from Southeast Asia
Pig-butchering (shā zhĆ« pĂĄn) investment romance scams originate in organized criminal compounds in Southeast Asia, initially targeting Chinese-language victims before rapidly expanding globally. The model of sustained relationship-building followed by fake investment platform fraud proves extraordinarily effective, eventually generating billions annually by 2022–2024.
2022
AI Voice Cloning Scams Go Mainstream
Consumer-grade AI voice synthesis tools capable of cloning a person's voice from as little as 3 seconds of audio become widely available. Fraudsters immediately begin deploying cloned voices for grandparent scams, executive impersonation, and ransom calls. The FBI issues a PSA warning about AI-enabled voice fraud as case reports surge by over 200% within 18 months.
2024
Deepfake Video Fraud Reaches Enterprise Scale
A Hong Kong finance worker is tricked into transferring $25 million after a deepfake video conference call in which all "colleagues" on the call were AI-generated. The incident — one of several high-value deepfake fraud cases in 2024 — signals that video verification can no longer be treated as sufficient proof of identity for high-value financial authorizations.
2026
Agentic AI Scam Automation Emerges
Agentic AI systems capable of autonomously browsing the web, maintaining extended conversations, and executing multi-step social engineering campaigns are identified in active fraud deployments. These systems dramatically reduce the human labour required to run pig-butchering and romance scam operations at scale, raising concerns about future fraud volume and sophistication.

§6 — Fraud Victimization by Age Group (USA, 2024)

Age is one of the strongest predictors of both fraud exposure and financial loss. Younger demographics report being targeted more frequently, while older demographics suffer significantly higher financial losses per incident — primarily due to greater accumulated wealth and specific vulnerabilities to certain fraud types (tech support, investment fraud, romance scams).

Age Group % of IC3 Complaints Total Losses Median Loss / Victim Most Common Fraud Types
Under 20 3% $40.8M $428 Non-delivery, employment, gaming scams
20–29 14% $399M $1,015 Romance, job scams, non-payment
30–39 20% $1.25B $2,263 Investment, BEC, identity theft
40–49 20% $1.77B $3,180 Investment, BEC, real estate fraud
50–59 18% $2.33B $4,645 Investment, tech support, confidence fraud
60–69 14% $1.60B $7,272 Tech support, investment, romance, govt impersonation
70+ 11% $1.80B $9,771 Tech support, government impersonation, romance

Source: FBI IC3 2024 Internet Crime Report, Elder Fraud Report 2024. Percentages may not sum to 100% due to unreported/unknown age cases. Median loss figures represent per-victim amounts for those who reported a loss.

§7 — Regulatory & Reporting Landscape

Multiple agencies across jurisdictions share responsibility for investigating, regulating, and prosecuting online fraud. Understanding where to report fraud increases the likelihood of investigation and recovery, and contributes to aggregate intelligence used to identify criminal networks.

Organization Jurisdiction Primary Role Reporting URL
FTC (Federal Trade Commission) USA Consumer fraud enforcement, data aggregation reportfraud.ftc.gov
FBI IC3 USA Cybercrime investigation, asset recovery (RAT) ic3.gov
CISA USA Critical infrastructure cybersecurity, advisories cisa.gov/report
APWG International Phishing database, threat intelligence sharing apwg.org/reportphishing
INTERPOL International Cross-border investigation coordination Via national law enforcement agencies
Global Anti-Scam Alliance (GASA) International Research, public education, scam reporting scamadviser.com
Canadian Anti-Fraud Centre (CAFC) Canada Fraud reporting, victim assistance antifraudcentre-centreantifraude.ca
Action Fraud (NFIB) United Kingdom UK fraud & cybercrime reporting centre actionfraud.police.uk

Reporting to multiple relevant agencies is recommended; data is shared between partnering organizations to build comprehensive intelligence on active fraud campaigns.

§8 — Research Sources & Citations

The statistics and data presented on this page are drawn from the following primary and secondary sources. Where possible, direct URLs to source documents are provided for verification.

  1. FBI Internet Crime Complaint Center (IC3) — 2024 Internet Crime Report. Federal Bureau of Investigation. Published 2025. The primary US government source for annual cybercrime statistics, covering complaint volume, financial losses, and fraud category breakdowns. ic3.gov
  2. FTC Consumer Sentinel Network Data Book 2024. Federal Trade Commission. Published 2025. Annual compilation of fraud, identity theft, and other consumer protection complaints submitted to the FTC and partnering agencies, including demographic breakdowns and loss statistics. ftc.gov
  3. Anti-Phishing Working Group (APWG) — Phishing Activity Trends Report, Q3 2024. APWG. Published 2024. Quarterly reports tracking phishing site volume, unique domain counts, and targeted sector statistics globally, representing data contributed by member security companies and ISPs. apwg.org
  4. Verizon — 2024 Data Breach Investigations Report (DBIR). Verizon Business. Published 2024. Annual analysis of over 30,000 security incidents, providing data on attack vectors, human element involvement, and industry-specific breach patterns drawn from contributions by 90+ partner organizations worldwide. verizon.com/business
  5. Javelin Strategy & Research — 2024 Identity Fraud Study. Javelin Strategy & Research. Published 2024. Annual consumer survey-based study measuring the prevalence, impact, and cost of identity fraud in the United States, including account takeover and new-account fraud metrics.
  6. Global Anti-Scam Alliance (GASA) — Global State of Scams 2024. GASA & Scam Adviser. Published 2024. International survey of 49,000 consumers across 43 countries, measuring scam exposure, reporting rates, financial losses, and trust in institutions across demographics and regions. gasa.org
  7. Proofpoint — State of the Phish 2024. Proofpoint Inc. Published 2024. Annual enterprise security study combining survey data from 7,500 end users and 1,050 IT professionals across 15 countries with analysis of 230 million simulated phishing messages and 35 million real phishing emails processed. proofpoint.com
  8. Chainalysis — 2024 Crypto Crime Report. Chainalysis Inc. Published 2024. Blockchain analytics company's annual report on cryptocurrency-based crime, including investment fraud, rug pulls, ransomware, and darknet market activity, drawing on on-chain data analysis. chainalysis.com