FTC: imposter scams hit $3.5B record in 2025
Key Takeaways
- Imposter scams cost Americans $3.5 billion in 2025, with losses nearly tripling since 2020
- Social media platforms, led by Facebook, drove $2.1 billion in fraud losses, an eightfold increase since 2020
- Total reported fraud losses across all categories reached $16 billion in 2025, up 25% from the prior year
Americans lost $3.5 billion to imposter scams in 2025, the Federal Trade Commission warned this week. That figure has nearly tripled since 2020, and it now represents the single costliest fraud category the agency tracks.
Imposter scams accounted for nearly one in three fraud reports filed with the FTC last year. The pattern is consistent: fraudsters pose as bank officials, government agents, or family members, then pressure victims into transferring money under the guise of "protecting" their accounts or responding to an emergency.
Where the money is going
The FTC's breakdown shows two dominant imposter categories. Business impersonators, particularly those posing as bank security teams, extracted nearly $1 billion from victims. Government impersonators, including fake IRS and Social Security agents, took approximately $920 million.
The costliest scheme typically starts with a fake security alert. Victims receive a text or call claiming suspicious activity on their account. The scammer then walks them through "protective" steps that actually transfer funds to the fraudster.
"The FTC will use every tool available to combat one of the most pernicious forms of fraud, government and business impersonation, and to protect the integrity of the digital economy," said Christopher Mufarrige, director of the FTC's Bureau of Consumer Protection.
Why social media is the most effective attack vector
Social media has become the primary channel for imposter fraud. More than $2.1 billion in 2025 losses traced back to social platforms, an eightfold increase from 2020. Nearly one in three victims who lost money reported being first contacted through social media.
Facebook alone accounted for more fraud losses than text messages and email combined. WhatsApp ranked second, Instagram third. The FTC did not break out figures for TikTok or X, but the concentration in Meta-owned platforms is striking.
The dynamic is straightforward. Social platforms offer reach, targeting, and the appearance of legitimacy. A scammer can create a profile that looks like a real bank, run ads to a specific demographic, and engage victims in private messages where there is no oversight.
AI is making impersonation indistinguishable
Generative AI has changed the economics of imposter scams. Voice cloning allows fraudsters to mimic family members with just a few seconds of sample audio. Automated chatbots can run social engineering scripts at scale.
“Imposter scams are a form of psychological warfare. They don't rely just on technical flaws, but on human vulnerability, often using AI to make the deception indistinguishable from reality.”
— Independent Cybersecurity Analyst
The so-called "Grandparent Scam" has surged with AI voice cloning. A caller claims to be a grandchild in distress, their voice eerily accurate. The urgency and emotional manipulation bypass the skepticism that might stop a text-based scam.
What the FTC has done about it
Since the FTC's Impersonation Rule took effect in April 2024, the agency has brought a dozen enforcement actions. Those cases have secured more than $70 million in consumer redress and shut down several imposter schemes.
Recent targets include MediaAlpha for a government imposter scheme, American Tax Service for an IRS imposter operation, and Blackstone Legal for a phantom debt scam. In April 2026, the FTC filed a complaint against Innovative Partners, alleging the company impersonated government agencies and insurance carriers to sell fraudulent health plans.
Still, $70 million in redress against $3.5 billion in losses suggests enforcement is not keeping pace. The FBI's 2025 Internet Crime Report showed Americans lost nearly $21 billion to cyber-enabled crimes overall, with imposter scams representing a significant portion.
The broader fraud picture
Total reported fraud losses across all categories reached $16 billion in 2025, the highest on record and roughly 25% above the prior year. Imposter scams are the largest single category, but investment fraud, romance scams, and phishing continue to grow.
The FTC's "Never Ever" campaign aims to raise awareness, but online communities remain skeptical. Discussions on Reddit's r/Scams and r/technology forums point to ad-supported business models that inadvertently monetize scam accounts. Until platforms face legal accountability for the content they host, critics argue, awareness campaigns will not reverse the trend.
Logicity's Take
The $3.5 billion figure understates the problem. FTC numbers only capture reported losses. Most victims never file a complaint, either out of embarrassment or because they do not realize they were scammed until much later. The real exposure is likely multiples higher. The concentration of losses on Meta platforms raises a policy question that the FTC has not yet answered directly: should platforms bear civil liability for fraud that originates on their networks? Europe's Digital Services Act moves in that direction. The US has not.
Frequently Asked Questions
How do imposter scams typically work?
Fraudsters pose as trusted figures like bank officials, government agents, or family members. They contact victims through phone, text, email, or social media, then create urgency to pressure victims into transferring money or sharing sensitive information.
Why are imposter scam losses increasing so rapidly?
Social media provides scale and targeting capabilities. Generative AI enables voice cloning and automated social engineering. Together, these tools let scammers reach more victims with more convincing deceptions at lower cost.
Which platforms are most associated with imposter scams?
Facebook accounts for more fraud losses than text and email combined, according to the FTC. WhatsApp and Instagram rank second and third among social platforms.
What is the FTC doing to combat imposter scams?
The FTC's Impersonation Rule, effective since April 2024, has enabled a dozen enforcement actions securing over $70 million in consumer redress. The agency also runs awareness campaigns like "Never Ever" to educate consumers.
How can I protect myself from imposter scams?
Never transfer money based on an unsolicited call or message. Verify requests by contacting the organization directly using a known number. Be skeptical of urgency, as scammers use time pressure to prevent rational evaluation.
Another example of how digital trust systems are being exploited by attackers
Need Help Implementing This?
Logicity tracks cybersecurity trends and regulatory developments that affect technology leaders. Subscribe to our newsletter for weekly analysis on threats, compliance, and best practices for protecting your organization and customers.
Source: BleepingComputer
Huma Shazia
Senior AI & Tech Writer
Related Articles
Browse all
Kraken Crypto Exchange Extortion: Hackers Threaten to Leak Internal Videos After Insider Breach
Cryptocurrency exchange Kraken is being extorted by hackers who obtained videos of internal systems through bribed support employees. The company says no funds were compromised and refuses to pay, with only about 2,000 accounts affected. Kraken is working with federal law enforcement to prosecute everyone involved.
Windows 11 KB5083769 and KB5082052: April 2026 Patch Tuesday Brings Smart App Control Changes and Security Fixes
Microsoft's April 2026 Patch Tuesday updates are now live for Windows 11, bringing critical security patches alongside a welcome change to Smart App Control. You can finally toggle SAC on or off without wiping your entire system. The updates cover versions 23H2, 24H2, and 25H2.
Zero Trust Identity Security: 5 Ways This Framework Actually Stops Credential Theft
Stolen credentials caused 22% of breaches in 2025, making them the top attack vector. Zero Trust promises to fix this, but only when it's built around identity as the core principle. Here's how organizations can implement it properly.
Open Source PR Backlogs: Why Your GitHub Contribution Sits Unreviewed for a Year
A developer's Jellyfin pull request has been waiting over a year for merge despite two approvals, exposing a systemic crisis in open source maintenance. Queuing theory explains why backlogs grow exponentially, and 60% of maintainers have quit or considered quitting due to burnout.
