Gitnux/Report 2026

Internet Fraud Statistics

Nearly 70% of phishing URLs are caught by automated Safe Browsing systems before users ever report them, even as scams keep evolving. See how 62% of reported phishing emails were hosted on compromised domains and how fast response still matters, with the time to identify breaches at 207 days and time to contain at 58 days, alongside fraud loss benchmarks like $1.6 billion in attempted payment card losses.
24Statistics
24Sources
12Sections
1Visuals
7mRead
20 days agoUpdated
Internet Fraud Statistics
Verified via a 4-step process
01Source

Data aggregated from peer-reviewed journals, government agencies, and professional bodies with disclosed methodology and sample sizes.

02Verify

Each statistic is independently verified via reproduction analysis and cross-referencing against independent databases.

03Grade

Figures are graded by cross-model consensus. Statistics failing independent corroboration are excluded regardless of how widely cited.

04Cite

Every figure carries a primary source. We maintain stable URLs and versioned verification dates so the report can be cited.

Read our full methodology →

Statistics that fail independent corroboration are excluded.

Next review Dec 2026
Phishing URLs are caught by automated systems 70% of the time before any user reports them. Meanwhile, breaches take an average of 207 days to identify and another 58 days to contain. Reported fraud complaints and financial losses continue to rise, driven by systematic credential theft and account takeover.

Key Takeaways

  • 5.7 million identity-related crimes occurred in the US in 2022 (a rate of 1,664 per 100,000 people), as measured by reported victimization.
  • 49.0% of fraud victims in the UK reported losing money in 2023, according to Action Fraud’s reporting.
  • In IC3’s 2023 report, 880,418 complaints were filed, representing a 5% increase from 2022 levels.
  • In Netscout’s 2024 DDoS attack report, DDoS incidents targeting financial services increased by 12% year over year.
  • In UK’s NCSC 2024 annual report, 35% of organizations reported experiencing phishing as the most common initial access vector.
  • The average time to identify a breach in 2023 was 207 days and the average time to contain was 58 days (IBM).
  • In the 2024 Verizon DBIR, 35% of breaches used stolen credentials (a key prevention target).
  • In Google’s Safe Browsing transparency data, 70% of phishing URLs are detected by automated systems before users report them (Safe Browsing overview).
  • The US Secret Service reported that in 2023, payment card fraud cases under investigation involved $1.6 billion in attempted losses (as stated in annual reporting).
  • In a 2024 Google Transparency Report, 62% of reported phishing emails were hosted on compromised domains.
  • 41% of organizations reported that they do not fully automate fraud detection, indicating that human review still plays a large role in internet-fraud prevention
  • The global credential stuffing detection/prevention market is projected to grow at a CAGR of 31.5% from 2024 to 2030 due to ongoing account takeover fraud
  • The global fraud management software market reached $5.5 billion in 2023 (with growth driven by digital-first fraud), indicating increasing investment in fraud prevention
  • The identity verification market was valued at $4.2 billion in 2023 and is projected to reach $14.5 billion by 2030, reflecting demand driven by digital fraud and account takeover
  • The global anti-fraud technology market is expected to reach $49.4 billion by 2030, indicating expanding budgets to address internet-enabled fraud losses

In 2023 and 2024, phishing and stolen credentials drove rising internet fraud while faster detection and MFA protection remained crucial.

01 · Category

Victim Impact2 stats

01
5.7 million identity-related crimes occurred in the US in 2022 (a rate of 1,664 per 100,000 people), as measured by reported victimization.
02
49.0% of fraud victims in the UK reported losing money in 2023, according to Action Fraud’s reporting.
Interpretation

Victim Impact Interpretation

From a victim impact perspective, identity-related crimes reached 5.7 million in the US in 2022 and in the UK 49.0% of fraud victims reported losing money in 2023, showing that these scams regularly translate into real financial harm for victims.

03 · Category

Detection And Prevention5 stats

01
The average time to identify a breach in 2023 was 207 days and the average time to contain was 58 days (IBM).
02
In the 2024 Verizon DBIR, 35% of breaches used stolen credentials (a key prevention target).
03
In Google’s Safe Browsing transparency data, 70% of phishing URLs are detected by automated systems before users report them (Safe Browsing overview).
04
A 2023 NIST report highlighted that phishing-resistant MFA can block 100% of phishing-based credential theft attempts (capability statement).
05
In the 2024 ACFE Report to the Nations, the median fraud loss was $140,000and median duration was 14 months (report figures).
Interpretation

Detection And Prevention Interpretation

For Detection And Prevention, the data suggests that faster automated detection and stronger credential defenses are making a measurable difference, with 70% of phishing URLs caught before users report them and phishing-resistant MFA blocking 100% of phishing-based credential theft attempts.

04 · Category

Economic Cost1 stats

01
The US Secret Service reported that in 2023, payment card fraud cases under investigation involved $1.6 billion in attempted losses (as stated in annual reporting).
Interpretation

Economic Cost Interpretation

In the Economic Cost category, the US Secret Service reported that in 2023 payment card fraud under investigation tied to $1.6 billion in attempted losses, underscoring how costly internet fraud can be even before money is successfully stolen.

05 · Category

Tactics And Vectors1 stats

01
In a 2024 Google Transparency Report, 62% of reported phishing emails were hosted on compromised domains.
Interpretation

Tactics And Vectors Interpretation

In the tactics and vectors lens, the 2024 Google Transparency Report shows that 62% of reported phishing emails were hosted on compromised domains, underscoring how attackers often rely on already infected infrastructure rather than only sending from brand new sources.

07 · Category

Market Size3 stats

01
The global fraud management software market reached $5.5 billion in 2023 (with growth driven by digital-first fraud), indicating increasing investment in fraud prevention
02
The identity verification market was valued at $4.2 billion in 2023 and is projected to reach $14.5 billion by 2030, reflecting demand driven by digital fraud and account takeover
03
The global anti-fraud technology market is expected to reach $49.4 billion by 2030, indicating expanding budgets to address internet-enabled fraud losses
Interpretation

Market Size Interpretation

From a market size perspective, spending power is clearly accelerating, with the global fraud management software market hitting $5.5 billion in 2023 and the anti-fraud technology market projected to reach $49.4 billion by 2030 as identity verification grows from $4.2 billion to an estimated $14.5 billion by 2030.

08 · Category

Threat Techniques2 stats

01
In a 2024 Microsoft study, 69% of breaches involved identities, including those compromised via password attacks and phishing-based credential theft that enable internet fraud
02
A 2023 peer-reviewed study in 'Computers & Security' found that phishing emails often use real-world branding and contextual lures to increase click-through rates, showing attacker effectiveness patterns
Interpretation

Threat Techniques Interpretation

From a threat techniques perspective, the 2024 Microsoft study shows 69% of breaches involved stolen identities such as password and phishing credential attacks, underscoring that phishing techniques often succeed by using real-world branding and contextual lures as highlighted by the 2023 Computers & Security research.

09 · Category

User Adoption1 stats

01
56% of organizations said they have deployed automated identity verification to reduce onboarding fraud, supporting prevention against account creation scams
Interpretation

User Adoption Interpretation

In the User Adoption category, 56% of organizations have adopted automated identity verification to curb onboarding fraud, showing that stronger identity checks are becoming a mainstream part of getting new users safely onboarded.

10 · Category

Performance Metrics1 stats

01
The mean response time for online fraud investigations was 23 days in a 2024 industry survey, affecting how quickly cases can be contained
Interpretation

Performance Metrics Interpretation

In performance metrics for internet fraud, the 2024 mean response time of 23 days highlights a key operational drag on how quickly investigators can contain online cases.

11 · Category

Cost Analysis1 stats

01
The median chargeback rate among e-commerce merchants was 0.75% in 2024 (as reported by industry benchmarks), reflecting fraud-driven payment disputes
Interpretation

Cost Analysis Interpretation

In 2024, the median e-commerce chargeback rate of 0.75% shows that internet fraud can translate into measurable direct costs for merchants through recurring payment disputes.

12 · Category

Risk Prevalence2 stats

01
0.9% of card-not-present transactions were involved in fraud cases in 2024 industry reporting, highlighting the role of online channels in payment fraud
02
ENISA’s threat landscape for 2024 lists phishing as a top threat in terms of reported incidents, confirming persistent internet-fraud exposure
Interpretation

Risk Prevalence Interpretation

In 2024, risk prevalence in internet fraud was reflected by 0.9% of card-not-present transactions involving fraud, while phishing remained the most reported threat in ENISA’s threat landscape, reinforcing how online channels consistently drive exposure.
report visual · Comparison

Internet Fraud: How Widespread It Is (and What Helps)

High shares of incidents and breaches involve identity and phishing, while detection and prevention increasingly rely on automation and phishing-resistant controls.

A 2023 NIST report highlighted that phishing-resistant MFA can block 100% of phishing-based credential theft attempts (c100%
In Google’s Safe Browsing transparency data, 70% of phishing URLs are detected by automated systems before users report
70%
In a 2024 Microsoft study, 69% of breaches involved identities, including those compromised via password attacks and phi
69%
In a 2024 Google Transparency Report, 62% of reported phishing emails were hosted on compromised domains.
62%
source-verifiedmicrosoft.com · transparencyreport.google.com · pages.nist.gov2024
Reference

Cite This Report

This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.

APA
Christopher Morgan. (2026, February 13). Internet Fraud Statistics. Gitnux. https://gitnux.org/internet-fraud-statistics
MLA
Christopher Morgan. "Internet Fraud Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/internet-fraud-statistics.
Chicago
Christopher Morgan. 2026. "Internet Fraud Statistics." Gitnux. https://gitnux.org/internet-fraud-statistics.