Key Takeaways
- In 2023, IC3 classified 33% of social engineering scams as 'imposter scams' in their fraud typology (IC3)
- In 2024, Verizon’s Data Breach Investigations Report (DBIR) found social engineering involved in 17% of breaches (scam-related attack chain)
- Verizon DBIR 2024 reported that phishing accounted for 36% of initial access incidents (scam delivery mechanism)
- In a 2022 study, victims reported an average of 2.5 attempts to contact by scammers before they paid (U.S. survey)
- The Center for Strategic and International Studies (CSIS) estimated global cybercrime costs at $8 trillion in 2019 and projected $10.5 trillion by 2025
- A 2022 peer-reviewed paper estimates that online fraud harms consumer welfare significantly; the authors quantify average economic losses per victim at hundreds of dollars (cross-study)
- IBM’s Cost of a Data Breach report (2024) found breaches averaged 277 days to identify and contain
- Mandiant’s 2024 report on social engineering showed that credential theft led to compromise in 24% of observed intrusions (includes scam-related access)
- A 2022 peer-reviewed study found that using machine-learning-based spam filtering reduced successful phishing emails by 90% in controlled experiments
- In the U.K., 2.4 million fraud victims were recorded in 2023, reflecting a large share of reported scam-related harm.
- In 2023, 45% of organizations reported experiencing phishing attempts targeting employees, according to a Microsoft Work Trend Index report.
- In Cloudflare’s 2024 security report, automated attacks comprised 98% of Internet traffic observed on protected endpoints.
- Google’s 2024 Transparency Report states that passkey adoption increased the share of sign-ins protected by phishing-resistant methods (passkeys) across supported accounts.
- In a 2019 peer-reviewed study, security training combined with simulated phishing reduced click rates by 37% compared with control groups.
- In a 2021 NBER working paper, simulated phishing and feedback interventions were associated with measurable reductions in reporting and risky behaviors over time.
From rising social engineering costs to stronger defenses, phishing and fraud remain widespread but protections can meaningfully cut harm.
Related reading
01 · Category
Tactics & Trends3 stats
Tactics & Trends Interpretation
02 · Category
Victim Impact1 stats
Victim Impact Interpretation
03 · Category
Cost Analysis2 stats
Cost Analysis Interpretation
04 · Category
Mitigation & Defenses3 stats
Mitigation & Defenses Interpretation
More related reading
05 · Category
Consumer Impact1 stats
Consumer Impact Interpretation
06 · Category
Attack Patterns2 stats
Attack Patterns Interpretation
07 · Category
Mitigation Effectiveness4 stats
Mitigation Effectiveness Interpretation
08 · Category
Regulation & Reporting5 stats
Regulation & Reporting Interpretation
What scam methods look like in the data
Across major reports, phishing and social-engineering tactics appear frequently in common breach and intrusion pathways.
Cite This Report
This report is designed to be cited. We maintain stable URLs and versioned verification dates. Copy the format appropriate for your publication below.
James Okoro. (2026, February 13). Scam Statistics. Gitnux. https://gitnux.org/scam-statistics
James Okoro. "Scam Statistics." Gitnux, 13 Feb 2026, https://gitnux.org/scam-statistics.
James Okoro. 2026. "Scam Statistics." Gitnux. https://gitnux.org/scam-statistics.
Sources & references
21 datasets cited across this report · attribution is report-level
+3 additional datasets cited (not shown individually)

