How Imposter Scams Cost US Consumers $3.5 Billion According to the FTC

A woman in her sixties gets a text that looks like it came from her bank's fraud department. Within four hours she has moved her checking account, her savings, and a chunk of her Roth IRA into what she believes is a "secure federal holding account." None of it was ever in danger until the moment she tried to protect it. Stories like hers are why the Federal Trade Commission's newest data landed with such a thud: Americans reported losing $3.5 billion to imposter scams last year, the largest figure the agency has ever recorded for this category, and nearly triple what people reported losing in 2020. Roughly one million consumers filed an imposter scam report, making it the most reported fraud in the country for the fifth consecutive year. The median victim lost $700. Some lost more than a million dollars. If you bank online, answer your phone, or scroll Facebook, this article explains exactly how these scams work, who they target, and what actually stops them.

What the Latest FTC Numbers Actually Say

The FTC publishes fraud data through its Consumer Sentinel Network, which collects reports directly from consumers along with complaints routed through the Better Business Bureau, state attorneys general, and other partners. The most recent release covers calendar year 2025, and the headline is blunt: imposter scams accounted for $3.5 billion in reported losses, up nearly 20% from the $2.95 billion reported the year before.

That growth did not happen in a vacuum. Total fraud losses reported to the agency hit roughly $15.9 billion, about 27% higher than the $12.5 billion recorded in 2024 and the highest total on record. The agency received around three million fraud reports overall, and nearly one in three of them involved someone pretending to be an institution or person they were not.

One Million Reports, One Familiar Pattern

Here's the detail that gets lost in most coverage: about 80% of the people who filed an imposter scam report did not lose any money. They recognized the con, hung up, deleted the text, and told the FTC about it anyway. The $3.5 billion came from the remaining 20%, which means the average loss among actual victims runs far higher than the $700 median suggests. A small group of catastrophic losses, many of them six and seven figures, pulls the total upward year after year.

Patty Hsue, chief of staff for the FTC's Division of Marketing Practices, has pointed out that the scams themselves have grown more sophisticated. The clumsy Nigerian-prince emails of two decades ago have given way to spoofed caller IDs, cloned bank websites, and scripts refined through thousands of repetitions. Some fraud specialists warn that artificial intelligence tools now let criminals produce cleaner messages and more convincing voices than ever, which erodes the old advice of "look for the typos."

Where Imposter Losses Sit Inside $15.9 Billion in Total Fraud

Imposter scams lead in report volume, though investment scams still produce larger dollar losses per incident because they often involve fake crypto trading platforms that swallow entire nest eggs. The two categories increasingly blur together. A con that begins with someone impersonating a bank employee frequently ends with the victim wiring money into a fraudulent investment account, and the FTC counts it based on how it started.

CategoryReported Losses, 2024Reported Losses, 2025
All imposter scams$2.95 billion$3.5 billion
Business impersonators$866 million~$1 billion
Government impersonators$789 million~$920 million
All fraud categories combined$12.5 billion~$15.9 billion

Source: Federal Trade Commission, Consumer Sentinel Network annual data.

Who the Scammers Pretend to Be

The word "imposter" covers a wide cast of characters: a fake Amazon representative calling about a suspicious $1,200 charge, a supposed IRS agent threatening arrest over unpaid taxes, a "grandchild" calling from jail, a Microsoft technician who needs remote access to your laptop, or a love interest on Instagram who needs $2,000 for a plane ticket that never gets booked. What unites them is borrowed credibility. The scammer rents the trust you already have in an institution or a relationship and spends it against you.

Bank Impersonators: The Costliest Disguise in America

Business impersonators took in close to $1 billion last year, and within that group, people posing as bank employees caused the largest losses. It makes cold sense. Your bank is the one institution that can plausibly contact you about your money out of the blue, and real banks do send fraud alerts, which gives criminals perfect cover. A spoofed text reading "Did you authorize a $947.63 purchase at Best Buy in Tampa? Reply NO to dispute" looks nearly identical to the legitimate alerts millions of Chase, Bank of America, and Wells Fargo customers receive every week.

Reply NO, and the phone rings within minutes. The caller ID may even display your bank's real customer service number, since spoofing technology makes that trivial. The person on the line is calm, professional, and armed with just enough of your personal information (often bought from data breach dumps for a few dollars) to sound authentic. From there the script moves fast, and the destination is always the same: get you to move money out of your own account.

Government Impersonators and the Fake Toll Text Wave

Government impersonators pulled in roughly $920 million, up from $789 million the year before, and reports in this category jumped about 40%. A big driver was surprisingly mundane: fake toll road texts. Millions of Americans received messages claiming they owed a small unpaid toll, usually under $20, spoofing real programs like E-ZPass, SunPass, FasTrak, and TxTag. The messages threatened late fees or vehicle registration suspension for anyone who didn't pay immediately through a link.

The genius of the toll scam is its modesty. Nobody remembers every toll gantry they've driven under, the amount feels too small to argue about, and the payment page harvests your card number and personal details for far more damaging use later. The IRS version of the government imposter con still circulates too, along with fake Social Security Administration calls claiming your number has been "suspended" (a thing that does not exist) and phony FTC agents, which is about as brazen as impersonation gets. The agency has publicly warned that scammers impersonate its own employees.

The Hybrid Scam That Drains Entire Retirement Accounts

The FTC has flagged a newer hybrid structure that explains a lot of the six-figure losses. It starts as a business imposter contact, typically a security alert from your bank or a large retailer. Once you engage, you get transferred to a second character, often a fake FBI agent or "federal investigator," who tells you that your accounts are tied to a crime, perhaps money laundering or identity theft, and that your funds must be moved to keep them safe while the investigation proceeds.

Hsue described the danger plainly: victims genuinely believe they're protecting their money, so they move all of it. Checking accounts, savings, Roth IRAs, 401(k) rollovers. The losses stop only when the money runs out. This is why "never move money at the direction of someone who contacted you" has become the single most repeated line in consumer protection circles, and why it belongs on a sticky note next to the phone of everyone you love over 60.

Why Social Media Became the Most Expensive Place to Meet a Stranger

Measured by dollars lost, no contact method came close to social media. Victims reported more than $2.1 billion in losses that began on social platforms, a figure roughly eight times larger than in 2020. About one in three people who lost money to an imposter scam was first contacted through social media. Losses that started on Facebook alone exceeded the combined total from text messages and email, with WhatsApp and Instagram ranking second and third.

Why does social media convert so well for criminals? Three reasons. First, targeting: your public profile tells a scammer your age, hometown, hobbies, and grief (memorial posts are gold for romance scammers). Second, impersonation is nearly frictionless; cloning a profile takes minutes, and fake ads featuring celebrities or brand logos slip past moderation constantly. Third, the platforms blend commerce, community, and messaging, so a pitch that would feel bizarre by phone feels normal in a Facebook group about, say, vintage Ford Broncos or a WhatsApp thread that started with an innocent "sorry, wrong number."

Romance scams, which overlap heavily with the imposter category, kept climbing as well, with reported losses up 22% and a median hit of about $2,020 per victim. The modern version rarely asks for money directly at first. Instead, after weeks of daily conversation, the new "friend" mentions how well their crypto investments are doing and offers to teach you. The teaching platform is fake, the gains on your dashboard are fiction, and the withdrawal button never works.

Contact MethodWhat the Data Shows
Social mediaOver $2.1 billion in losses; roughly 8x the 2020 level; first contact point for about 1 in 3 victims
FacebookLosses exceeded text messages and email combined
WhatsAppSecond-highest social platform for reported losses
InstagramThird-highest social platform for reported losses
Text messagesPrimary channel for fake toll and fake bank alerts

Why Adults Over 60 Lose the Most Money

People of every age get scammed, and by report volume, younger adults actually file plenty of complaints. The money tells a different story. Older adults report dramatically higher dollar losses, partly because they have more to take. A 68-year-old with a paid-off house, a 401(k), and decades of savings is simply a bigger target than a 26-year-old with a checking account and student loans.

There's also a reporting quirk worth knowing: fraud researchers at AARP and elsewhere note that women contact victim support lines more often than men, not necessarily because they're scammed more, but because they're more willing to report it. Shame keeps an enormous amount of fraud invisible, which means the $3.5 billion figure is a floor, not a ceiling. The FTC itself acknowledges its data reflects only what gets reported.

The $100,000 Problem

The sharpest trend in the data involves catastrophic losses. Among victims aged 60 and older, scams involving losses of $100,000 or more accounted for $1.6 billion, roughly 68% of that group's $2.4 billion in total reported losses in the prior year's congressional report. Read that again: two-thirds of the money older Americans lost came from a relatively small number of enormous, life-altering thefts. These are the retirement-account drainings, the reverse-mortgage proceeds wired overseas, the home equity lines opened under a fake investigator's instructions. Recovery from a $500 loss stings. Recovery from a $300,000 loss at age 72 is often mathematically impossible.

Anatomy of the "Move Your Money to Protect It" Script

Because the security-alert con now produces some of the largest individual losses in the country, it's worth walking through beat by beat. Recognizing the structure matters more than memorizing any single detail, since the branding changes constantly.

Beat one, the hook: an alert about a problem you didn't cause. A fraudulent charge, a compromised account, a package you didn't order. It arrives by text, email, phone call, or a pop-up warning on your computer screen.

Beat two, the authority handoff: once you respond, you're escalated to someone with a title. A fraud department supervisor, an FBI agent, a Treasury official. Real case numbers, badge numbers, and callback lines get recited. Some victims receive official-looking PDF letters on doctored government letterhead.

Beat three, isolation: you're told the investigation is confidential. Bank tellers might be "in on it," so if anyone at the branch asks why you're withdrawing $40,000, you should say it's for a home renovation. This single instruction defeats the human safeguards banks have spent years building.

Beat four, the transfer: money moves by wire, cryptocurrency ATM, gift cards, or in the most alarming variant, cash handed to a courier who shows up at your door. Bank transfers and crypto now account for more reported fraud losses than every other payment method combined, precisely because they're fast and hard to claw back.

Beat five, the extension: if the first transfer works, there's always a reason for a second. The case "expanded." A "bond" is required. The script continues until the victim runs out of money or someone intervenes.

What the Imposter SaysWhat It Really Means
"Your account has been compromised. We need to act now."Urgency is manufactured to stop you from thinking or calling your real bank
"Don't tell anyone, this investigation is confidential."Isolation removes the friend, spouse, or teller who would spot the con
"Move your funds to a secure government account."No such account exists; the destination belongs to the criminal
"Pay with gift cards, crypto, or a wire to resolve this."These payment rails are chosen because they're nearly impossible to reverse
"You'll be arrested if you hang up."No US agency threatens arrest by phone or demands immediate payment

Real Household Decisions, Real Trade-Offs

General advice ("be careful") is cheap. The moments that decide whether a family loses money are specific, and they usually involve a trade-off between convenience and verification. Two scenarios show how this plays out in practice.

A Retiree Weighing a "Federal Investigator" Call Against a Locked CD

Consider a 71-year-old widower in Scottsdale with $180,000 spread across a checking account, a money market fund, and a 14-month CD paying 4.3%. A caller identifying himself as a Treasury investigator says the widower's identity was used in a money laundering scheme and his accounts will be frozen within 48 hours unless the funds are moved to a protected account. Breaking the CD early would cost him about $2,300 in penalty interest. The scammer, cleverly, frames that penalty as trivial next to losing everything.

The real decision here isn't financial, it's procedural. The correct trade-off analysis says: a genuine federal freeze cannot be prevented by you wiring money anywhere, so the $2,300 penalty buys nothing even in the scammer's own story. The rational move costs zero dollars: hang up, look up the Treasury's fraud line independently, and call the bank using the number printed on the back of the debit card. Any legitimate issue survives a 24-hour delay. Almost no scam does.

A Two-Income Family Deciding Between Convenience and Verification

Now picture a couple in Columbus, both working, juggling two kids' schedules, who receive a text about a $6.40 unpaid toll from a spoofed E-ZPass number during the morning rush. Option one: tap the link, pay $6.40, move on with the day, total time cost 90 seconds. Option two: ignore the text, and later spend ten minutes logging into the real E-ZPass site to check the balance. The convenience option risks handing a criminal a card number, a billing address, and a phone number that gets flagged as "responsive," which invites follow-up scams. Card fraud from harvested numbers averages far more than $6.40 in hassle, disputed charges, and card replacement time. Ten minutes of verification is the cheaper choice in every realistic scenario, and building that reflex as a household rule (nobody pays anything from a link in an unsolicited text, period) is worth more than any antivirus subscription.

What the FTC Is Doing About It

Enforcement against fraud has historically been a whack-a-mole exercise, but the FTC gained a meaningfully sharper tool in April 2024 when its Government and Business Impersonation Rule took effect. The rule lets the agency go to federal court to seek civil penalties against impersonators and, importantly, to recover money for victims.

The Impersonation Rule and $70 Million in Redress

In the roughly two years since the rule took effect, the FTC has brought a dozen enforcement actions under it and obtained more than $70 million in redress for consumers. Recent cases give a flavor of the targets: American Tax Service, an IRS imposter scheme; MediaAlpha, accused of a government impersonation scheme selling health insurance; Click Profit, a business-imposter money-making scam; Blackstone Legal, a phantom debt operation; and Accelerated Debt Settlement, which posed as government and business entities to sell debt relief to older adults. The agency has also shut down more than a dozen websites that impersonated the FTC itself.

Seventy million dollars against $3.5 billion in annual losses is, obviously, a rounding error. That's not a knock on the enforcers so much as a statement about the math of international fraud. Much of the money flows to organized operations overseas, some of them run out of scam compounds in Southeast Asia staffed by trafficked workers, and no US court order reaches it. Prevention, not prosecution, is where the real leverage lives, which is why the education side of the agency's work matters as much as the courtroom side.

The Never Ever Campaign

This past June, the FTC joined the Department of Justice, the Department of Health and Human Services, and other members of the Elder Justice Coordinating Council to launch the Never Ever campaign, a public-private education push that also includes the American Bankers Association, USTelecom, Google, and Microsoft. The premise is refreshingly simple: instead of teaching people to spot infinite scam variations, teach the short list of things government agencies and legitimate businesses will never, ever do. No agency will demand payment by gift card. No bank will ask you to move money to keep it safe. No official will threaten arrest over the phone. Memorize the nevers, and most imposters unmask themselves in the first minute.

How to Protect Your Money and Your Identity

Digital financial security isn't a product you buy once. It's a small set of habits, and the encouraging news buried in the FTC data is that habits work: remember, 80% of the people who encountered an imposter scam and reported it lost nothing at all. They form the control group proving these cons are beatable.

The Verification Habit That Beats Almost Every Imposter

Every imposter scam, without exception, depends on you staying inside the communication channel the scammer opened. Break the channel and the con collapses. That means one rule does most of the work: never act on an unsolicited contact; instead, reach the organization through a channel you find yourself. The phone number on your card. The app you already have installed. The website you type in manually.

A few supporting habits round out the defense. Turn on two-factor authentication for financial accounts, and prefer an authenticator app over text codes where offered. Freeze your credit with Equifax, Experian, and TransUnion; it's free, takes about 15 minutes total, and blocks most new-account identity theft cold. Set up transaction alerts so you, not a stranger, are the first to know about real suspicious activity. Agree on a family code word so a panicked "grandchild in jail" call can be tested instantly. And slow down on purpose: legitimate institutions tolerate a pause, criminals can't afford one.

Protection StepCostWhat It Blocks
Independent verification (call back on a known number)FreeNearly all phone, text, and email imposters
Credit freeze at all three bureausFreeNew-account identity theft
Two-factor authentication (app-based)FreeAccount takeovers, even with a stolen password
Bank transaction alertsFreeUnnoticed card fraud and account drains
Family code wordFreeGrandparent scams and AI voice-clone calls

What to Do in the First 24 Hours if You Already Paid

Speed matters enormously, because recovery odds fall by the hour. If you paid by credit or debit card, call the issuer immediately and dispute the charge; card networks offer the strongest consumer protections of any payment method. If you sent a wire or bank transfer, contact your bank's fraud department and ask them to request a recall from the receiving bank; it fails more often than it succeeds, but it succeeds most often within the first day. If you paid by gift card, call the card issuer (Apple, Google, Target, whoever) with the card numbers and receipts; occasionally funds are still frozen on the card. Crypto payments are the hardest to recover, but report them anyway. Then, regardless of payment method, report the scam at ReportFraud.ftc.gov, and if your Social Security number or other identifying data was exposed, work through the recovery plan at IdentityTheft.gov and place a credit freeze the same day.

One more thing, and it's the part nobody says enough: if you gave money to an imposter, you were not stupid. You were targeted by a professional running a script refined against thousands of people before you. Shame is the scammer's last line of defense, because ashamed victims don't report, don't warn others, and sometimes don't even tell their spouse before the second payment. Skip the shame. File the report.

Why Reporting a Scam Actually Matters

The FTC does not resolve individual complaints, which leads some people to conclude reporting is pointless. It isn't. Sentinel reports are the raw material for enforcement investigations, and they're shared with federal, state, and local law enforcement nationwide. The fake toll text wave got flagged and publicized quickly precisely because tens of thousands of people took two minutes to report a text they didn't even fall for. Every report sharpens the picture, and since researchers estimate the large majority of fraud never gets reported at all, each filing carries outsized statistical weight. If a scam reached you, report it at ReportFraud.ftc.gov whether you lost a dollar or not.

My Take on the $3.5 Billion Question

Reading through this year's numbers, what strikes me most isn't the size of the total but the shape of it. The same handful of scripts, the security alert, the fake toll, the online sweetheart, keep producing record losses even though every one of them collapses against a single free habit: hang up and call back on a number you found yourself. That gap between how simple the defense is and how much money keeps disappearing tells me the real problem isn't information, it's the moment of fear. Everyone thinks clearly about scams at the dinner table; almost nobody thinks clearly with a fake federal agent on the line saying the word "arrest."

So my honest suggestion is to prepare for the moment, not the facts. Decide now, while you're calm, what your rule is: I do not move money, buy gift cards, or share codes based on any inbound call, text, or message, ever, no exceptions. Write it down. Say it to the people you love, especially the ones over 60 with real savings on the line. A rule made in advance doesn't have to outsmart a professional manipulator in real time. It just has to already exist.

Legal Disclaimers

This article is provided for general informational and educational purposes only and does not constitute financial, legal, or investment advice. The statistics cited are drawn from publicly released Federal Trade Commission data and reputable news reporting and reflect reported losses, which may understate actual fraud totals. Fraud tactics change frequently, and no prevention strategy can guarantee complete protection. Readers should consult a qualified financial advisor, attorney, or their financial institution regarding their specific circumstances. If you believe you are the victim of fraud or identity theft, contact your financial institution immediately and report the incident to the FTC at ReportFraud.ftc.gov or, for identity theft, at IdentityTheft.gov. Mention of any company, agency, or brand name is for identification purposes only and does not imply endorsement or affiliation.

Yorumlar