BioCatch Global Scams Report 2025

Keypoints

• Typical structure: an executive summary and “About this report” that sets scope, definitions (APP/scams), data sources and timeframe, and explains methodology and limitations.
• Typical structure: a “Scams by the numbers” section presenting headline metrics, year-over-year changes, and breakdowns by scam type and volume to quantify scale and momentum.
• Typical structure: a “Regional focus” section that drills into trends, top scam types, and regional peculiarities (U.S./Canada, Europe, Latin America, APAC) with local drivers and mitigation notes.
• Typical structure: a features/analysis section (e.g., “Inside the industrialization of fraud”) combining field reporting, human-impact narratives, and investigative findings about organized crime and trafficking linked to scams.
• Typical structure: expert commentary and advocacy pieces (e.g., “A fight for humanity”) that place fraud in social and ethical context and recommend industry and policy responses.
• Typical structure: case studies illustrating how behavioral signals reveal account takeover or coerced victims, demonstrating detection value and human costs.
• Typical structure: vendor and methodology notes (e.g., “About BioCatch”) describing data collection (behavioral telemetry), model inputs, customer base, and deployment scale for transparency and validation.
• Headline statistic: a 65% increase in reported scams between 2024 and 2025 among the report’s customers, signaling a large, rapid rise in scam volume.
• Scam-type shifts: major increases include a 100% spike in vishing, a 10x surge in smishing, a 63% uptick in romance scams, a 42% increase in investment scams, and a 14% rise in purchase scams; impersonation scams decreased by 15%.
• Regional-scale changes — U.S. and Canada: reported scams have more than quadrupled since 2023; purchase scams account for nearly half of cases; vishing reports increased by a factor of 15; unclassified scams decreased by 16% as reporting improves.
• Regional-scale changes — Europe: overall scam reports nearly doubled in 12 months; romance scams have doubled annually since 2023; voice scams doubled; false online purchases represent ~25% of scams; job scams quadrupled though remain under 1% of volume.
• Regional-scale changes — Latin America: reported scam volumes increased sixfold year-over-year, driven by higher attempts and better reporting; smishing grew 14x and vishing tripled, but many cases remain unclassified.
• Regional-scale changes — APAC: scam volumes rose 35% overall; romance and investment scams doubled; impersonation (largely vishing/bank impersonation) rose ~25%; trends vary by country (e.g., Australia lower losses, rises in India and Southeast Asia).
• System-level drivers: the 2008 launch of Faster Payments (real-time rails) materially increased scammers’ success by reducing reversal windows; improved anti-hacking controls pushed criminals toward social engineering and APP scams.
• Technology drivers: GenAI has lowered barriers and enabled scaling—automating social engineering content, crafting believable lures, and improving operational efficiency for fraud “industries.”
• Industrialization and human cost: investigative reporting exposes large scam compounds (e.g., in Cambodia/Sihanoukville) using trafficked labor, forced to run scams at scale; victims sold for thousands of dollars and abused, pointing to organized-crime and trafficking links.
• Detection and defense insights: behavioral-intelligence (BioCatch) and device signals are emphasized—collection of thousands of anonymized data points, machine-learning models, and industry collaboration help distinguish criminals from legitimate users and reduce losses.
• Operational gaps: high shares of unclassified scams and inconsistent follow-up/reimbursement rules limit intelligence; stronger reporting standards and payment controls (e.g., Confirmation of Payee) can reduce certain risks but are imperfect.
• Recurring themes and takeaways: scams increasingly exploit human psychology, scale quickly, evade legacy defenses, and cause severe personal harm; mitigation requires behavioral detection, real-time controls on payment rails, improved reporting, industry cooperation, and policy action to disrupt trafficking and organized networks.
• Actionable implications: prioritize behavioral biometrics and device intelligence, invest in cross-industry information sharing, harden payment-rail controls and name-checking where possible, and pair fraud detection with law enforcement and anti-trafficking efforts to address both financial loss and human exploitation.