Imposter scams were the most commonly reported type of fraud in 2025, with Americans reporting $3.5 billion in losses, according to new data from the US Federal Trade Commission (FTC). Reported losses have increased nearly three times since 2020, and the true number is likely much higher since many scams go unreported. Losses across all types of fraud surged to $16 billion, a 25% increase compared to 2024.
Multiple sophisticated phishing kits are now focusing on harvesting device codes to breach accounts without a password, according to researchers at LevelBlue.
New research by McAfee has found that many consumers tend to ignore red flags associated with scams when searching online for a good deal. The research identified the following consumer habits, all of which make users more likely to fall for online scams:
If you’re around my age, then you know the joy of using an old paper map. Not real joy, obviously. More the sort of joy normally associated with trying to keep track of 3 pages, getting told off for not holding it the right way up, or for giving instructions too late, and discovering that the road you were confidently following was replaced by a retail park sometime during the Blair years.
Account takeover is one of the most common ways organizations get breached and one of the hardest to train users on. Not because users don’t care, but because usually training happens in unrealistic scenarios, long before or long after the moment it would actually matter.
An extortion gang tracked as “Silent Ransom Group” is targeting US law firms with voice phishing and in-person social engineering attacks, according to researchers at Mandiant and Google’s Threat Intelligence Group (GTIG).
Cloud email security has become pretty good. Not perfect, obviously, because the attack landscape is forever changing. But good enough that the old tactics do not land with the same success rate they once did. Filters are sharper. Detection is better. Users are smarter.
