Global banking scams surged by 65% in one year
Scam activity in global banking has exploded. Over the last year, scams grew by 65% across financial institutions worldwide. This isn’t a trendline you can ignore. For leaders managing large financial networks, it’s not just a warning, it’s a shift in the risk landscape that’s happening right now.
BioCatch, which focuses on behavioral biometrics, essentially using how people interact with devices to identify fraud, compiled data from banks serving more than 350 million users. It saw massive jumps in all major scam types. Voice phishing, the kind where scammers call pretending to be bank employees or tech support, doubled. Romance scams climbed 63%. Investment scams spiked 42%. Worst of all, SMS phishing, fraud delivered through text messages, grew by 1000%. That’s not evolution. That’s escalation at scale.
Stepping back, this means fraud no longer operates in shadows. It’s now aggressive, systematic, and deeply interwoven into how digital communications function globally. Texts that look real aren’t real. Emails are clever. Phone scripts sound legitimate. And they’re working.
If you’re a decision-maker in banking, fintech, telecom, or even consumer goods, this isn’t just a security issue, it touches customer experience, operational risk, brand trust, and regulatory exposure. Waiting for things to stabilize isn’t an option. You need detection tactics that scale quicker than the scams themselves. Traditional defenses like passwords and standard bots aren’t moving fast enough. Systems that understand user behavior, like how fast and where you type, how confidently you navigate financial tasks, are proving more effective than your garden-variety firewalls.
In short, this is an arms race. The scams are getting smarter. Which means your tools need to be smarter, faster, and more user-aware, today, not next quarter.
Purchase scams are the most common form of fraud globally
Even with scams evolving aggressively, some basics haven’t changed. Purchase scams remain the most common fraud type worldwide. They’re boring compared to deepfake impersonations or malware-delivered payloads, but they’re consistent, reliable, and still highly profitable for fraud networks. Over the past year, incidents of purchase scams grew 14%.
This kind of fraud usually targets online payments, primarily through e-commerce platforms, social media ads, and fake storefronts. These scams don’t require complex infrastructure. Fraudsters set up fake shops selling goods that don’t exist, take payment, and vanish. It’s simple. It works. And millions fall for it annually.
From an executive perspective, this points to a bigger issue, transaction trust. Any business involved in online sales, platforms, or payment processing must recognize how central user credibility and real-time verification are becoming. It’s not just about protecting the payments themselves. It’s about ensuring that users trust the end-to-end experience.
The tactics to handle this are straightforward in theory, but complex in execution. You’ll need dynamic fraud scoring, behavior-based authentication, and third-party data enrichment to evaluate sellers and buyers in real time. Banks should also improve dispute resolution processes. It sounds operational, but it’s strategic. Real-time trust is a business differentiator now.
Ignoring purchase scams because they’re just basic is a mistake. They’re quietly pulling more users into loss than any other category. Treat them with the seriousness they warrant. Automate what you can. Detect before they process. And don’t leave buyers questioning if your platform is safe. That uncertainty costs more than the scam.
Consumers lose over $1 trillion annually to scams
The numbers are not just big, they’re unacceptable. Global losses due to scams now exceed $1 trillion a year, according to the Global Anti-Scam Alliance. That represents not only consumer impact, but a direct signal to industries reliant on digital transactions. The scale of theft is operational. It’s already reshaping how risk should be managed across sectors.
For C-suite leaders, this data should shift how you allocate capital and rethink strategic priorities. One trillion isn’t just vacuumed from personal bank accounts, it’s drained from your customers, your platforms, and your economy. These losses erode trust in digital ecosystems and introduce new friction that affects growth.
This isn’t a regulatory challenge alone, it’s a leadership opportunity. Executives across financial services, e-commerce, telecom, and consumer tech need to see fraud as a core business risk, not a back-office IT problem. That means investing in vertical integration of fraud detection, across customer service, product design, and payment infrastructure.
Leaders who get proactive, those who fund behavioral security tools, educate consumers in real time, and share fraud intelligence across ecosystems, are not only protecting users. They’re actively preserving competitive advantage. Companies that don’t evolve fast enough will face higher chargebacks, tighter regulatory oversight, and diminishing user retention. And users, once burned, rarely come back.
Organized crime drives the scam surge
This rise in scams isn’t random or opportunistic. It’s being driven, methodically, by organized criminal enterprises. These are structured operations, run with resources, protected networks, and systems built for scale. They’re not just stealing payment info. They’re re-routing global capital. In some cases, they’re funding other forms of exploitation most companies never envisioned being connected to.
Ian Mitchell, Founder of The Knoble, said it bluntly: “The financial system is being exploited to exploit people.” That’s what’s happening, people’s life savings are being siphoned off and some of that money is flowing into child exploitation, scam labor centers, and other trafficking operations. It’s industrial crime with real and permanent damage.
Erin West, Founder of Operation Shamrock, reinforced the scale we’re now facing. She noted, “Entire cities are now dedicated to scams, operating openly, protected, and expanding.” This isn’t fear-driven speculation. These operations are public, coordinated, and growing fast, with infrastructure in place to sustain that growth.
For top executives, this shifts the equation on fraud completely. You’re no longer protecting your customers from lone actors or small rings. You’re facing enterprise-level threats with capabilities that mirror legal tech companies. This demands executive oversight. Scarce budgets for fraud prevention don’t reflect reality anymore. Think in terms of investing in counter-networking efforts: technology plus inter-institution coordination, and law enforcement collaboration.
There’s also brand integrity at stake. If customers perceive your platform as a weak point in the fraud chain, you lose relevance and trust, fast. Every large-scale scam damages more than a bottom line. It damages operational credibility, especially when the actors behind these scams are willing to risk everything, because, unlike legitimate enterprises, they don’t play by the same rules. So you need to make sure your operations control the rules of engagement.
Behavioral intelligence tools show promise in reducing impersonation scams
There is a small but important shift worth your attention. While most scams are accelerating, impersonation scams, where criminals pretend to be legitimate institutions or trusted individuals, have dropped by 15% among BioCatch customers. This decline is attributed to the deployment of advanced behavioral intelligence tools. These systems identify fraud not by what users type, but by how they behave, such as typing rhythm, mouse movement, and navigation intent.
This is a clear example of where innovation moves faster than criminal infrastructure. Behavior-based solutions are harder to circumvent because they don’t rely on static data like passwords or one-time codes. Instead, they build user identity models in real time, adjusting dynamically to both legitimate and suspicious behavior.
For executives, the value here is strategic. You’re not only deploying another fraud detection layer, you’re capturing a new form of passive authentication that minimizes user friction, reduces false positives, and scales without needing massive human oversight. That’s critical if you’re dealing with millions of transactions daily. It also integrates well across banking, fintech, healthcare, and other sectors where secure identity is non-negotiable.
BioCatch launched Scams360 in July as a direct response to evolving social engineering threats, in particular, romance scams, investment fraud, and business email compromise attacks. These are attacks that don’t rely on malware or brute force, they rely on manipulating the user. Intelligence tools that understand user intent from the inside-out are starting to make a measurable difference.
What this proves is simple: when you use dynamic signals, you change the game. Criminals can’t fake behavior they don’t understand. And companies that apply this correctly will gain not just protection, but operational leverage.
Scams cause severe emotional and personal harm in addition to financial loss
It’s easy to focus on loss in terms of numbers. But there’s a real human cost underneath the data. The BioCatch report includes a case study from a European bank involving a woman undergoing cancer treatment. Her daughter managed her finances, only to have both of them fall victim to a scam. This wasn’t just a transaction gone wrong. It was a direct emotional hit to a family already managing difficult circumstances.
This kind of outcome matters, and not just to regulators. For executives, recognizing the emotional dimension of fraud is essential to understanding customer expectations. When someone is financially exploited at a vulnerable moment, the brand that let it happen doesn’t just lose trust, it becomes linked to the trauma.
Fast detection and refunding policies are important, but they’re not enough. Companies who lead in this space build customer protection frameworks that are proactive, not reactive. That includes real-time fraud intervention, guided user decision assistance, and multilayered fraud response teams. People want to know not only that you’re watching their transactions, but that you’ll act when something’s off.
It’s also about internal culture. How your organization talks about scams, approaches edge cases, and balances automation with empathy will define your long-term relationship with users. Every company says they care about their customers. But those that invest in preventing emotional fallout show it, with policies that translate into action, not messaging.
The takeaway here is straightforward: financial loss is measurable, but reputational and emotional harm compounds silently. Leading companies don’t ignore this, they design for it.
Key highlights
- Global scams surged by 65%: Financial fraud is scaling fast, with SMS phishing growing 10x and vishing, romance, and investment scams surging. Leaders should invest in adaptive, cross-channel fraud detection to outpace these evolving threats.
- Purchase scams remain dominant: Despite newer fraud types, purchase scams saw a 14% rise and are still the most common globally. Prioritize transaction validation and seller authentication frameworks to reduce this persistent risk.
- $1 trillion lost annually to scams: Consumers are losing over $1 trillion per year to fraud, signaling systemic vulnerability. Executives should treat fraud prevention as a critical business investment, not a back-office cost.
- Organized crime drives scam growth: Coordinated criminal networks are behind the fraud surge, using sophisticated operations across entire regions. Leaders need to support cross-border intelligence-sharing and deepen law enforcement collaboration.
- Behavioral tools reduce impersonation scams: Impersonation scams fell 15% for banks using behavioral biometrics like Scams360. Companies should integrate behavior-based identity systems to detect social engineering without harming user experience.
- Scams carry emotional and brand cost: Beyond money, scams take a heavy personal toll, especially on vulnerable users. Customer protection strategies must include real-time intervention and empathetic support to maintain brand trust.
