Fraud loss numbers are all over the place. The one sure thing is they’re rising fast.

According to a February 2024 report from the US Federal Trade Commission (FTC), Americans lost more than ten billion dollars to scammers of all kinds during 2023, setting a new record. Check out this one-page infographic for some fascinating details: 

And when it comes to global losses to scams and frauds, the Nasdaq Global Financial Crime Report pegs the 2023 number at $485.6 billion. 

Both these numbers are pretty shocking, but searching around for other estimates turns up a surprising range, probably due to variations in what different agencies count as examples of frauds or scams.

For example, as reported in USA Today, the Global Anti-Scam Alliance (GASA) recently released its 2024 Global State of Scams Report, which concludes that in the past 12 months scammers have stolen a jaw-dropping $1.03 trillion! But their 2023 report found a total take of $1.026 trillion, which is “only” $4 billion lower.

But wait! According to Fraud.com, “It’s estimated that Fraud loss is $5.4 trillion globally.” However, it does not attribute that estimate to anyone, eliding that question by using the passive construction. It’s believed that skepticism may be justified.

The big picture

Let’s take a step back and look at the big picture. All these estimates agree that fraudsters are stealing a lot of money and that the collective losses are trending pretty sharply upward. At Fraud.com, a recent post lists the top 10 fraud trends in 2024, and it’s pretty interesting. 

According to them, “automation” is the number 1 trend, and it’s easy to understand why. Automated bots and AI-powered cyberattacks give fraudsters the ability to dramatically ramp up the number of attacks they launch, along with their effectiveness. The number 2 trend in Fraud.com’s list is “account takeover”—which is a mode of attack that benefits tremendously from automation and AI. 

Some good news?

The Identity Theft Resource Center (ITRC) has released its 2024 Consumer & Business Impact Report, and the top-level finding is that consumers and businesses are both making changes to their cyber habits in order to reduce the risk of identity theft and consequent fraud.

Consumers, it finds, are increasingly freezing their credit, using more robust passwords, and adopting more advanced technologies like passkeys. In addition, small businesses are increasingly adopting stronger data protection practices and collecting less data from customers and partners, with the goal of making less data available for fraudsters to steal and exploit.

Here’s the ITRC’s infographic summary of findings: 

What you can do

Organizations of all sizes can take a number of steps to reduce the risk that either they or their employees and customers will fall victim to fraud. Resource-constrained organizations with limited IT and cybersecurity staffing can especially benefit from implementing policies and technologies designed to reduce risk without requiring a lot of expertise.

• Security awareness training – Few things reduce fraud risk more than a well-designed and thoughtfully implemented program of security awareness training. For example, the security awareness training functionality included with Barracuda Email Protection can be an invaluable tool for building a culture of security across your organization. 

• Zero trust access controls – Better and more secure than traditional password-based credentials, multi-factor authentication, or passkeys, zero trust functionality makes it much harder for non-authorized individuals or bots to access your digital resources, even if they’ve stolen or purchased valid credentials. Zero trust security is built into numerous Barracuda solutions, including Email Protection, Application Protection, and Network Protection. 

• Outsourced XDR service – Designed specifically to provide the highest level of cybersecurity protections to organizations without the resources to maintain a fully staffed Security Operations Center (SOC), XDR services like Barracuda Managed XDR dramatically accelerate the process of identifying and responding to threats as they occur, 24/7 in near-real time. The faster you find and isolate threats, the less chance there is of them accessing critical data that could lead to fraud. 

• Modern data protection – Today’s advanced threats are in many cases designed to find and corrupt vulnerable backup solutions. But a modern backup solution like Barracuda Backup or Barracuda Cloud-to-Cloud Backup is designed and constantly updated to prevent these tactics from working, ensuring that you cannot permanently lose any of your data, and can recover very quickly from an attack that manages to damage any of your primary data stores.