According to data released by the FTC in its annual Consumer Sentinel Network Data Book, nearly half of the fraud reported to the federal government in 2023 fell into the category of impersonation fraud — 330,000 scams impersonating businesses and 160,000 scams impersonating government institutions.
Allure Security’s online brand impersonation detection data corroborates the FTC’s findings. Impersonation fraud shows no sign of abating. Not only are complaints up from previous years, but monetary losses as well.
The goal of this article is to inform interested parties of recent scam trends impersonating businesses and government institutions as reported by the FTC and to provide further proof that online brand impersonation isn’t easing up. As this problem continues to escalate, brands should be looking to modernize their approach to protecting themselves online.
Whether in terms of reports or dollars lost, fraud was up in 2023. The FTC reports a total of $10 billion in losses and 2.6 million reports in 2023 — up from $9 billion lost and 2.5 million reports in 2022. As noted by the FTC, very few incidents of fraud are actually reported to the government. Even these large numbers of reports and dollars lost are a mere sliver of the entire problem.
Business imposter scams were the most reported fraud subcategory (373,683 reports totaling ~$1,372,765,373 in losses), with government impersonations coming in third (191,079 reports totaling ~$701,949,725 in losses). Excluding reports classified as “unspecified”, scams impersonating businesses and government entities accounted for 48% of all reports sent to the FTC in 2023. Considering reports to the FTC account for all types of fraud, it is hard to overstate the prevalence of imposter scams that have victimized consumers in 2023.
While it’s not exactly a new development that business and government impersonation scams frequently target consumers, the FTC reports a shift in the methods and tactics used to fool people.
In 2023, reports highlighted that scammers frequently impersonate multiple organizations within a single scheme. Where consumers would once receive fraudulent messages posing as a brand or government entity by itself, we now see multiple impersonations within multiple layers of the same scam.
The FTC’s 2024 Imposter Scams Spotlight reports that there is “an increasingly blurred line between business and government impersonation scams: many scammers impersonate more than one organization in a single scam.” This may, for instance, take the form of a fake government email directing users to a fake bank website designed to harvest user credentials, or that same website/email instructing users to contact a scammer posing as an official corporate or government entity.
A scam’s contact method has played a large role in efficacy over recent years. The FTC reports a correlation between contact method or “invite vector” and a scam’s effectiveness.
Scams that use websites, apps, and social media as a contact method are up year over year in both prevalence and danger. Increasing by just under 33,000 reports, 2022’s study logged 342,423 fraud reports using web, social, or mobile as an attack vector – whereas 2023 saw 375,055 – about a 10% increase. These contact methods were mentioned in 25% of 2023 fraud reports and were by far the most likely to report monetary losses resulting in $2.38 billion in monetary damages — up 12% over 2022.
Fraud schemes that used websites or apps as their contact method saw 60% of victims report monetary loss. Fraud with social media as a contact method saw 68% of victims report monetary loss. Comparing these attack vectors and their associated monetary loss with other contact methods, their effectiveness is clear. Fraud stemming from fake websites, social media, or mobile apps will most likely lead to consumer financial damage.
These attack vectors are extremely effective and dangerous, and brands – regardless of their presence (or lack thereof), should prioritize protecting customers across relevant channels. That might look like registering a brand account on social media to establish yourself, clearly communicating where to download mobile apps, and proactively monitoring the internet for website impersonations, deceptive social media profiles targeting your customers, and rogue versions of your mobile apps.
Across the board, fraud is continuing to grow year over year. Scammers are taking advantage of our increasingly online ecosystem, incorporating new methods to victimize more people and do more damage. Abusing the familiarity that consumers have with websites, mobile apps, and social media has proven to be an extremely effective method for introducing scams to exploit consumers.
Brands should consider managing this risk through a combination of increased communication, proactivity, and presence.