FTC Report: Social Media Scams Exceed $2.1 Billion in 2025 Losses

The Federal Trade Commission (FTC) has released alarming data regarding the scale of financial fraud occurring on popular networking platforms. According to BleepingComputer, Americans reported losses exceeding $2.1 billion to social media scams in 2025. This figure highlights a significant escalation in fraudulent activity since 2020, as threat actors increasingly exploit the ubiquity and perceived intimacy of social platforms to target victims.

Analysis of Social Media Scam Trends 2025

The report indicates that while Phishing and online shopping fraud remain prevalent, the highest financial impacts stem from investment and romance scams. Investment fraud, often referred to in the industry as ‘pig butchering,’ has seen a substantial rise. In these schemes, attackers spend weeks or months building a relationship with a victim before convincing them to invest in fraudulent cryptocurrency platforms. These operations are no longer the work of lone actors but are often conducted by organized crime groups that utilize sophisticated TTP frameworks, including script-based automation and professionalized social engineering tactics.

Romance scams also contribute heavily to the $2.1 billion total. Attackers create deceptive profiles to establish emotional bonds with victims, eventually requesting funds for fabricated emergencies, travel expenses, or ‘guaranteed’ investment opportunities. The FTC data suggests that these scams are particularly effective because they leverage the trust inherent in social connections. For security professionals, this trend emphasizes the need for a Zero Trust approach even when interacting with seemingly familiar or verified profiles.

How to Detect Social Media Fraud and Investment Schemes

Identifying these threats requires a multi-layered approach to behavioral analysis. Security teams should look for indicators of compromise that manifest as unusual login patterns or the sudden use of unmanaged messaging applications for business discussions. To assist in preventing investment scams on social media, organizations should implement reporting mechanisms where employees can flag suspicious solicitations. Common indicators include requests for payments via cryptocurrency, wire transfers, or gift cards—payment methods that offer little to no recourse for recovery once the transaction is finalized.

Furthermore, the use of generative AI has allowed scammers to produce highly convincing personas and automated messaging, making traditional indicators like poor grammar or spelling less reliable. This shift requires defensive teams to focus on the underlying intent and the nature of the request rather than just the presentation of the message.

Strategic Mitigation and Defense

For the enterprise, the intersection of personal social media usage and corporate security is a significant vulnerability. Security leaders should integrate social media threat intelligence into their SOC operations. By monitoring for brand impersonation and executive impersonation on these platforms, teams can proactively take down fraudulent accounts before they are used to target employees or customers.

Integrating alerts from these platforms into a SIEM can provide a broader view of the threat landscape. Organizations should also consider extending EDR policies to monitor for the installation of unauthorized communication tools that are frequently used by scammers to move victims away from the safety of moderated platforms. Ultimately, the most effective defense remains a combination of technical controls and frequent, high-fidelity security awareness training that addresses the specific psychological triggers used by modern fraudsters.