The State of Identity Theft and Consumers Scams in the U.S.

Giact Logo

The rate of identity theft and scam activity in the U.S. remains alarmingly high with the potential to become more costly to consumers, businesses and financial institutions.

In late 2021, GIACT (a Refinitiv company) commissioned Aite-Novarica Group to survey U.S. consumers. Here's what we found.

The rate of identity theft and scam activity in the U.S. remains alarmingly high with the potential to become more costly to consumers, businesses and financial institutions.

In late 2021, GIACT (a Refinitiv company) commissioned Aite-Novarica Group to survey U.S. consumers. Here's what we found.

One-in-four U.S. consumers surveyed reported that they were victims of identity theft in 2021.
One-in-four U.S. consumers surveyed reported that they were victims of identity theft in 2021.
46%
of victims were between the ages of 25-44 years old.

These are prime years of economic activity that make this group especially attractive targets to fraud operators.

46%
of victims were between the ages of 25-44 years old.

These are prime years of economic activity that make this group especially attractive targets to fraud operators.

In 2021, identity fraud shifted, dramatically targeting consumers 55 and older who are considered "digital newbies," who switched to digital channels en masse during the pandemic.
IDENTITY THEFT BY AGE GROUP
In 2021, identity fraud shifted, dramatically targeting consumers 55 and older who are considered "digital newbies," who switched to digital channels en masse during the pandemic.
IDENTITY THEFT BY AGE GROUP

Reported cases of identity theft were spread across two main vectors of attack: account takeover and application fraud.

Common channels for application fraud include:
credit card
0 %
checking account
0 %
mobile phone purchases
0 %
filing state & federal taxes
0 %
filing unemployment benefits
0 %
Buy Now, Pay Later
0 %
Common channels for account takeover include:
changing account contact info
0 %
sending a wire
0 %
moving funds with ACH or bill pay
0 %
credit card transaction
0 %
moving funds out of an account with p2p
0 %
card on file at an e-commerce merchant
0 %

Reported cases of identity theft were spread across two main vectors of attack: account takeover and application fraud.

17% of consumers experienced application fraud
Common channels for application fraud include:
credit card
0 %
checking account
0 %
mobile phone purchases
0 %
filing state & federal taxes
0 %
filing unemployment benefits
0 %
Buy Now, Pay Later
0 %
16% of consumers experienced account takeover
COMMON CHANNELS FOR ACCOUNT TAKEOVER INCLUDE:​
changing account contact info
0 %
sending a wire
0 %
moving funds with ACH or bill pay
0 %
credit card transaction
0 %
moving funds out of an account with p2p
0 %
card on file at an e-commerce merchant
0 %

When identities are stolen and accounts compromised, reputations suffer - sometimes beyond repair.

"How was your confidence in your financial institution's ability to protect your accounts impacted after that it was accessed without your consent?"
According to 31% of victims, "My confidence was negatively impacted or destroyed, and I moved one or all of my accounts to another financial institution."

When identities are stolen and accounts compromised, reputations suffer - sometimes beyond repair.

"How was your confidence in your financial institution's ability to protect your accounts impacted after that it was accessed without your consent?"
According to 31% of victims, "My confidence was negatively impacted or destroyed, and I moved one or all of my accounts to another financial institution."

One-in-three U.S. consumers surveyed reported that they were targeted by scams in 2021.

One-in-three U.S. consumers surveyed reported that they were targeted by scams in 2021.

The velocity of scam activity in 2020 and 2021 increased rapidly, spanning e-mail, phone and text message - with phishing overwhelmingly recorded as the most commonly-used scam.

scam tactics experienced by U.S. consumers in 2021

The velocity of scam activity in 2020 and 2021 increased rapidly, spanning e-mail, phone and text message - with phishing overwhelmingly recorded as the most commonly-used scam.

scam tactics experienced by U.S. consumers in 2021

Most common types of scams, defined

The scammer sends emails or text messages with a link to a website where malware is installed on the device. Sensitive information may be captured on the website or via the malware on the device going forward.

The scammer convinces the consumer to provide sensitive information, make a payment, or click on a link to a specific website (installing malware on the device) in order to quality for a large windfall.

The victim pays in advance for goods or services that are never received. Often, these scams are run through online auction websites or social media where goods are offered for sale.

The scammer takes control of a trusted third-party’s email and sends an email appearing to be from that person to an employee of the business instructing that a specific payment be made. Funds go to an account controlled by the scammer. This can also occur with individuals’ personal email accounts but is best known for business transfers that result in very large losses.

Scammers use various methods to install malware on consumer devices. The malware may be a keylogger to capture online credentials when keyed, be a trojan to allow remote access to the device, enable a man-in-the-middle attack during future online sessions, or be various other types of malware installed on the device.

The scammer claims to be with a reputable firm and says there is a problem with a device such as a mobile phone or laptop that needs to be corrected. The focus of this scam is to either get consumers to pay for unnecessary repairs to deices or leverage access to the victim’s machine to deploy malware or ransomware.

The scammer convinces a consumer to pay a fee. In exchange, the scammer promises to release a much larger amount of money or a price that never materializes.

The scammer convinces a consumer to pay a fraudulent invoice or to redirect the payment for a legitimate invoice to a different account (that is controlled by the scammer).

The victim (typically female) is convinced to send money to a person that she has never met in person but met through a social media website or dating service. The consumer believes she is in a relationship with the person she is corresponding with; generally, additional sums are extracted over time.

The scammer convinces the consumer to release an OTP sent by the consumer’s bank, mobile carrier, or other company to enable the fraudster to conduct fraudulent transactions successfully (e.g., releasing a fraudulent transaction, authoring the purchase of a new mobile devices).

The consumer is specifically directed to use a P2P payment method when purchasing online goods, paying an advance fee, sending funds to invest, or participating in another scam. P2P transactions are real-time and cannot be canceled, so they are particularly attractive to thieves.

The scammer contacts the consumer claiming to work for that person’s bank and convinces the consumer to make a payment, provide confidential information, or provide an OTP so the scammer can steal funds.

The scammer claims to represent a charity, government agency, utility provider, mobile carrier, family member in crisis, or other firm and convinces the consumer to make a payment.

Most common types of scams, defined

The scammer sends emails or text messages with a link to a website where malware is installed on the device. Sensitive information may be captured on the website or via the malware on the device going forward.

The scammer convinces the consumer to provide sensitive information, make a payment, or click on a link to a specific website (installing malware on the device) in order to quality for a large windfall.

The victim pays in advance for goods or services that are never received. Often, these scams are run through online auction websites or social media where goods are offered for sale.

The scammer takes control of a trusted third-party’s email and sends an email appearing to be from that person to an employee of the business instructing that a specific payment be made. Funds go to an account controlled by the scammer. This can also occur with individuals’ personal email accounts but is best known for business transfers that result in very large losses.

Scammers use various methods to install malware on consumer devices. The malware may be a keylogger to capture online credentials when keyed, be a trojan to allow remote access to the device, enable a man-in-the-middle attack during future online sessions, or be various other types of malware installed on the device.

The scammer claims to be with a reputable firm and says there is a problem with a device such as a mobile phone or laptop that needs to be corrected. The focus of this scam is to either get consumers to pay for unnecessary repairs to deices or leverage access to the victim’s machine to deploy malware or ransomware.

The scammer convinces a consumer to pay a fee. In exchange, the scammer promises to release a much larger amount of money or a price that never materializes.

The scammer convinces a consumer to pay a fraudulent invoice or to redirect the payment for a legitimate invoice to a different account (that is controlled by the scammer).

The victim (typically female) is convinced to send money to a person that she has never met in person but met through a social media website or dating service. The consumer believes she is in a relationship with the person she is corresponding with; generally, additional sums are extracted over time.

The scammer convinces the consumer to release an OTP sent by the consumer’s bank, mobile carrier, or other company to enable the fraudster to conduct fraudulent transactions successfully (e.g., releasing a fraudulent transaction, authoring the purchase of a new mobile devices).

The consumer is specifically directed to use a P2P payment method when purchasing online goods, paying an advance fee, sending funds to invest, or participating in another scam. P2P transactions are real-time and cannot be canceled, so they are particularly attractive to thieves.

The scammer contacts the consumer claiming to work for that person’s bank and convinces the consumer to make a payment, provide confidential information, or provide an OTP so the scammer can steal funds.

The scammer claims to represent a charity, government agency, utility provider, mobile carrier, family member in crisis, or other firm and convinces the consumer to make a payment.

Retrieving money from a scam is never easy, and consumers are rarely able to fully recover losses - and often, are unable to recover any of the funds lost.

PERCENTAGE OF CONSUMERS WHO NEVER GOT THEIR MONEY BACK by scam

Retrieving money from a scam is never easy, and consumers are rarely able to fully recover losses - and often, are unable to recover any of the funds lost.

PERCENTAGE OF CONSUMERS WHO NEVER GOT THEIR MONEY BACK by scam

Educating consumers is key to preventing scam activity, yet:

45%
of consumers claim to have never received any educational resources about consumer scams from any source.

Educating consumers is key to preventing scam activity, yet:

45%
of consumers claim to have never received any educational resources about consumer scams from any source.

Download the complete report now and learn how GIACT can help your organization defend against identity-based attacks.

Giact Logo
Methodology

GIACT (a Refinitiv company) commissioned Aite-Novarica Group to conduct an online quantifiable survey in the first quarter of 2022. In developing the report, GIACT provided its insight, informed by its understanding and solutions that address today’s most complex identity theft challenges, to help steer the scope of this report.

Aite-Novarica’s survey on identity theft included 8,520 U.S. consumers aged 18 or older. The sampling was click-balanced to the U.S. census for age, gender, income, and region to create an accurate market profile of identity theft. In addition, 3,042 U.S. consumers were surveyed about their familiarity with and experience with criminal scams. The data have a margin of error of approximately 3 points at the 99% confidence level.

© Copyright 2022 GIACT Systems, LLC

Age of U.S. Consumers Experiencing Identity Theft
(Base: 2,133 consumers experiencing identity theft)
Percentage of Consumers Who Never Got Their Money Back By Scam