The Trustmi 2025 Socially Engineered Fraud & Risk Report

Compromised third-party vendors (31.6%) was among controls with the highest failure rates in enterprise fraud attacks.

31.62% of respondents said fraud crossing multiple systems was a factor in fraudsters successfully bypassing enterprise systems.

32% of respondents said a trusted but compromised source was a factor in fraudsters successfully bypassing enterprise systems.

26.75% of enterprises that experienced losses due to fraud lost over $1 million in a single incident.

In 88% of major fraud incidents at enterprises, at least one critical control failed, often more.

70% of fraud incidents at enterprises spanned multiple platforms and teams.

25.33% of respondents said security tools missing the fraud attack was a factor in fraudsters successfully bypassing enterprise systems.

Nearly one in six enterprises are facing fraud attempts every week.

Nearly one in four enterprises report multiple fraud attempts a year.

22% of enterprises that experienced losses lost between $100K–$500K.

83.6% of enterprises experienced at least one fraud attempt in the past year.

34.4% of finance and cybersecurity leaders at enterprises stated that gaps between finance and security teams were a factor in a recent fraud incident or near miss.

One in four organizations lost over $1 million from a single fraud incident.

29.19% of enterprises that experienced losses lost between $500K–$1M.

Only 27% of finance and cybersecurity leaders at enterprises said fraud prevention ownership is shared between finance and security teams.

Email and messaging security (44.6%) was among the controls with the highest failure rates in enterprise fraud attacks.

Threat detection/escalation process (27.85%) was among the controls with the highest failure rates in enterprise fraud attacks.

40.57% of respondents said email looking legitimate was a factor in fraudsters successfully bypassing enterprise systems.

Nearly half (47.6%) of enterprises reporting direct losses lost $500K or more in a single fraud incident.

15.7% of enterprises face fraud attacks weekly or more.

34.5% of finance and cybersecurity leaders at enterprises cited misalignment between finance and security groups as a factor in a recent fraud or near miss.

Bank account validation tools (26.5%) was among the controls with the highest failure rates in enterprise fraud attacks.

The top factor cited for attackers successfully bypassing systems was human error at 46.10%.

Employee security awareness training (32.2%) was among the controls with the highest failure rates in enterprise fraud attacks.