The FTC reported that Americans lost $2.1 billion to social media scams in 2025, with Facebook accounting for $794 million—more than any other platform.
According to the Federal Trade Commission, social media platforms continue to be prime breeding grounds for financial fraud. Facebook emerged as the leading source, responsible for nearly 38% of reported social media scam losses.
Love scams, investment schemes, and shopping fraud topped the list of most common scam types. These categories exploited user trust and desire for connection or financial gain, often targeting vulnerable populations.
The $2.1 billion figure represents only reported losses—actual damage likely exceeds this amount, as many victims never file complaints with authorities. The scale of the problem underscores how effectively scammers leverage social platforms' massive user bases and algorithmic targeting capabilities.
Facebook's dominance in scam-related losses reflects both its size and the trust many users place in the platform. Scammers frequently create fake profiles impersonating romantic interests, financial advisors, or legitimate businesses. The platform's commerce features and messaging systems make it particularly vulnerable to exploitation.
Other platforms also contributed to losses, though at lower rates. The disparity highlights how network effects work against consumers—larger user bases create larger victim pools for fraudsters to target.
The FTC findings serve as a reminder for users to verify identities before engaging financially with online contacts, avoid clicking suspicious links, and report fraudulent activity. Social media companies face ongoing pressure to strengthen fraud detection and account verification systems.
For consumers, the data suggests exercising heightened caution when encountering investment opportunities, romantic advances, or seller interactions on social platforms. Legitimate organizations typically do not conduct sensitive financial transactions through social media.
Partnered Health, one of Australia's largest healthcare providers, has disclosed a cyber-attack affecting 21 clinics across Sydney, Melbourne, and Canberra. Personal information and medical records were compromised in the breach.
Security firm Intruder has developed an AI-powered system that automatically identifies previously unknown software vulnerabilities by combining code analysis with large language models. The tool already discovered and exploited a WordPress plugin zero-day.
U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.