Mean financial losses for organizations targeted by deepfake-related incidents stand at over $280,000.

Deepfake-related incidents targeting organizations increased 10% year-over-year.

The percentage of organizations that said deepfake defense will be a top priority was 43% in 2024.

Over 61% of organizations that have lost money in a deepfake attack reported losses in excess of $100,000.

88% of organizations have provided deepfake-related cybersecurity training.

Live voice-only call deepfake attacks currently account for 41% of deepfake threat vectors.

Over 63% of respondents reported being “very concerned” about the threat deepfakes pose to their organizations.

55% of organizations targeted by deepfake attacks suffered financial losses averaging more than $280,000.

Over 5% of organizations targeted by deepfake-related incidents have lost $1 million dollars or more.

85% of organizations experienced one or more deepfake-related incidents in the past 12 months.

1% of organizations said they had no plans to invest in deepfake defense.

54% of UK fraud leaders ranked device reputation in their top three fraud prevention technologies, making the UK the only market surveyed to rank this technology highest.

Spain's suspected digital fraud rate declined to 2.8% in H1 2025, down from 4.6% in H1 2023.

The suspected digital fraud rate in the UK dropped to 1.8% in H1 2025, down from 3.3% in H1 2023.

Total equivalent fraud losses among the 1,200 business leaders surveyed in 2025 reached USD$534 billion.

One-time passcodes remained the most popular second factor, utilized by 33% of business leaders globally, down from 35% in 2024.

The Retail sector in Hong Kong experienced the highest rate of suspected digital fraud, reaching 19.4%.

25% of surveyed business executives in Latin America reported their companies lost the equivalent of 10% or more of their revenues in the past year.

5% of targeted UK consumers fell victim to fraud, a decrease from 6% reported late last year.

29% of organizations identified account misuse or other fraud as the most common API security problem.