trust & fraud data
Measuring fraud — volume, who's affected, monetary impact — and the evidence on whether call authentication and other defenses are actually moving the numbers.
Most sources report from inside their own incentives, and there is no central repository for all calls, texts, or emails — each measures only its own slice. So read directions and proportions, not cross-source totals; where independent vantage points agree, that's the signal. Every figure is attributed to its source below.
Volume holds, signing coverage stalls
YouMail monthly U.S. robocall volume vs. TransNexus signed-at-termination %
Volume sits on a multi-year ~4–4.5B/month plateau while signed-at-termination coverage rose to a ~49% peak (late 2024) and slid back to the low-to-mid 40s — more signers, flat coverage. Two different vantage points (consumer-app counting vs. carrier-tools signing), so read the directions, not a shared total.
Sources: YouMail (US robocall volume, monthly) · TransNexus (Signed calls at termination, monthly)
The widening gap: top-tier vs everyone else
TNS quarterly inter-carrier signed %, Tier-1 vs non-top-tier
The dangerous slice is growing
TNS quarterly unwanted-call volume: high-risk vs nuisance
Hiya State of the Call
Annual edition figures — markers, not a trend line
| Period | Calls analyzed (B) | Avg scam loss (USD) |
|---|---|---|
| 2021 | 150 | — |
| 2022 | 150 | 567.41 |
| 2023 | 243 | 431.26 |
| 2024 | 221 | 2257 |
| 2026 | — | 800 |
Hiya changes its headline metric and basis year to year (calls-analyzed basis shifts; loss figures vary US-per-country / global / all-victim). Treat as annual markers, not a continuous series.
Sources: Hiya (Calls analyzed (billions), annual) · Hiya (Avg scam loss per victim (USD), annual)
FTC Do-Not-Call complaints
DNC registry complaints by fiscal year — all vs. robocall subset
Complaints fell sharply from the 2021 peak to a 2023–24 low, then ticked back up in FY2025 — a demand-side signal (what consumers bother to report) to set against the supply-side volume counts. Fiscal years.
Sources: FTC (Do-Not-Call complaints (all), annual) · FTC (Robocall complaints (DNC), annual)
Reported fraud losses keep climbing
FTC consumer fraud vs. FBI IC3 total cybercrime — $ reported lost per year
Two different instruments — FTC counts consumer-reported fraud, IC3 counts all reported internet crime — so the levels aren't comparable, but both point the same way, steeply up. Read the direction, not a shared total.
Sources: FTC (Total reported fraud loss, annual) · FBI IC3 (Total reported cybercrime loss, annual)
Where the losses land, by contact method
FTC reported fraud $ by how the scam reached the victim (2023 vs 2024)
Social media leads reported fraud dollars, but phone, website, email and text each carry hundreds of millions — the cross-channel reality in one frame. Phone-call losses rose 2023->2024 even as call authentication rolled out.
Sources: FTC (Fraud loss via social media, annual) · FTC (Fraud loss via website/app, annual) · FTC (Fraud loss via phone call, annual) · FTC (Fraud loss via email, annual) · FTC (Fraud loss via text, annual)
Imposter scams — the on-beat slice
FTC reported $ lost to imposter scams per year
Imposter scams (government / business / relative impersonation) are the FTC category closest to the voice-fraud beat, and they keep grinding upward.
Source: FTC (Imposter-scam loss, annual)
GASA Global State of Scams
Estimated global scam losses per edition — markers, not a trend line
| Period | Global loss ($B) |
|---|---|
| 2022 | 55.3 |
| 2023 | 1026.0 |
| 2024 | 1030.0 |
| 2025 | 442.0 |
GASA's methodology changes nearly every edition (48-country aggregation 2022; survey-extrapolation 2023-24; tightened, range-framed 2025 at $442B–$1T), so year-to-year swings are largely methodology, not real change. Discrete markers only.
Source: GASA (Global scam loss (estimated), annual)
Phishing attacks per quarter
APWG observed phishing attacks
APWG's quarterly count hovers near a million. The 2026-Q1 point is from APWG's press release (full trends PDF pending).
Source: APWG (Phishing attacks observed, quarterly)
Telecom is now a top phishing target
Telecom's share of APWG most-targeted sectors, by quarter
Directly on-beat: telecom sat at ~2–6% of phishing targets through 2024–25, then jumped to 18.7% in Q4 2025 and ~33% in Q1 2026 (per APWG's release) — the biggest sector shift in the series.
Source: APWG (Telecom share of phishing targets, quarterly)
Average BEC wire-transfer demand
APWG / Fortra average requested wire amount, by quarter
What attackers ask for in a BEC wire swings quarter to quarter (~$42k–$129k) — noisy, but a read on how aggressive the asks are.
Source: APWG (Avg BEC wire-transfer demand, quarterly)
Phishing domains, and how many are malicious
Interisle annual: domains used for phishing (left) vs. % maliciously registered (right)
Phishing-domain counts hit a record ~1.5M in the 2025 edition (+38%), and the share maliciously registered (vs. hijacked) climbed into the high 70s — attackers increasingly buy domains wholesale rather than compromise existing ones. Annual May–April windows.
Sources: Interisle (Domains used for phishing, annual) · Interisle (Maliciously-registered phishing domains, annual)
Botnet command-and-control
Spamhaus botnet C&Cs identified per half-year
After dipping through 2024, botnet C&C counts jumped in 2025 (H1 +26%, H2 +24%). Spamhaus moved from quarterly to half-year reporting in mid-2024, so periods run H1/H2.
Source: Spamhaus (Botnet C&Cs identified, biannual)
STIR/SHAKEN adoption in the RMD
Share of FCC Robocall Mitigation Database filers by certification type
From the 2021 launch to now, Complete STIR/SHAKEN certifications rose from ~12% to ~42% of filers while no-S/S (mitigation-only) fell from ~49% to ~36% — real adoption, though over a third still claim no S/S. Two anchors so far (2021-07 ZipDX snapshot, 2026-06 ours); fills in monthly from here.
Sources: FCC (RMD: Complete STIR/SHAKEN %, monthly) · FCC (RMD: Partial STIR/SHAKEN %, monthly) · FCC (RMD: No STIR/SHAKEN %, monthly)
RMD filings: total and foreign
Filings in the FCC Robocall Mitigation Database
Filings more than tripled (3,165 → 11,158) since 2021, and foreign-provider filings grew far faster (253 → 2,157) — the database's foreign footprint is expanding disproportionately. Our snapshot of the public bulk CSV.
Sources: FCC (RMD total filings, monthly) · FCC (RMD foreign voice providers, monthly)
RMD filer roles (current)
How 2026-06 filers classify themselves — a filer can hold multiple roles
Authorized to sign: SHAKEN ecosystem
STI-GA authorized service providers (SPC token holders) and approved CAs, year-end
Authorized service providers grew from 74 (2020) to 1,283 (2023) to 1,406 (2024) — the 'who is even allowed to sign' layer beneath the RMD certifications; CAs climbed 8 → 15. Annual STI-GA SHAKEN Report (gaps where a year-end figure wasn't legibly published; no 2025 report yet).
Sources: STI-GA (Authorized SHAKEN service providers, annual) · STI-GA (Approved STI Certification Authorities, annual)
RMD ↔ Form 499 compliance gap
Interconnected-VoIP 499 filers vs. how many are missing from the RMD (2026-06)
Joining the two FCC databases by FRN: of 6,334 interconnected-VoIP providers in Form 499, 3,002 don't appear in the Robocall Mitigation Database — an apparent compliance gap (some may file under a parent FRN). Only ~56% of RMD filers match a 499 FRN at all. 499 holds 20,506 filers total.
Sources: FCC (Form 499 interconnected-VoIP filers, monthly) · FCC (499 VoIP filers missing from RMD, monthly)
Voice metrics first; messaging, email and phishing, web and DNS, and cross-channel panels will fill in as those sources come online.