Surfshark Study Finds Documented Deepfake Fraud Losses Reached $3.7 Billion, With 47% Originating on Social Media

Reviewed by Irfan Ahmad.

A Surfshark study found recorded global losses from verified deepfake incidents with documented financial losses reached $3.7 billion between January 2020 and June 2026. The study identified social media as the largest origin category, accounting for $1.73 billion, or 47%, of the total.

According to the study, recorded losses totaled $83 million between 2020 and 2023, rose to $335 million in 2024, increased to $2.5 billion in 2025, and reached $764 million during the first half of 2026. Together, 2025 and the first half of 2026 accounted for 89% of recorded losses.

Impersonation fraud ranked second with $911 million, or 25%, followed by $333 million linked to crypto ATM fraud in 2025 and $100 million from fake job candidate schemes. The study also reported losses through phone calls ($71 million), video platforms ($62 million), messaging apps ($41 million), and email ($12 million).

Recorded deepfake scam losses climbed dramatically since 2020, prompting stronger identity verification and online security recommendations worldwide.
Image: Surfshark

The analysis combined verified incidents from the AI Incident DatabaseResemble.AI, and the OECD. Surfshark described the figures as a conservative estimate based on publicly reported incidents involving synthetic video, image, or audio with clearly documented financial losses.

In comments emailed to DIW, Surfshark Research Lead Luís Costa said social media gives scammers access to large audiences. "A single deepfake video can go viral in hours, reaching millions of potential victims before it's detected or removed. No other channel offers that kind of reach at zero cost," Costa said.

Costa also shared several recommendations, including verifying investment offers through official channels, using a family "safe word" to confirm identities during urgent calls, limiting the public sharing of high-resolution audio and video, and using biometrics or hardware security keys instead of SMS-based authentication where possible.

Read next: Testing the limits of what’s possible (and what isn’t) with AI
Previous Post Next Post