New global research by Kaspersky quantifies the true scale of the emerging messaging app scam epidemic, revealing a threat governments and regulators are yet to deal with
Kaspersky has found that nearly two thirds (64.5%) of victims suspected that their scammers had used AI in messaging apps to snatch their cash, with over half (54%) of victims in the UK believing that fraudsters had also used advanced AI tools to create DeepFakes of family members and synthetic voices of friends. Most of these victims handed over money in 30 minutes or less.
In the UK alone, victims lose an average of £458.45 per scam. Globally, if just 10% of the world's 3 billion messaging app users are affected, given the rapid spread of cross-platform fraud, total losses could exceed $219.9 billion. In the UK, only around a quarter of victims report the crime to police (24%) or their bank (27%).
AI as a scamming tool
The
era of badly written, obviously suspicious messages is over. Nearly two thirds
of victims globally (64.5%) believe AI was used against them. Research found
over half (54%) of UK victims believed that scammer’s deployed AI tools like
synthetic voices and deepfake images to impersonate family members, friends,
and trusted brands. By replicating writing styles and personal relationships,
these attacks bypass instinctive scepticism regardless of how digitally experienced
a target considers themselves to be.
Kaspersky’s research uncovered that victims span every generation, from Gen Z through to Gen X, underscoring that speed, familiarity, and language, not naivety, are the real vulnerabilities being exploited.
Scammed in minutes
Speed
is the defining feature of modern messaging fraud. More than half of all UK
victims (56.7%) handed over money or personal information within 30 minutes of
first contact. Over 1 in 10 (12.2%) did so within five minutes. Scammers rarely
operate on a single platform either, with nearly two thirds of scams (63%)
crossing multiple channels, moving from SMS to WhatsApp or from WhatsApp to Telegram,
to mimic legitimate conversations and avoid detection.
The most common formats in the UK are investment scams (40%), fake delivery notifications (38%), and brand impersonation (35%). These are deliberately engineered to blend into everyday digital interactions, exploiting urgency and familiarity to extract money or data before doubt can set in.
Dr Elisabeth Carter, forensic linguist and criminologist at Kingston University London, said: "Fraudsters use recognised contexts, familiar social settings and embedded linguistic norms to make victims feel their decision-making is rational and reasonable in the moment. What is actually happening is that they construct false realities in which those decisions end up causing financial and psychological harm.”
A cost-of-living crisis within a crisis
The
financial blow lands hardest on those already stretched. At a time when £458
can represent a month of food shopping, utility bills, or childcare fees, the
impact of a single scam extends well beyond the immediate loss. For nearly 1 in
10 victims (9.1%), losses exceed £1,000. More than a quarter (28%) report being
targeted three or more times in a six-month period, demonstrating a shift from
opportunistic theft to industrialised, repeat targeting.
Amongst all respondents, millennials are disproportionately exposed to investment and financial opportunity scams (40% of Millennial respondents), a pattern consistent with the financial anxiety and wealth aspiration that scammers deliberately exploit in a generation locked out of traditional routes to financial security.
The wider economic picture
More
than half of all scams captured in the research (52%) occurred within the past
five months, a sign that exposure is accelerating rather than stabilising. The
combination of low reporting rates, rapid AI adoption by criminal networks, and
the sheer volume of messaging traffic means the true economic cost remains
largely invisible in public data.
Marc Rivero, Lead Security Researcher at Kaspersky's Global Research and Analysis Team, said: "This is a highly organised and industrialised approach to fraud, targeting people at speed and scale through every messaging channel. AI is accelerating the trend, helping scammers convincingly imitate brands, familiar voices, and personal relationships. Simply being aware is no longer sufficient protection. People need to recognise risks earlier, before being pressured into hasty decisions, and combine cautious habits with security tools that detect and block threats in real time."
Urgent action is needed to prevent further economic harm
Messaging scams have become a macroeconomic issue, a slow, silent drain on public wealth that weakens personal financial resilience and erodes trust in digital systems. It’s no longer just a cybersecurity concern; it’s a matter of economic safety.
The research highlights the need for decisive, ongoing actions to combat messaging scams. As the nature and scale of these scams evolve, Kaspersky urges individuals to adopt stronger security practices, such as:
- Use robust device security in real-time: install comprehensive security software such as Kaspersky Premium that provides real-time protection against malicious links and phishing attempts across the apps and websites you use every day. On mobile, a new layer of anti-phishing security scans suspicious links as they appear, even within notifications, identifying threats before you engage.
- Strengthen your password management: use a password manager such as Kaspersky Password Manager to safely store your passwords, and auto-fill your details across websites, apps, and devices.
- Stay informed about digital scams: Educate yourself and your family on common messaging scams and red flags, ensuring everyone remains vigilant.
- Invest in robust security tools: businesses can deploy advanced monitoring tools such as Kaspersky Brand Monitoring, which can help detect misuse of their brand across social media, online marketplaces, and parts of the dark web, and support timely investigation and takedown efforts.
For more information on Kaspersky’s insights and recommendations for safer online interactions, visit Kaspersky Daily.
The full research report is available here.
