Blog

Social Engineering Frauds – 2021 Stats [UPDATED!]

Angela Sarno

Vice President, Marketing | Champion of Vendor Identity, Writer of Pithy Headlines

[This blog was originally published in June 2021 but has been updated in February 2026 to reflect new data about procurement fraud.]

The 2021 numbers are in… and fraudsters are still gonna fraud.

While these statistics reflect 2021 data, the underlying patterns remain highly relevant today—many of the same control gaps continue to drive successful fraud.

Back in 2021, we offered a rundown based on the Association of Financial Professionals 2022 Payments Fraud and Controls Survey and the FBI’s Internet Crime Report for 2021.

Together, these reports offer a snapshot of how organizations were managing payments and procurement fraud at the time—and where gaps persisted despite growing awareness.

That data showed that attempts and actual frauds were down year over year (71% in 2021 vs. 74% in 2020). There are no conclusive data points to explain why, but there is a notion that education is paying off for those who are usually targeted.  Our counterpoint to this? Fraud tactics evolve all of the timeSo be sure your employee education also evolves at this rate: all of the time.

At the time, a good chunk of you (17%!) were not doing any payment beneficiary, aka, supplier banking verification.  And those of you who were? You were not necessarily checking every one of your suppliers banking data in your verification process.  Or, more likely, you believed your process was being followed 100% of the time, but have not actually audited it to be certain.

This year, we’ve looked at the 2025 AFP® Payments Fraud and Control Survey and the FBI’s latest Internet Crime Report —and while some trends remain familiar, the data underscores just how persistent and costly payments and procurement fraud continues to be.

First, the sobering news: Payments fraud is rising. According to AFP, 79% of organizations were victims of payments fraud attacks or attempts in 2024, up from prior years. Business Email Compromise (BEC) remains the dominant threat vector, with 63% of respondents identifying it as the leading avenue for fraud attempts. The FBI reported 21,442 BEC complaints in 2024 alone, resulting in a staggering $2.77 billion in losses.

Payment methods under attack continue to evolve. Checks remain the most frequently targeted payment method, with 63% of organizations reporting check fraud. Meanwhile, wire transfers have reclaimed the top spot as the payment type most vulnerable to BEC—surpassing ACH credits. Fraud tactics themselves are also shifting. Executive impersonation schemes declined to 49%, while vendor impersonation rose to 60%. Third-party impersonation remains the most common BEC tactic at 63%. The lesson? Fraudsters adapt quickly—and so must your defenses. Employee education, verification protocols, and monitoring practices cannot remain static.

Now, a mixed picture on recovery. Only 22% of organizations were able to recover 75% or more of funds lost to payments fraud in 2024—a sharp drop from 41% in 2023. However, 58% were able to recoup up to 75% of lost funds, an improvement from the prior year. Recovery is possible—but far from guaranteed, and increasingly uncertain.

And finally, a critical control issue remains: supplier banking verification. While awareness has increased over the years, many organizations still struggle with consistent enforcement. Whether it’s incomplete verification of supplier banking changes, inconsistent adherence to internal procedures, or a lack of audit validation to confirm controls are operating as intended, gaps in execution continue to create opportunity for fraudsters. In other words, procurement fraud isn’t going anywhere.

The overarching takeaway? Fraud is not declining. It is evolving. Controls must evolve just as quickly—continuously reviewed, tested, and reinforced.

In February we had a live event with Christopher Arehart, SVP  Product Manager a at Chubb where we were reflecting on the 2021 AFP survey, where 65% of respondents said they had a process in place to verify banking.  From his seat as the product manager for crime, where he sees the aftermath of successful payments fraud scams daily, he offered this:

I would call out these statistics as aspirational, at best. I don‘t see 65% of submissions (for insurance policies) actually making phone calls. They may have a policy that says you’re supposed to be doing it, but when push comes to shove, it’s not really happening.

We see this quite a lot in the folks we talk to, and we read a lot about it in the press as well.  As in these two recent examples:

Bernallio County, New Mexico sent nine payments to a fraudster. How?  Their process wasn’t followed, and no one was auditing it. It’s worth noting that in this case, even if the process had been followed, it does not appear to involve verifying the bank account ownership.

St. Peterborough, NH paid a $2.3M price for a “simple human failure to follow established procedures [which] allowed the scam to succeed…” This one was three payments initiated by three different fraud scams in four weeks. In each of these instances, the process was not followed.

All of this to say that while it is great the attempts are down, if we expect the successful frauds to also stay down, organizations need to be more vigilant in continuously testing and improving their controls. Procurement fraud never sleeps, and neither should you. Even the most thoughtfully built vendor onboarding and verification process only works if your humans actually follow it.

We will be at the TMANY New York Cash Exchange in June, with Mr. Arehart from Chubb, talking about what you should be asking your risk team and your insurance company about your process, what is protected, and how these types of scams succeed despite your best efforts.

Payments Fraud and Your Vendor Master: The Risk Inherent in Your Verification Process

June 7, 11 AM

Sign Up Here

Get Ready for Vendor Management Day 2026

Vendor Management Appreciation Day (VMAD) returns this year—and we’d love to have you join the celebration. There’s never a wrong time to recognize one of the most essential yet often overlooked functions in every organization: vendor management.

We’re already preparing for this year’s festivities, and we want the entire community to be part of it. VMAD was created to bring vendor management professionals together, spotlight the innovation happening in the field, and give this important work the recognition it deserves.

Throughout the year, we’re rolling out monthly gifts and resources to help elevate your vendor management practice. We’re also planning a series of events designed to spark connection, learning, and celebration across the profession.

While you wait for the big day, explore what’s new—and grab some free vendor management goodies.

Want Help Aligning Teams On Procurement Fraud?

Explore our blogs below. They’re filled with action items you can implement right away.

What Is Business Identity? Why It Matters, and How to Get It Right

Why Supplier Verification Is the First Line of Defense Against Risk

The Supplier Risk Assessment Process: A Step-by-Step Framework

Why Supplier Lifecycle Management Is the New Frontline of Cybersecurity

Interested in More Tips On Procurement Fraud?

Subscribe to our blog

Want Personalized Guidance On Procurement Fraud?

Contact Us–we’d love to help you

People Also Ask—Procurement Fraud FAQs

Are you interested in knowing more?

Contact Us

Procurement fraud refers to schemes that exploit purchasing, vendor management, or payment processes for personal or financial gain. These schemes can involve internal employees, external vendors, or a combination of both. Common examples include fake or shell vendors, invoice manipulation, and unauthorized changes to vendor master data. Procurement fraud often occurs gradually and blends into routine operations, making it difficult to detect without strong controls and visibility.

Let us show you how we can help

We’d love to walk through your process with you and talk about security, compliance, efficiency and sleeping better at night.

See How it Works