While ransomware and related computer exploits draw significant attention, a new Federal Trade Commission (FTC) report shows they account for only about 2% of consumer fraud reports between 2023 – 2025.
The FTC’s second annual ransomware report found that ransomware and related computer exploits represented 2.23% of all fraud complaints reported to the FTC between July 2023 and June 2025, even as foreign actors remain a persistent concern across the agency’s enforcement, education, and international cooperation efforts.
“… While ransomware and cyber-related attacks typically involve acts and actors that criminal law enforcement agencies are primarily equipped to confront, the FTC’s data security program complements these efforts and serves as a first line of defense against those attacks,” the report states.
Between July 1, 2023, and June 30, 2025, the FTC said it received more than 5 million consumer fraud reports. Of those, over half a million – 10.6% – involved cross-border fraud, with more than 144,000 consumers reporting incidents originating outside of the United States.
China accounted for the largest share of foreign-origin fraud reports during that period. Consumers reported 42,972 incidents of fraudulent business conduct believed to have originated in the People’s Republic of China (PRC), representing 7.51% of all cross-border fraud complaints.
However, ransomware and other computer exploits made up only a small portion of those reports – less than 1% of the 42,972 reports received about fraud originating in the PRC.
Instead, more than two-thirds of complaints tied to China involved online shopping fraud.
Tech support scams – often involving impersonation of well-known technology companies – remain one of the most reported fraud types overall, though they still represent a relatively small share of total complaints, the FTC said.
Since July 1, 2023, the FTC received 141,185 reports about tech support scams, accounting for 2.46% of all fraud reports. Nearly 11% of those were cross-border.
When U.S. consumers did identify a foreign origin, India and Canada emerged as the most frequently reported sources of cross-border tech fraud.
Meanwhile, consumer complaints tied to Russia, Iran, and North Korea were comparatively rare.
“Combined, consumers have filed 2,515 fraud reports about these three countries between July 1, 2023, and June 30, 2025 – 0.05% of all fraud reports received by the FTC during this period,” the report states.
Russia accounted for most of those complaints, with 1,857 reports over two years. Tech support scams represented more than a quarter of Russia-related complaints, while malware and computer exploits accounted for just 4.3%.
Reports involving North Korea were sparse and dispersed across categories, and the FTC found no reporting subcategory with more than 100 complaints. Reports involving Iran were likewise limited, but the FTC noted one complaint category exceeded 100 complaints.
While ransomware itself was rarely reported, the FTC cautioned that consumer complaint data often does not fully capture the scope of ransomware activity, partly because victims often lack key information about attackers.
“This scarcity of consumer complaints about ransomware and other computer exploits is not surprising,” the report states. “As a general matter, the FTC receives few complaints about ransomware or other computer exploits, especially when compared to other types of reported fraud.”
Nearly 95% of consumers who did report ransomware or malware incidents either identified the United States as the source or did not report a location. The FTC noted several reasons for this reporting gap, including limited consumer awareness and deliberate obfuscation by attackers.
“… Consumers typically do not know where the entities perpetrating these attacks are located,” the report states. “Foreign scammers often mislead consumers about or conceal their locations through various techniques. This is likely even more typical for criminal enterprises that initiate cyber attacks.”
In addition, the agency emphasized that consumer complaints are not the primary driver of its data security enforcement program.
“… While consumer reports are a common way that the FTC identifies targets for many fraud enforcement actions, they are not a leading source of information for its data security enforcement program,” the report states.
According to industry cybersecurity leaders, while ransomware numbers are low compared to other types of fraud, ransomware incidents in the United States have been increasing compared to previous years. Historically, the industries most targeted by ransomware are manufacturing, healthcare, technology, and education.