Trustmi published the 2025 Socially Engineered Fraud & Risk Report, showing that 83.6% of enterprises faced at least one fraud attempt in the past year. The study highlights weak coordination across teams, systems, and processes as a key driver of risk, leaving U.S. businesses exposed to costly fraud. Notably, 34.4% of respondents said gaps between finance and security teams contributed to a recent fraud incident or near miss.
The financial toll is steep: For organizations reporting direct losses, nearly half (47.6%) lost $500K or more in a single incident, and one in four lost over $1 million from a single attack. The survey, which polled 525 finance and security leaders at $1B+ revenue enterprises, found that these incidents are increasingly adaptive, multi-step campaigns that exploit organizational silos as much as technical weaknesses. Attacks are also becoming more frequent, with nearly one in six enterprises facing fraud attempts every week.
“GenAI has weaponized fraud into a coordinated business attack,” said Shai Gabay, CEO and Co-Founder of Trustmi. “Attacks now cross multiple systems, exploiting every gap between teams and tools. Without unified visibility and coordination, enterprises will continue to face threats no single control can stop.”
Everyday Fraud, Extraordinary Costs
Social engineering attacks are no longer isolated—they’re routine. Nearly one in four enterprises report multiple fraud attempts a year, and 15.7% face attacks weekly or more. Among organizations with losses:
- 26.75% lost over $1 million in a single incident
- 29.19% lost between $500K–$1M
- 22% lost between $100K–$500K
Collaboration Chasm Between Finance and Security
The report reveals that the biggest vulnerability isn’t just in technology, but in team alignment. Ownership of fraud prevention remains fragmented, leaving enterprises exposed to attacks that no single group can see from start to finish.
- Only 27% of respondents said fraud prevention ownership is shared between finance and security teams
- The majority pointed to a single team, with finance and security leaders nearly evenly split on who should own it.
- 34.5% of respondents cited misalignment between the two groups as a factor in a recent fraud or near miss
Multi-System Attacks, Legacy Controls Failures
The report also found that traditional safeguards are buckling under AI-enhanced pressure and cross-platform attacks. In 88% of major incidents, at least one critical control failed, often more. The survey also found that 70% of incidents spanned multiple platforms and teams, compounding the chance of breakdown as fraudsters moved across systems.
The controls with the highest failure rates included:
- Email and messaging security: 44.6%
- Employee security awareness training: 32.2%
- Compromised third-party vendors: 31.6%
- Threat detection/escalation process: 27.85%
- Bank account validation tools: 26.5%
Human Error Still Exploited
In addition to system failure, the 2025 report also examines how attackers successfully bypassed systems, highlighting process gaps and operational realities that are sometimes directly tied to siloed workflows. The top factor cited was human error at 46.10%. Other factors cited included:
- Email looked legitimate at 40.57%
- Trusted but compromised source: 32%
- Fraud crossed multiple systems: 31.62%
- Security tools missed it: 25.33%
- Validations followed but were ineffective: 21.52%
Closing the Fraud Gap
The report outlines four priorities for enterprises to reduce risk: unify fraud prevention ownership, deploy cross-platform detection, build GenAI-resilient defenses, and track the full operational and compliance impact of fraud, not just direct losses.
About the 2025 Survey
Trustmi’s Q2 2025 survey polled 525 mid-to-senior finance and cybersecurity leaders at large U.S. enterprises across financial services, technology, healthcare, manufacturing, and retail. All respondents represented organizations with annual revenues of $1 billion or more.
To learn more details about this Trustmi research and how to bridge the gaps between finance and security teams, read the complete The Trustmi 2025 Socially Engineered Fraud & Risk Report here.
Related News:
