The FBI has been tracking cybercrime complaints since 2000. In that time, it has tracked phishing, ransomware, business email compromise, romance scams, tech support fraud, and dozens of other categories. The 2025 annual report, published this week, added a new category for the first time: AI-facilitated cybercrime.
The inaugural year of tracking produced a number that surprised even researchers who had been watching the space closely: $893 million in losses from 22,364 complaints in which victims specifically identified artificial intelligence as a component of the fraud they experienced.
That figure almost certainly understates the true scale.
The Measurement Problem
When someone files an IC3 complaint, they describe what happened to them in their own words. A grandmother who received a call in her grandson’s AI-cloned voice, panicked, and wired $4,000 to bail him out of a fake arrest typically describes the incident as “my grandson called me from jail and said he needed money.” She does not write “I was victimized by AI voice cloning.”
The FBI’s AI fraud category captures only complaints where victims explicitly identified AI as a component of the attack. Security researchers estimate that voice cloning alone, which is often indistinguishable from a real call, produces millions of victimizations per year that are reported — if at all — as grandparent scams, government impersonation, or romance fraud.
The $893 million is a floor, not a ceiling.
What AI Fraud Actually Looks Like in 2026
The FBI’s new category encompasses several distinct attack types that are already well-documented in 2026:
Voice cloning remains the highest-volume AI fraud vector. Commercial voice cloning services can replicate a person’s voice from three seconds of audio with sufficient fidelity to deceive family members in an emotionally heightened moment. Fraud-as-a-Service platforms on dark web marketplaces now offer voice cloning subscriptions for under $50 per month, paid in cryptocurrency — putting the technology within reach of any fraud operation regardless of technical sophistication.
A CNN investigation published May 29 documented a California mother who lost thousands of dollars after a call using her daughter’s cloned voice. The call was indistinguishable from a real emergency. The mother had no reason to believe the voice was synthetic.
Deepfake video is increasingly used in romance scam and business email compromise attacks. Scammers conduct live video calls using real-time face-swap technology that overlays a different face on the operator’s image, allowing a romance scammer to present as a person they are not for extended periods, including video calls that would previously have exposed identity fraud.
AI-generated phishing — personalized, contextually accurate lures written by language models using scraped personal data — is the technique behind the 27% click rate campaigns documented earlier this week. The output is indistinguishable from legitimate professional communication because it is written using the same language patterns.
Synthetic identity fraud using AI-generated document images is expanding in the financial services sector. AI systems can generate convincing fake driver’s licenses, passports, and utility bills that defeat standard identity verification processes not designed to detect synthetic media.
Federal Enforcement Catches Up
The TAKE IT DOWN Act, signed by President Trump one year ago, became the first US federal law specifically addressing AI-generated nonconsensual imagery. On May 19, 2026 — the law’s anniversary — the FTC activated its platform-compliance enforcement provisions, requiring platforms to remove flagged content within 48 hours or face $53,088 per-violation civil penalties.
Within 24 hours, federal prosecutors in Brooklyn unsealed criminal charges against two men — Cornelius Shannon and Arturo Hernandez — for using AI tools to generate deepfake pornographic imagery depicting 140 victims with nearly three million combined views. These were the first major federal prosecutions under the TAKE IT DOWN Act’s criminal provisions.
The prosecutions signal that federal law enforcement is treating AI-generated fraud and abuse as a prosecutable crime at the federal level rather than leaving enforcement to the patchwork of state laws that existed before 2025. That shift matters: state-level enforcement is slow, inconsistent, and jurisdiction-dependent in ways that fail victims when perpetrators cross state lines or operate from overseas.
Protecting Yourself Against AI Fraud
The standard advice — don’t click suspicious links, verify who you’re talking to — was written for a threat model that no longer covers the current landscape. AI voice cloning defeats the “I recognize their voice” check. AI phishing defeats the “this email looks suspicious” check. AI-generated video defeats the “we did a video call” verification step.
What still works:
Establish a family safe word — a pre-agreed code word that anyone claiming to be a family member in distress must provide before money changes hands. No AI system calling you can know a private word you agreed on offline.
Always call back on a known number. If your bank calls you, hang up and call the number on the back of your card. If your grandson calls in distress, hang up and call his actual number. Real emergencies survive a 30-second callback. Scams do not.
Treat any payment request with urgency as a red flag. Legitimate banks, government agencies, and legal authorities do not demand immediate gift card payments or wire transfers. The pressure to act now before you can think or verify is a defining characteristic of fraud, regardless of how convincing the caller sounds.
Use phishing-resistant MFA for accounts that could be compromised if a phishing email succeeds. Hardware keys make stolen credentials useless, even against the most convincing AI-generated lures.
The FBI’s new AI fraud category will grow. The $893 million figure for 2025 will almost certainly be higher in 2026 as voice cloning capabilities improve, as FaaS platforms lower access costs further, and as criminal networks invest in the tools that are proving most effective at scale.
The question is whether enforcement and victim awareness keep pace. The gap between them is where the losses live.
