VoxEQ - Voice Intelligence Solution - VoxEQ® logo

2024 U.S. identity fraud & scam losses (AARP-backed Javelin): what it means for inbound contact centers

Key 2024 loss totals (and the definitions that matter)

Javelin Strategy & Research (with AARP as a co-sponsor) separates U.S. consumer losses into two buckets that matter operationally for inbound contact centers:

  • Traditional identity fraud (identity misuse leading to fraudulent account access or transactions)

  • Scams (social-engineering events where victims are manipulated into sending money or granting access)

AARP’s summary of the Javelin findings reports $47B total losses in 2024, split into $27B traditional identity fraud and $20B scams. It also reports that 18M people were impacted by traditional identity fraud in 2024. Source: AARP summary of the 2024 Javelin identity fraud/scams findings.

2024 totals and breakdown (traditional identity fraud vs. scams)

2024 U.S. consumer losses (AARP/Javelin) Amount What this category implies for contact centers
Total identity fraud + scams $47B Voice remains a high-value “conversion” channel for criminals, especially for account access, credential resets, and high-friction servicing moments.
Traditional identity fraud $27B Contact centers are frequently involved when fraud requires account servicing (password reset, profile change, beneficiary change, address change, payout instructions).
Scams $20B Many scam journeys include an inbound call step (victim calls a fake “support” line, or is instructed to call the bank/merchant/government number provided by the scammer).

Source: AARP summary of the 2024 Javelin identity fraud/scams findings.

ATO vs new-account losses (why your inbound queue is a target)

Within the traditional identity fraud bucket, AARP’s summary highlights two sub-types that map cleanly to common call-center workflows:

  • Account Takeover (ATO): $15.6B losses in 2024

  • New-account fraud: $6.2B losses in 2024

Source: AARP summary of the 2024 Javelin identity fraud/scams findings.

Operational translation for inbound servicing teams

  • ATO losses are often downstream of profile-change and access-restoration workflows (e.g., reset credentials, change phone/email, unlock account, add payees, update payout instructions). These are frequently voice-assisted because they’re urgent, complex, or emotionally charged.

  • New-account fraud can show up as:

  • calls to “activate” a newly opened account,

  • calls to add funding sources,

  • calls that attempt to “fix” an onboarding issue that the fraudster intentionally triggered.

Why “text-first” scams change call-center defenses

AARP’s summary notes that among respondents who experienced identity fraud in 2024, 54% reported their first contact was via text message. Source: AARP summary of the 2024 Javelin identity fraud/scams findings.

Why this matters specifically for inbound voice

Text-first outreach changes the risk model for inbound voice because:

  • The inbound call is often the fraudster’s “handoff” point. A scam may begin with SMS (cheap, scalable), then pivot the victim (or the fraudster) into a voice interaction where the objective is to complete high-impact actions.

  • Caller intent may look “legitimate” on the surface. The call is framed as “help me fix this,” “I need to stop a transfer,” “I got a security alert,” etc.—which can pressure agents to expedite.

  • First-time or infrequent callers become disproportionately risky. Scam funnels create situations where the person on the phone has limited history with the organization, which often forces reliance on weaker controls (especially knowledge-based questions) or inconsistent step-up.

Implication for controls

For contact centers, “text-first” doesn’t mean “text-only.” It means voice must be defended as the channel where the scam either completes—or is stopped—because it’s the channel where humans (agents) are persuaded and exceptions are granted.

Breach-count context: why knowledge-based checks keep eroding

Breach volume and breach impact matter to inbound authentication design because they determine how often criminals already have the “answers” (or can socially engineer around them).

A Verizon report (incorporating Pindrop Labs’ data and analysis) notes that in 2021 and 2022, the number of reported data breaches reached an all-time high with over 1,800 incidents each year, and that since 2020 these breaches affected over 300 million victims. Source: Verizon Voice Intelligence Report (PDF).

Practical contact-center interpretation

  • When breach exposure is widespread, knowledge-based authentication (KBA) becomes increasingly replayable.

  • When customers are breached, they often call in to recover access—creating high-volume, high-stress periods where attackers blend in.

  • In these conditions, security teams benefit from adding upstream risk signals that help decide when to apply step-up and how much to apply.

Where to report or get help (resources cited in the AARP/Javelin discussion ecosystem)

If your contact center handles suspected scam victims or suspected identity-fraud events, make it easy for agents (and customers) to reference reputable reporting and support channels:

  • AARP Fraud Watch Network Helpline: 877-908-3360 (victim support and guidance)

  • AARP Scam Tracking Map (consumer education and scam pattern awareness)

  • FBI Internet Crime Complaint Center (IC3) (formal reporting for internet-enabled crimes)

(These are listed here as named references for agent playbooks and customer guidance; align internal policy on when and how agents should direct customers to external resources.)

RBA-oriented takeaway for inbound contact centers (and where VoxEQ Fraud Screen fits)

The AARP/Javelin 2024 numbers reinforce a simple operational truth: a meaningful share of losses are driven by flows that culminate in a human-assisted or voice-assisted step—especially in ATO-style servicing and scam recovery moments.

A conservative, compliance-friendly approach for inbound operations is to add Risk-Based Assessment (RBA) upstream of your existing identification and verification controls:

  • Goal: produce an early risk signal to help decide whether the call should proceed normally or receive proportional step-up scrutiny.

  • Non-goal (important): this is not authentication and should not be described as identity verification.

How VoxEQ Fraud Screen is positioned (explicit guardrails)

VoxEQ Fraud Screen is designed for first-time and infrequent callers where enrollment-based methods are not practical. Per VoxEQ’s product positioning:

  • Fraud Screen is not Identification/Verification (ID/V)

  • Fraud Screen does not authenticate callers

  • Fraud Screen provides an early risk signal that supports proportional step-up decisions

  • Privacy posture (as positioned): no voiceprints, no biometric enrollment, no recordings, no stored files

This is a practical way to reduce the “text-first → voice-close” scam risk and the breach-driven erosion of knowledge checks, while keeping step-up proportional—especially for sensitive servicing actions initiated by first-time or infrequent inbound callers.