Identity Theft Statistics and Trends in 2026: What the Data Shows

Identity theft is not slowing down — it is accelerating. The numbers for 2024 and 2025 paint a stark picture: more victims, higher losses, and increasingly sophisticated attacks powered by artificial intelligence. Understanding the scale of the problem is the first step toward protecting yourself. Here is what the latest data shows.

The Numbers: Identity Theft by the Data

The Federal Trade Commission received 1.14 million identity theft reports in 2024, representing a 9.5% increase from 2023. Total fraud losses reported to the FTC reached $12.5 billion in 2024, a staggering 25% increase over the previous year. But the FTC numbers capture only a fraction of the problem — most identity theft goes unreported.

Javelin Strategy and Research, which uses a broader methodology, estimated $27.3 billion in total identity fraud losses and 18 million victims in 2025. That means roughly one in every 15 American adults experienced some form of identity fraud in a single year.

The Rise of AI-Driven Fraud

Artificial intelligence has transformed the identity theft landscape. Deepfake fraud attempts have surged 2,137% over a three-year period, making it increasingly difficult to distinguish genuine communications from synthetic ones. An estimated 43% of identity fraud now involves AI in some capacity — whether through AI-generated phishing emails, deepfake voice calls, or synthetic identity creation.

Fraudsters use AI to clone voices from short audio clips, generate realistic fake IDs, create convincing phishing messages tailored to specific targets using data harvested from data brokers, and produce deepfake videos for real-time video verification fraud.

Types of Identity Theft: Where the Damage Hits

Identity theft manifests in many forms, and understanding the most common types helps you know where to focus your defenses.

• Credit card fraud remains the most frequently reported type, accounting for the largest share of FTC identity theft complaints. Criminals open new accounts or hijack existing ones to make unauthorized purchases.
• Government benefits fraud surged during and after the pandemic. Criminals file false claims for unemployment benefits, Social Security, and other government programs using stolen identities.
• Loan and lease fraud involves opening auto loans, personal loans, or real estate leases in the victim's name. Victims often do not discover the fraud until they check their credit report or are contacted by a collections agency.
• Tax fraud occurs when criminals file fraudulent tax returns using someone else's Social Security number to claim refunds. Victims typically learn about it only when their legitimate tax filing is rejected.
• Medical identity theft is particularly dangerous because it can introduce false information into your medical records, potentially leading to dangerous treatment decisions.

Multi-Layered Attacks Are the New Normal

Modern identity theft is rarely a single incident. Javelin's research found that 25.6% of identity theft victims face two or more concurrent incidents. A criminal who obtains your Social Security number may simultaneously open a credit card, file a tax return, and apply for a loan — all before you receive the first alert.

Device compromise has become a major entry point, increasing 78% year-over-year from 15.3% to 27.2% of all identity compromises. This includes malware, SIM swapping, and account takeovers facilitated by compromised smartphones and computers.

Synthetic Identity Fraud: The Invisible Threat

Synthetic identity fraud — where criminals combine real and fabricated information to create entirely new identities — accounted for 20% of all fraud losses in the first half of 2025. These synthetic identities are built using real Social Security numbers (often belonging to children, seniors, or the deceased) combined with fake names and addresses.

Synthetic fraud is particularly insidious because there is no single victim who receives an alert. The real person whose Social Security number was used may not discover the fraud for years, and the financial institution may not realize the identity is fake until significant losses have accumulated.

Who Is Most Affected?

Identity theft impacts every demographic, but some groups are disproportionately affected.

• Ages 30-39 and 40-49 report the highest number of identity theft incidents to the FTC, likely because they have the most active financial profiles — mortgages, credit cards, and established credit histories.
• Ages 20-29 are increasingly targeted through social media and device-based attacks.
• Children under 18 are a rapidly growing target category, with their untouched credit histories making them ideal for synthetic identity fraud.
• Seniors over 60 suffer the highest per-incident financial losses, with average losses significantly exceeding those of younger victims.

How to Protect Yourself

No single measure eliminates identity theft risk, but a layered defense strategy dramatically reduces your exposure.

1. Freeze your credit at all three bureaus (Equifax, Experian, TransUnion). A credit freeze prevents anyone from opening new accounts in your name and is free to set up and lift.
2. Enable two-factor authentication on every account that supports it, prioritizing email, banking, and social media. Use an authenticator app rather than SMS when possible.
3. Monitor the dark web for your personal information. If your data appears in a breach or on an underground marketplace, early detection lets you act before criminals do.
4. Remove your data from broker sites. The less personal information available about you online, the harder it is for criminals to impersonate you or craft targeted attacks.
5. Review your credit reports regularly through annualcreditreport.com — you are entitled to free weekly reports from all three bureaus.
6. Use unique, strong passwords for every account and manage them with a password manager.

The Role of Data Removal in Identity Theft Prevention

Data brokers make identity theft easier by aggregating and exposing the personal details that criminals need — your full name, date of birth, addresses, relatives, phone numbers, and more. Every data point publicly available about you is a tool a thief can use to pass security questions, impersonate you, or build a synthetic identity.

PrivacyOn's approach addresses this directly. By removing your data from over 100 data broker and people search sites and continuously monitoring for re-listings, PrivacyOn reduces the raw material available to identity thieves. Combined with dark web monitoring that alerts you when your information appears in breaches or underground markets, PrivacyOn provides a comprehensive early warning and prevention system.

The statistics are clear: identity theft is growing in scale, sophistication, and financial impact. Waiting until you become a victim is the most expensive option. Proactive protection — including credit freezes, two-factor authentication, and data removal — is the most effective defense available.