When Accounts Become Targets: Payment Fraud and Phishing Surge
Germany's financial fraud crisis deepens as cybercrime surges in 2025
Transferring money online, sending payments via app, or shopping with a single click—today, these tasks are quick and convenient. But as everyday use of online accounts and payment services grows, so does the risk of falling victim to fraudsters.
More and more people are becoming targets of payment fraud online, according to data from Germany's Federal Criminal Police Office (BKA). In 2025, police crime statistics recorded roughly 96,400 cases of fraud involving bank accounts and payment cards—a five percent increase over the previous year.
The figures include incidents where stolen cards were used for payments, as well as methods like phishing and smishing. In these schemes, fraudsters exploit account and security credentials obtained through emails, SMS, or WhatsApp messages to gain access to victims' accounts. Meanwhile, the clearance rate remains low—perpetrators were caught in just one-fifth of cases.
Scammers are also growing more sophisticated, devising new tactics or refining their emails and messages with the help of AI to make them more personalized and convincing.
Cross-Border Fraud on the Rise
The number of cases originating abroad has seen a particularly sharp increase. These are crimes likely committed from outside Germany but affecting victims within the country.
Total losses in 2025 reached €2.25 billion—a staggering 65 percent jump from the previous year. The actual figure is likely much higher, as statistics only account for reported cases. Authorities estimate that 80 percent of all incidents go unreported.
Whether police and the justice system can effectively combat these crimes remains uncertain. The clearance rate for cross-border fraud is negligible (1.4 percent), leaving authorities with little recourse beyond repeatedly warning the public about scammers' tactics.
Liability Loopholes Leave Victims Vulnerable
Consumer advocates criticize the fact that victims of account fraud often end up bearing the financial burden—even though banks are legally required to reimburse customers for unauthorized transactions.
In phishing and smishing cases, however, banks and payment service providers frequently accuse victims of gross negligence, as an analysis by the Federation of German Consumer Organizations (vzbv) reveals. When this claim is made, reimbursement is denied.
The vzbv also reported a 54 percent surge in complaints related to cybercrime involving financial services last year. Issues included phishing attacks, identity theft, and unauthorized account withdrawals.
