Social Engineering Drives 90% of Bank Fraud Losses in Ukraine for 2025, NBU Reports

Payment Card Fraud in Ukraine During 2025

According to ХВИЛЯ: The National Bank of Ukraine (NBU) has released its 2025 data on payment card fraud. The primary cause of financial losses for bank customers was social engineering, accounting for 90% of the total sum lost to fraud this year. This represents a significant increase in the risks associated with fraudulent schemes compared to 2024, when losses attributed to social engineering stood at 84%. This type of scam manipulates people into revealing sensitive information or authorizing payments themselves.

Primary Fraud Scenarios

Among the most widespread fraud tactics, four main scenarios stand out:

• Exploiting Social Aid Topics: Criminals send messages or make calls promising financial assistance from the state or international funds like the UN or Red Cross, subsequently directing victims to phishing websites.
• Calls from Fake Bank Employees: Scammers pose as security service staff or NBU employees, intimidating customers with threats of account blocking or unauthorized fund withdrawals.
• Easy Job Offers via Messengers: Fraudsters offer users money for liking products or videos, later involving them in 'investment' schemes or test purchases.
• Financial Phone Number Hijacking: Criminals create eSIM cards by tricking victims into revealing mobile operator access codes, enabling them to clone the phone number and reset online banking passwords.

Consequently, the threat of payment card fraud is intensifying, prompting the National Bank of Ukraine to urge customers to exercise caution and remain vigilant against potential scams. The sharp rise underscores the critical need for enhanced public awareness regarding the risks in financial transactions. Given that social engineering is now the dominant form of fraud, bank clients must be particularly wary of unsolicited calls and messages that may harbor malicious intent. It is vital for citizens to understand the methods used by criminals and to follow recommended practices for safeguarding their financial data.