In one analysis, retail had 27% of vulnerable assets across cloud, APIs, and web applications.

In 2025 (through 7/2/2025), four retail, four insurance, and three aviation firms attacked by Scattered Spider.

Retail trade accounted for only 4% of total ransomware victims in Q2 2025.

Retail fraud doubled, with the sector experiencing an average of one fraud attempt in every 127 calls in 2024. This is five times higher than financial institutions.

Retail saw a +107% increase in synthetic voice attacks in 2024.

Retail fraud is projected to more than double again, reaching 1 in every 56 calls in 2025.

48% of retailers lack visibility into how AI models handle customer data.

12% of respondents knew someone working at a retailer involved in insider fraud.

6% of respondents knew someone working in fulfilment services involved in insider fraud

18% of respondents said they’d been exposed to influencers recommending retail fraud online.

15% of respondents said they’d consider more serious retail fraud under the right circumstances.

A third (34%) of respondents argued that fraud up to £100 is permissible.

Most (58%) assume retailers can and should absorb the costs of fraud without a major impact on their business or prices.

21% of respondents said they had heard about retaile fraud from colleagues.

Nearly a fifth (16%) of respondents said they consider retail fraud a victimless crime.

A quarter (23%) of respondents admitted they’ve been tempted to commit fraud.

The majority (82%) of respondents said they had heard about retail fraud from friends, family, colleagues, and classmates.

15% of respondents said they had heard about retaile fraud from family.

9% of respondents said they had heard about retaile fraud from classmates.

18% of respondents claimed to personally know someone involved in insider fraud.