Meta internally projected late last year that it would earn about 10% of its overall annual revenue – or $16 billion – from running advertising for scams and banned goods, internal company documents show.

A cache of previously unreported documents reviewed by Reuters also shows that the social-media giant for at least three years failed to identify and stop an avalanche of ads that exposed Facebook, Instagram and WhatsApp’s billions of users to fraudulent e-commerce and investment schemes, illegal online casinos, and the sale of banned medical products.

On average, one December 2024 document notes, the company shows its platforms’ users an estimated 15 billion “higher risk” scam advertisements – those that show clear signs of being fraudulent – every day. Meta earns about $7 billion in annualized revenue from this category of scam ads each year, another late 2024 document states.

Much of the fraud came from marketers acting suspiciously enough to be flagged by Meta’s internal warning systems. But the company only bans advertisers if its automated systems predict the marketers are at least 95% certain to be committing fraud, the documents show. If the company is less certain – but still believes the advertiser is a likely scammer – Meta charges higher ad rates as a penalty, according to the documents. The idea is to dissuade suspect advertisers from placing ads.

The documents further note that users who click on scam ads are likely to see more of them because of Meta’s ad-personalization system, which tries to deliver ads based on a user’s interests.

The details of Meta’s confidential self-appraisal are drawn from documents created between 2021 and this year across Meta’s finance, lobbying, engineering and safety divisions. Together, they reflect Meta’s efforts to quantify the scale of abuse on its platforms – and the company’s hesitancy to crack down in ways that could harm its business interests.

Meta’s acceptance of revenue from sources it suspects are committing fraud highlights the lack of regulatory oversight of the advertising industry, said Sandeep Abraham, a fraud examiner and former Meta safety investigator who now runs a consultancy called Risky Business Solutions.

“If regulators wouldn’t tolerate banks profiting from fraud, they shouldn’t tolerate it in tech,” he told Reuters.

In a statement, Meta spokesman Andy Stone said the documents seen by Reuters “present a selective view that distorts Meta’s approach to fraud and scams.” The company’s internal estimate that it would earn 10.1% of its 2024 revenue from scams and other prohibited ads was “rough and overly-inclusive,” Stone said. The company had later determined that the true number was lower, because the estimate included “many” legitimate ads as well, he said. He declined to provide an updated figure.

“The assessment was done to validate our planned integrity investments – including in combatting frauds and scams – which we did,” Stone said. He added: “We aggressively fight fraud and scams because people on our platforms don’t want this content, legitimate advertisers don’t want it and we don’t want it either.”

"Over the past 18 months, we have reduced user reports of scam ads globally by 58 percent and, so far in 2025, we’ve removed more than 134 million pieces of scam ad content,” Stone said.

'WE HAVE LARGE GOALS TO REDUCE AD SCAMS'

Some of the documents show Meta vowing to do more. "We have large goals to reduce ad scams in 2025," states a 2024 document, with Meta hoping to reduce such ads in certain markets by as much as 50%. In other places, documents show managers congratulating staffers for successful scam reduction efforts.

At the same time, the documents indicate that Meta’s own research suggests its products have become a pillar of the global fraud economy. A May 2025 presentation by its safety staff estimated that the company’s platforms were involved in a third of all successful scams in the U.S. Meta also acknowledged in other internal documents that some of its main competitors were doing a better job at weeding out fraud on their platforms.

“It is easier to advertise scams on Meta platforms than Google,” concluded an internal Meta review in April 2025 of online communities where fraudsters discuss their trade. The document doesn’t lay out the reasons behind that conclusion.

The insights from the documents come at a time when regulators worldwide are pushing the company to do more to protect its users from online fraud. In the U.S., the Securities and Exchange Commission is investigating Meta for running ads for financial scams, according to the internal documents. In Britain, a regulator last year said it found that Meta’s products were involved in 54% of all payments-related scam losses in 2023, more than double all other social platforms combined.

The SEC and the UK regulator didn’t respond to questions for this report. Meta’s Stone referred Reuters to the company’s latest SEC disclosures, which state that the company’s efforts to address illicit advertising “adversely affect our revenue, and we expect that the continued enhancement of such efforts will have an impact on our revenue in the future, which may be material.”

The regulatory pressure on Meta to do more to fight scams occurs as the company, in a race with competitors, is pouring money into artificial intelligence and plans as much as $72 billion this year in overall capital expenditures. While acknowledging the spending is “a massive amount of capital,” chief executive Mark Zuckerberg has sought to reassure investors that Meta’s advertising business can bankroll it.

"We have the capital from our business to do this," he said in July, when announcing that to support AI, Meta was constructing a data center in Ohio that will be the size of New York City’s Central Park.

In the internal documents, Meta weighs the costs of beefing up its enforcement of scam ads against the toll of financial penalties from governments for failing to protect its users.

BRACING FOR PENALTIES OF UP TO $1 BILLION

The documents make clear that Meta aims to reduce its illicit revenue stream in the future. But the company is concerned that abrupt reductions of scam advertising revenue could affect its business projections, according to a 2025 document that discusses the impact of “violating revenue” – income from ads that violate Meta’s standards, such as scams, illegal gambling, sexual services or dubious health products.

The documents note that Meta plans to try to cut the share of Facebook and Instagram revenue derived from scam ads. In the meantime, Meta has internally acknowledged that regulatory fines for scam ads are certain, and anticipates penalties of up to $1 billion, according to one internal document.

But those fines would be much smaller than Meta’s revenue from scam ads, a separate document from November 2024 states. Every six months, Meta earns $3.5 billion from just the portion of scam ads that “present higher legal risk,” the document says, such as those falsely claiming to represent a consumer brand or public figure or demonstrating other signs of deceit. That figure almost certainly exceeds “the cost of any regulatory settlement involving scam ads.”

Rather than voluntarily agreeing to do more to vet advertisers, the same document states, the company’s leadership decided to act only in response to impending regulatory action.

Stone disputed the strategy documents’ assertions that Meta should only act if forced. That isn’t the company’s policy, he said.

Meta has also placed restrictions on how much revenue it is willing to lose from acting against suspect advertisers, the documents say. In the first half of 2025, a February document states, the team responsible for vetting questionable advertisers wasn’t allowed to take actions that could cost Meta more than 0.15% of the company’s total revenue. That works out to about $135 million out of the $90 billion Meta generated in the first half of 2025.

“Let’s be cautious,” wrote the manager overseeing the effort, noting that the allowed revenue hit included both scam ads and “benign” ones that were mistakenly blocked. “We have specific revenue guardrails.”

Meta’s Stone said that the 0.15% figure cited came from a revenue projection document and was not a hard limit.

Amid intensifying pressure to do more to combat scams on Meta’s platforms, executives presented Zuckerberg with a plan in October 2024 for what they called a moderate approach to scam enforcement. Instead of a rapid crackdown, the company would focus its efforts on countries where it feared near-term regulatory action, according to a document that outlined the strategy.

Following the meeting with the CEO, Meta executives in charge of enforcing the integrity of the company's platforms settled on trying to reduce the percentage of revenue attributable to scams, illegal gambling and prohibited goods from an estimated 10.1% in 2024 to 7.3% by the end of 2025. By the end of 2026, Meta aims to further cut that figure to 6%, and then to 5.8% in 2027, the strategy memo and other documents show.

A SURGE IN ONLINE FRAUD

In 2022, a document from that year notes, Meta discovered a six-figure network of accounts pretending to be members of the U.S. military deployed in war zones. The accounts were sending millions of messages a week trying to charm Facebook users into losing their money. Sextortion – in which scammers obtain sexual images of a user, often a teenager, under false pretenses and then blackmail them – also was becoming commonplace on Meta’s platforms. And a torrent of fake accounts pretending to be celebrities or represent major consumer brands were bamboozling users worldwide.

But despite the surge in online fraud, another 2022 document notes the company’s “lack of investment” in automated scam detection back then. Meta classified scam ads as a “low severity” problem – viewing them as a bad “user experience,” the document says.

Internal documents show that Meta directed staffers then to focus mainly on fraudsters masquerading as celebrities and usurping major brands. Such “impersonation scams” risked upsetting advertisers and public figures, one 2022 document notes, and thus threatened to reduce user engagement and revenue.

But ongoing layoffs at Meta were hindering enforcement. A planning document for the first half of 2023 notes that everyone who worked on the team handling advertiser concerns about brand-rights issues had been laid off. The company was also devoting resources so heavily to virtual reality and AI that safety staffers were ordered to restrict their use of Meta’s computing resources. They were instructed merely to “keep the lights on.”

Stone said that while layoffs had occurred, the company had substantially expanded the number of staff addressing scam advertising in recent years.

Meta also was ignoring the vast majority of user reports of scams, a document from 2023 indicates. By that year, safety staffers estimated that Facebook and Instagram users each week were filing about 100,000 valid reports of fraudsters messaging them, the document says. But Meta ignored or incorrectly rejected 96% of them.

Meta’s safety staff resolved to do better. In the future, the company hoped to dismiss no more than 75% of valid scam reports, according to another 2023 document.

Erin West, a former Santa Clara County prosecutor who now runs a nonprofit devoted to combating scams, said Meta’s default response to users flagging fraud was to ignore them.

“I don’t know I’ve ever seen something taken down as the result of a single user report,” she said.

Last October, a recruiter for the Royal Canadian Air Force woke up to find herself locked out of her Facebook account. The woman, who spoke on condition of anonymity because of her military status, had been hacked.

Soon a picture of a fake employment badge with her face on it appeared on her account – along with the text, “I’m super happy to announce I’m crypto currency certified.”

The recruiter said she immediately filed multiple reports with Meta. As weeks went by without a response, her account began claiming that she had struck it rich with crypto – even acquiring land for a dream home – and she wanted to give her friends the same opportunity.

The recruiter said her supervisor tried to get the Royal Canadian Mounted Police to help, but was told that Meta doesn’t usually respond to hacked-account reports from the Mounties. So the recruiter warned her friends not to interact with her account and asked them to report her account to Meta, too.

Asked about the incident, the RCMP said it regularly raises reports of abuse on platforms such as Meta, but declined to comment on the specific case.

Nothing happened. After about a month, Mike Lavery, a former Canadian army officer who the recruiter had worked with years before, called her. He'd lost C$40,000 (about $28,000) after investing in the crypto scam.

“I thought I was talking to a trusted friend who has a really good reputation,” Lavery told Reuters about the recruiter’s hijacked Facebook account. “Because of that, my guard was down.”

The recruiter said she cried when Lavery told her what had happened. “People were being harmed because they trust me,” she said. She said she pleaded with friends to continue reporting her rogue account.

“Dozens of people reported it, multiple times each,” she said, estimating that Meta received more than 100 reports. By the time Meta finally took her hacked account offline, at least four other military colleagues had been defrauded, she said.

Brian Mason, an Edmonton Police investigator, was able to help track C$65,000 of the victims’ stolen funds to Nigeria. But recovering the money would likely be difficult or impossible, he told Reuters, because “the money was converted into bank accounts in Nigeria that we can’t touch.”

Meta declined to comment on the air force recruiter’s hacked account or its victims.

HOW META POLICES FRAUD

Internally, Meta refers to scams like this one as “organic,” meaning they don’t involve paid ads on its platforms. Organic scams include fraudulent classified ads placed for free on Facebook Marketplace, hoax dating profiles and charlatans touting phony cures in cancer-treatment groups.

According to a December 2024 presentation, Meta’s user base is exposed to 22 billion organic scam attempts every day. That’s on top of the 15 billion scam ads presented to users daily.

Meta polices fraud in a way that fails to capture much of the scam activity on its platforms, some of the documents indicate.

After police in Singapore gave the company a list of 146 examples of scams targeting that country’s users last fall, Meta staff found that only 23% actually violated the platform’s policies. The other 77% “violate the spirit of the policy, but not the letter,” a Meta presentation about the police reports notes.

The deceptive marketing flagged by Singaporean police that Meta didn’t act on included “too good to be true” offers of 80% off a designer fashion brand, promotions for fake concert tickets, and job ads posted by entities falsely claiming to be major tech companies.

Other Meta safety staffers also documented instances in which the company’s rules on scams didn’t appear to cover obviously bad behavior. In April, staffers noted that they’d discovered $250,000 in scam crypto ads from an account claiming to belong to Canada’s prime minister.

“Current policies would not flag this account!” an internal document says. Meta’s Stone said the ads were removed for other reasons. The prime minister’s office didn’t reply to a request for comment.

THE 'SCAMMIEST SCAMMERS' AND 'PENALTY BIDS'

Even when advertisers are caught red-handed, the rules can be lenient, the documents indicate. A small advertiser would have to get flagged for promoting financial fraud at least eight times before Meta blocked it, a 2024 document states. Some bigger spenders – known as “High Value Accounts” – could accrue more than 500 strikes without Meta shutting them down, other documents say.

Fraudulent ad campaigns can reach massive size: Four removed by Meta earlier this year were responsible for $67 million in monthly advertising revenue, a document reviewed by Reuters shows.

To draw attention to the company’s perceived failures, an employee earlier this year began issuing reports highlighting that week’s “Scammiest Scammer.” The report profiled whichever advertiser had earned the most user complaints about scams in the past week.

Colleagues praised the initiative. But being name-checked in the report wasn’t always enough for such accounts to get shut down. A check by Reuters of five accounts cited in one Scammiest Scammer report found that two were still live more than six months later, including one that was running ads for unlicensed online casinos. After Reuters flagged those two accounts to Meta, they were taken down.

Reuters was unable to reach the entities behind the accounts.

The company last year developed a novel approach to reduce scam advertising and keep its enforcement costs low: It began charging suspected fraudsters more.

To advertise on Meta’s platforms, a business has to compete in an online auction. Before the bidding, the company’s automated systems calculate the odds that an advertiser is engaged in fraud. Under Meta’s new policy, likely scammers who fall below Meta’s threshold for removal would have to pay more to win an auction.

Documents from last summer called such “penalty bids” a centerpiece of Meta’s efforts to reduce scams. Marketers suspected of committing fraud would have to pay Meta more to win ad auctions, thus impacting their profits and reducing the number of users exposed to their ads.

For Meta, the financial impact was mixed: While the company would sell fewer scam ads, it would make more money from those that it did, offsetting some of the lost revenue.

Stone said that the goal of the effort was to reduce overall scam advertising by making suspicious advertisers less competitive in Meta’s ad auctions. In the months following the implementation of the penalty bid program, he said, testing showed both a decline in scam reports and a slight decline in overall ad revenue.