fraud

Digital security is undergoing profound transformations catalyzed by the shortcomings of traditional authentication methods. Security strategies often force businesses to choose between robust defenses that frustrate users and seamless experiences that heighten vulnerability. Recently, behavioral biometrics -- using unique users’ digital interaction patterns -- has emerged to offer a compelling resolution to this longstanding challenge by providing continuous, invisible authentication based on unique human behaviors.

Behavioral biometrics can best be understood as digital body language. Like physical mannerisms, such as walking gait or vocal tone, users exhibit distinctive digital behaviors in interacting with their devices -- from typing rhythms and mouse trajectories to touchscreen pressures and even how devices are held. Behavioral biometrics captures and analyses these subtle distinctions to establish a unique digital fingerprint that fraudsters -- and their machinations -- find nearly impossible to replicate. By integrating behavioral biometrics into security and anti-fraud frameworks, organizations can attain a sophisticated balance between strong, proactive fraud postures and the frictionless user experiences that modern consumers expect.

A new report reveals that 73 percent of UK fraud professionals report that online fraud has negatively affected their company's revenue in the past year.

The UK Fraud Industry Pulse Survey from Veriff shows 72.5 percent of businesses have seen an increase in online fraud over the past 12 months.

With fraud on the increase and more sophisticated attack methods being used, payments company Visa is turning to AI to help businesses and financial institutions fight back.

It's introducing ARIC Risk Hub, developed by Featurespace -- a company recently acquired by Visa -- which uses adaptive AI to build profiles around genuine customer activity making it easier to spot suspicious actions.

Lookalike domains, crafted to closely resemble authentic domains, enable a wide range of deceptive activities. By sending emails that appear to originate from trusted sources, attackers can effectively conduct a variety of scams from phishing and social engineering attacks to invoice fraud.

A new report from BlueVoyant looks at how cybercriminals encourage their victims to click on lookalike domains, whilst highlighting the critical need for vigilance and proactive measures to counteract these threats.

As we approach the 31st March deadline for compliance with the new PCI DSS 4.0 payment security standard, new data from Cequence Security shows automated fraud is increasing with retailers facing 66.5 percent of all malicious traffic.

Using data from real transactions and attack data from Cequence's Unified API Protection (UAP) platform, the report highlights the growing attack surface cybercriminals exploit in payment infrastructure, loyalty programs, and product pricing systems.

A new report from Sift reveals an alarming democratization of cybercrime, with 34 percent of consumers seeing offers to participate in payment fraud online, an 89 percent increase over 2024.

The report details how fraudsters openly advertise and sell stolen payment information and fraud services on social media platforms and deep web forums like Telegram, significantly lowering the barrier to entry for anyone to participate in fraudulent activities.

With deepfakes getting more sophisticated and harder to detect both organizations and individuals are at risk of falling victim to fraud and phishing attempts.

We spoke to SURF Security CTO, Ziv Yankovitz, to learn more about the increasing threat of deepfakes and best practices that can be used to for combat attacks.

Businesses could be forfeiting up to five percent or more of their revenue to fraud, considering the hidden costs of operational inefficiencies, compliance penalties and customer attrition, according to a new report.

Based on responses from almost 600 decision-makers and strategic leaders across financial services, fintech, payments, eCommerce and iGaming, the study from fraud prevention and compliance specialist SEON, finds budget allocations indicate that 86 percent of companies are spending over three percent of revenues on anti-fraud measures.

AI-generated voice impersonation scams are an increasing threat, with 31 percent of US consumers, 27 percent of Canadians, and 26 percent of UK consumers reporting encounters with deepfake fraud calls.

A new report from Hiya, based on data from the company's Voice Intelligence Network and a January 2025 survey of 12,000 consumers across the US, Canada, the UK, Germany, France, and Spain, shows that more than 30 percent of those targeted fell victim, suffering significant financial losses. In the US, the average reported loss was $539, while UK victims faced the steepest losses at £1,479 ($1,867).

Financial institutions are facing a significant increase in deepfake fraud attempts, which have grown by a staggering 2,137 percent in the last three years.

Data from Signicat based on responses from 1,200 people in the financial and payment sectors across seven European countries, including the UK, shows that account takeover is the leading type of fraud their customers are exposed to, followed by card payment fraud and phishing.

From phishing scams to business email compromise, fraud is continually evolving and cybercriminals are using increasingly refined tactics to exploit vulnerabilities. Adversary-in-the-middle (AiTM) attacks are also rapidly emerging as an advanced technique that poses pervasive physical and digital risk across industries. In fact, recent research shows a 46 percent increase in AiTM attacks compared to 2023. 

Staying ahead of these tactics is increasingly important as fraud becomes more complex. Before we delve into how to actively prevent fraud, we need to firstly explore the nature of AiTM attacks and then look at what’s fueling this increase in fraudulent activity. 

User-friendly fraud kits that enable amateurs to execute complex attacks against thousands of accounts in minutes are widely available on the dark web according to the latest 2024 Report on Global Identity Fraud from AU10TIX.

FaaS platforms provide all the tools, templates and automation that fraudsters need, including deepfake generators to create synthetic selfies and videos, botnets to automate mass-scale account creation and takeover, and phishing kits for email and web-based scams.

Half of businesses have reported a growth in deepfake and AI-generated fraud, alongside rising biometric spoofs and counterfeit ID fraud attempts, according to the 2025 State of Identity Fraud Report, released today by AuthenticID.

The report analyzes internal proprietary data anonymized from AuthenticID's identity verification and fraud detection technology. When paired with insights from annual fraud surveys of both fraud and technology professionals as well as consumers in North America, the report offers a comprehensive view of the fraud landscape.

A new report from Recorded Future's Inskit Group looks at the emerging and evolving key fraud threats in the payments industry.

It identifies nearly 1,200 scam website domains linked to networks of scam merchant accounts. Most of the scam merchant accounts discovered were registered in the United Kingdom and Hong Kong, and scam tactics, techniques, and procedures (TTPs) grew more subtle and sophisticated throughout the year.

As we approach the peak holiday shopping season a new survey of nearly 400 IT security decision-makers and retail customers from identity specialist HYPR shows that 58 percent of retail organizations experienced at least one authentication-related breach and 65 percent were victims of identity fraud over the last 12 months.

Retailers have suffered losses of up to $6.27 million in the last year alone due to insecure authentication methods. By contrast financial institutions reported only $4.57 million lost during the same period.