Digital Fraud at Industrial Scale: 2025 Wasn't Great TechTarget and Informa Tech’s Digital Business Combine.TechTarget and InformaTechTarget and Informa Tech’s Digital Business Combine.Together, we power an unparalleled network of 220+ online properties covering 10,000+ granular topics, serving an audience of 50+ million professionals with original, objective content from trusted sources. We help you gain critical insights and make more informed decisions across your business priorities.Dark Reading Resource LibraryBlack Hat NewsOmdia CybersecurityAdvertiseNewsletter Sign-UpNewsletter Sign-UpCybersecurity TopicsRelated TopicsApplication SecurityCybersecurity CareersCloud SecurityCyber RiskCyberattacks & Data BreachesCybersecurity AnalyticsCybersecurity OperationsData PrivacyEndpoint SecurityICS/OT SecurityIdentity & Access Mgmt SecurityInsider ThreatsIoTMobile SecurityPerimeterPhysical SecurityRemote WorkforceThreat IntelligenceVulnerabilities & ThreatsRecent in Cybersecurity TopicsApplication SecurityPrompt Injections Loom Large Over ChatGPT's Atlas BrowserPrompt Injections Loom Large Over ChatGPT's Atlas BrowserbyAlexander CulafiNov 26, 20256 Min ReadVulnerabilities & ThreatsCritical Flaw in Oracle Identity Manager Under ExploitationCritical Flaw in Oracle Identity Manager Under ExploitationbyRob WrightNov 24, 20252 Min ReadWorld Related TopicsDR GlobalMiddle East & AfricaAsia PacificRecent in World See AllApplication SecurityLINE Messaging Bugs Open Asian Users to Cyber EspionageLINE Messaging Bugs Open Asian Users to Cyber EspionagebyTara SealsNov 21, 20257 Min ReadEndpoint SecurityChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesChina's 'PlushDaemon' Hackers Infect Routers to Hijack Software UpdatesbyNate Nelson, Contributing WriterNov 20, 20253 Min ReadThe EdgeDR TechnologyEventsRelated TopicsUpcoming EventsPodcastsWebinarsSEE ALLResourcesRelated TopicsResource LibraryNewslettersPodcastsReportsVideosWebinarsWhite Papers Partner PerspectivesDark Reading Resource LibraryCyberattacks & Data BreachesThreat IntelligenceCyber RiskData PrivacyNewsDigital Fraud at Industrial Scale: 2025 Wasn't GreatAdvanced fraud attacks surged 180% in 2025 as cyber-scammers used generative AI to churn out flawless IDs, deepfakes, and autonomous bots at levels never before seen.Jai Vijayan, Contributing WriterNovember 26, 20254 Min ReadSource: Quality Pixel_shutterstock.jpgThe global battle against digital fraud has become more fraught with cybercriminals pivoting from high-volume, opportunistic attacks to sophisticated, AI-driven operations; they're not just harder to detect, but can cause substantially more damage as well.An analysis of data from more than 4 million fraud attempts, and surveys of some 300 fraud and risk professions and another 1,200 end-users by Sumsub, found what the identity verification firm described as a noticeable "sophistication shift" over the last year. A Sophistication Shift for Fraud & PhishingFraud involving the use of advanced deception techniques, social engineering, AI-generated identities, and telemetry tampering surged 180% year-over-year, even as the share of these incidents within the overall fraud volume increased from 10% in 2024 to 28% in 2025.  Ominously, Sumsub found scammers increasingly deploying autonomous systems capable of executing multi-step fraud with minimal human intervention. AI-generated documents accounted for just 2% of all fake IDs and records used in digital fraud last year. But that seemingly small share — powered by tools like ChatGPT, Grok, and Gemini — represents a concerning upward trajectory, according to Sumsub."Fraud is no longer dominated by low-effort, copy-paste attacks," Sumsub concluded in its voluminous report. "Instead, a growing portion of cases are now engineered with precision, requiring more resources to execute, but also causing far greater damage when they succeed. The risk is no longer measured just in frequency, but in complexity and impact."Related:Advanced Security Isn't Stopping Ancient Phishing TacticsSumsub's head of AI Pavel Goldman-Kalaydin tells Dark Reading that one somewhat unexpected datapoint in the survey was the continued prevalence of phishing as the primary driver of consumer fraud, at 45%. "What stands out is that service-level data breaches now account for 36% of incidents," he says. In many instances, victims are compromised through no action of their own, Goldman-Kalaydin notes: "For enterprises, it reinforces that security depends as much on the resilience of the vendor ecosystem as on internal controls."The US itself, meanwhile, experienced a 15% year-over-year decline in overall fraud rates in 2025. But in keeping with the global landscape, the nature of attacks fundamentally shifted toward more AI-powered operations. Twenty-one percent of attempted fraud cases in the US that Sumsub analyzed involved the use of synthetic identities or AI-generated personas. Chargeback abuse (16%), and account takeover (19%) were two other prominent fraud types in the US.Related:DPRK's FlexibleFerret Tightens macOS Grip"Even though 74% of US fraud victims face direct financial loss, trust in financial services remains high at 81%," Goldman-Kalaydin says. At least part of it could be due to the fact that only 67% of businesses report fraud cases to regulators he says: "This gap suggests substantial underreporting and that many incidents are being managed internally without broader visibility."An AI-Powered Transformation for Identity Verification One overriding theme in Sumsub's report is how AI tools industrialized digital fraud in 2025. The vendor found scammers harnessing generative AI models to create near-perfect identity fraud documents such as passports, driver’s licenses, and utility bills, complete with accurate holograms, realistic fonts, and textures. In many instances, scammers used text-to-video systems to create highly convincing deepfakes to try and bypass liveness checks. Sumbsub also found that many fraud-as-a-service shops have begun emerging that package these capabilities into ready-to-use kits that even script-kiddies can use to generate thousands of fake documents every day.Troublingly, AI agents, capable of executing an entire fraud chain autonomously, began making an appearance on the digital fraud front in 2025 as well. "They aren’t traditional bots. Rather, they combine generative AI, automation frameworks, and reinforcement learning to create synthetic identities, interact with verification systems in real time, and adjust behavior based on the outcome," Goldman-Kalaydin says. "They remain early-stage today, but current trajectories indicate they could become mainstream within the next 18 months, especially within organized fraud networks."Related:With Friends Like These: China Spies on Russian IT OrgsOverall in 2025, digital fraud at the global level got smarter, he says. "That's evolution. We've moved from high-volume, low-skill scams that defenses can filter out, to precision-engineered attacks designed specifically to bypass advanced verification systems."Sumsub's report highlighted several measures that organizations are going to need to take to protect against the surge in AI-enabled fraud. The list includes the need for layered identity verification mechanisms, AI-enabled fraud-detection tools, behavioral analytics, and threat-intelligence sharing.  About the AuthorJai Vijayan, Contributing WriterJai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year career at Computerworld, Jai also covered a variety of other technology topics, including big data, Hadoop, Internet of Things, e-voting, and data analytics. Prior to Computerworld, Jai covered technology issues for The Economic Times in Bangalore, India. Jai has a Master's degree in Statistics and lives in Naperville, Ill.See more from Jai Vijayan, Contributing WriterMore InsightsIndustry Reports2025 State of Threat Intelligence: What it means for your cybersecurity strategyGartner Innovation Insight: AI SOC AgentsState of AI and Automation in Threat IntelligenceGuide to Network Analysis Visibility SolutionsOrganizations Require a New Approach to Handle Investigation and Response in the CloudAccess More ResearchWebinarsIdentity Security in the Agentic AI EraHow AI & Autonomous Patching Eliminate Exposure RisksSecuring the Hybrid Workforce: Challenges and SolutionsCybersecurity Outlook 2026Threat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesMore WebinarsYou May Also LikeBlack Hat Middle East & AfricaCybersecurity OperationsAs Gen Z Enters Cybersecurity, Jury Is Out on AI's ImpactAs Gen Z Enters Cybersecurity, Jury Is Out on AI's ImpactbyRobert Lemos, Contributing WriterNov 25, 20254 Min ReadKeep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.SubscribeWebinarsIdentity Security in the Agentic AI EraTues, Dec 9, 2025 at 1pm ESTHow AI & Autonomous Patching Eliminate Exposure RisksOn-DemandSecuring the Hybrid Workforce: Challenges and SolutionsTues, Nov 4, 2025 at 1pm ESTCybersecurity Outlook 2026Virtual Event | December 3rd, 2025 | 11:00am - 5:20pm ET | Doors Open at 10:30am ETThreat Hunting Tools & Techniques for Staying Ahead of Cyber AdversariesTuesday, Oct 21, 2025 at 1pm ESTMore WebinarsWhite PapersSecure SAST. Innovate Fast: The future of SaaS and Cloud SecurityWhat Can an AI-Powered AppSec Engineer Do?How Squarespace and Semgrep Scaled Secure Development Across Thousands of ReposMissing 88% of Exploits: Rethinking KEV in the AI EraThe Straightforward Buyer's Guide to EDRExplore More White PapersDiscover MoreBlack HatOmdiaWorking With UsAbout UsAdvertiseReprintsJoin UsNewsletter Sign-UpFollow UsCopyright © 2025 TechTarget, Inc. d/b/a Informa TechTarget. This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world’s technology buyers and sellers. All copyright resides with them. Informa PLC’s registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.’s registered office is 275 Grove St. Newton, MA 02466.Home|Cookie Policy|Privacy|Terms of Use

Digital fraud at industrial scale surged dramatically in 2025, reaching 180% growth, largely driven by cybercriminals leveraging generative AI to produce flawless identities, deepfakes, and autonomous bots—a level of sophistication previously unseen. According to a comprehensive analysis conducted by Sumsub, encompassing over 4 million fraud attempts and surveys of 300 fraud and risk professionals alongside 1,200 end-users, a noticeable “sophistication shift” occurred within the fraud landscape. This shift manifested as an increase in advanced deception techniques, AI-generated identities, and telemetry tampering, rising to 28% of incident volume from a prior 10% share in 2024. Notably, Sumsub’s research revealed the deployment of autonomous systems capable of executing multi-step fraud operations with minimal human intervention, signaling a fundamental change in attack methodologies. While synthetic identities and AI-generated personas accounted for a relatively small 2% of all fake IDs and records—fueled by tools like ChatGPT, Grok, and Gemini—this percentage represents a significant upward trajectory, indicating a concerning trend.

The report highlighted the evolution from low-effort, copy-paste attacks to precision-engineered operations demanding increased resources but delivering substantially greater damage when successful, fundamentally altering the assessment of risk beyond simple frequency. Notably, within this evolved threat landscape, service-level data breaches accounted for 36% of incidents – a result largely attributable to victims being compromised through no action on their part. This trend reinforced the importance of robust vendor ecosystem resilience for organizations, as highlighted by Sumsub’s Head of AI, Pavel Goldman-Kalaydin. The US experienced a 15% year-over-year decline in overall fraud rates in 2025, yet this was overshadowed by the global shift toward AI-driven operations. Twenty-one percent of attempted fraud cases in the United States analyzed by Sumsub involved synthetic identities or AI-generated personas, alongside 16% in chargeback abuse and 19% in account takeover incidents. Despite 74% of US fraud victims experiencing direct financial loss, trust in financial services remained high at 81%, potentially influenced by the 67% of businesses that did not report fraud cases to regulators, as noted by Goldman-Kalaydin, suggesting substantial underreporting and a lack of broader visibility.

The research emphasized the industrialization of digital fraud through AI, as Sumsub found scammers utilizing generative AI models to create near-perfect identity fraud documents - including passports, driver’s licenses, and utility bills, complete with accurate holograms and realistic textures. Text-to-video systems were employed to generate convincing deepfakes for liveness checks, and ‘fraud-as-a-service’ operations emerged, providing readily-accessible kits enabling even novice ‘script-kiddies’ to generate thousands of fraudulent documents daily. Adding to this complexity, “AI agents,” characterized by their ability to combine generative AI, automation frameworks, and reinforcement learning to create synthetic identities, interact with verification systems in real-time, and adapt behavior based on outcomes, began to appear, representing an early-stage but potentially transformative development. Sumsub’s analysis indicated that these AI agents could become mainstream within 18 months, particularly within organized fraud networks.

Overall, digital fraud at the global level matured in 2025, transitioning from high-volume, low-skill scams to precision-engineered attacks designed to bypass sophisticated verification systems. Sumsub’s report recommended several critical defensive strategies, including layered identity verification mechanisms, AI-enabled fraud detection tools, behavioral analytics, and threat-intelligence sharing.