2025 has been a bad year for Digital Fraud!

DarkReading.com reported that “The global battle against digital fraud has become more fraught, with cybercriminals pivoting from high-volume, opportunistic attacks to sophisticated, AI-driven operations; they're not just harder to detect, but can cause substantially more damage as well.”  The November 26, 2025 article entitled “Digital Fraud at Industrial Scale: 2025 Wasn't Great” (https://www.darkreading.com/cyberattacks-data-breaches/digital-fraud-industrial-scale-2025) included these comments

An analysis of data from more than 4 million fraud attempts, and surveys of some 300 fraud and risk professions and another 1,200 end users by Sumsub, found what the identity verification firm described as a noticeable "sophistication shift" over the past year. 

Fraud involving the use of advanced deception techniques, social engineering, AI-generated identities, and telemetry tampering surged 180% year-over-year, even as the share of these incidents within the overall fraud volume increased from 10% in 2024 to 28% in 2025. Ominously, Sumsub found scammers increasingly deploying autonomous systems capable of executing multistep fraud with minimal human intervention. AI-generated documents accounted for just 2% of all fake IDs and records used in digital fraud last year. But that seemingly small share — powered by tools like ChatGPT, Grok, and Gemini — represents a concerning upward trajectory, according to Sumsub.

"Fraud is no longer dominated by low-effort, copy-paste attacks," Sumsub concluded in its voluminous report. "Instead, a growing portion of cases are now engineered with precision, requiring more resources to execute, but also causing far greater damage when they succeed. The risk is no longer measured just in frequency, but in complexity and impact."

Pavel Goldman-Kalaydin, Sumsub's head of AI, tells Dark Reading that one somewhat unexpected datapoint in the survey was the continued prevalence of phishing as the primary driver of consumer fraud, at 45%. 

"What stands out is that service-level data breaches now account for 36% of incidents," he says. In many instances, victims are compromised through no action of their own, Goldman-Kalaydin notes: "For enterprises, it reinforces that security depends as much on the resilience of the vendor ecosystem as on internal controls."

The US itself, meanwhile, experienced a 15% year-over-year decline in overall fraud rates in 2025. But in keeping with the global landscape, the nature of attacks fundamentally shifted toward more AI-powered operations. Twenty-one percent of attempted fraud cases in the US that Sumsub analyzed involved the use of synthetic identities or AI-generated personas. Chargeback abuse (16%) and account takeover (19%) were two other prominent fraud types in the US.

Is anyone surprised?