2025 payment fraud retrospective: what did we learn?

Irina Ionescu, Senior Editor at The Paypers, reveals the year’s most discussed fraud trends – from the latest technologies and social contexts driving fraudsters to the most prevalent types of fraud – and provides a recap of what we need to do collectively before becoming victims. 

Fraudsters had a prolific 2025, with no signs of slowing down their business anytime soon. As we navigate through the past 12 months, merchants of all sizes and across most verticals faced a rapidly evolving fraud landscape, fuelled by improvements in AI-based technologies and sophisticated scams. It felt like every month there was a different headline, a different breach, another merchant staring at a dashboard full of red flags, asking what went wrong. The cold truth? Fraud is not only evolving – it’s mutating.

2025 was the year fraud exploded into a global ecosystem with its own supply chains, underground marketplaces, and innovation cycles. Fraudsters are more convincing than ever, leveraging the latest technologies to identify weaknesses along the customers’ online shopping journey.

Merchants are stuck fighting a shape-shifting enemy armed with the same (if not better) technologies, bigger networks, and zero hesitation when it comes to cost-damage. This article represents a soft attempt of making sense of the chaos, behind numbers, statistics, and buzzwords.

2025 – when fraud stopped knocking and walked right in

Fraud remains a universal challenge, with 98% of merchants experiencing one or more types of fraud in 2025. Real-time payment fraud, refund/policy abuse, phishing attacks, first-party misuse, and card testing are the top five threats for merchants across all regions, affecting 30-50% of merchants globally.

Staying in the loop with the trends that drive fraud rates to spike represents the first step into any merchant’s strategy, so let’s take a closer look at the main types of payment fraud that merchants and consumers experienced – and see what needs to be done further to prepare for 2026.

If you’re a merchant, a fraud strategist, or even someone who wants to understand the shadow economy shaping the Internet in 2025, buckle in. This isn’t just a list of trends, but the story of the year fraud stopped knocking at the door and started letting itself in.

AI-driven fraud and deepfakes

AI has become more than a buzzword in the tech industry, and its latest developments highly impacted any company’s fraud prevention strategy. In 2025, fraudsters leveraged AI to plan, prepare, and conduct convincing scams. These sophisticated attacks were designed to deceive even trained businesses and consumers, whether we’re talking about deepfake videos, voice impersonations, or phishing emails. To sound even more convincing, fraudsters created synthetic identities by combining real identification elements (such as email addresses, phone numbers, or shipping addresses) with AI-generated photos and selfies, thus bypassing traditional ID verification and KYC onboarding systems.

For merchants, this translates into AI-powered bots designed to create fake accounts to initiate fraudulent transactions, leading to unauthorised chargebacks. At the same time, deepfake and social engineering tactics were used to pressure support teams to issue refunds or approve chargebacks.

Xavier Sheikrojan, Director, Risk, at Signifyd, mentions:

‘European merchants have invested heavily in compliance and authentication, but AI-driven fraud is shifting the pressure elsewhere. Deepfakes and synthetic content are now convincing enough to pass manual review, creating a growing gap between regulatory compliance and real-world fraud exposure. The challenge for 2025 was not authorisation – it was credibility.

For European merchants, this shift means that being compliant is no longer the same as being protected. Investments in SCA, strong authentication, and payment security have reduced classic card fraud, but they don’t help when fraud shows up later as a convincing refund claim, a fake damage photo, or a synthetic customer interaction. AI-generated content is now credible enough to pass both automated checks and human review, which exposes a blind spot in post-purchase workflows. In practice, merchants will see higher refund and dispute costs, longer investigation cycles, and more pressure on customer support teams, even when payment fraud metrics look healthy. The risk moves from the authorisation layer into operations, margin, and trust. To adapt, merchants need to shift fraud detection upstream and downstream – relying less on static proof and more on behavioural context, identity consistency, and historical patterns. The core challenge isn’t stopping transactions anymore; it’s deciding what – and who – to trust after the transaction has already gone through.’

The current state of friendly fraud and refund/policy abuse

According to the 2025 MRC Ecommerce Payments and Fraud Report, six in ten merchants reported increasing rates of first-party misuse or friendly fraud, but significantly fewer saw a major spike in the past 12 months. Merchants mentioned a few new drivers of the rise in friendly fraud, mainly attributed to consumers knowing their workarounds for getting refunds and filing chargebacks, while issuing banks made it easier to submit and win disputes. A 2023 survey from Sift claims that younger generations, such as Gen Z, are more willing to commit friendly fraud, even when the product they ordered is delivered in perfect shape. The younger the consumer, the more likely they will dispute an order and claim back their money, with 42% of Gen Z engaging in this type of fraud, as opposed to only 22% of millennials and just 10% of Gen X.

Promo abuse or refund fraud is also closely linked to friendly fraud. The MRC report also claims that 57% of the surveyed merchants reported increasing rates of refund and policy abuse in 2025, some even experiencing a surge of 50% or more. For many merchants, the ‘the client is always right’ rule no longer applies, as they now have to navigate the complexities of adding an extra layer of friction to minimise fraud costs without deterring loyal customers.

According to merchants, the surge in policy abuse is driven by false claims that goods were never received. Others attempt to return products that are used, damaged, or incorrect, forcing merchants to face additional costs. This form of fraud was significantly encountered by merchants in the APAC region.

Xavier Sheikrojan, Director, Risk, at Signifyd, mentions:

‘Promo abuse has evolved from isolated edge cases into coordinated exploitation. Groups now share discount loopholes, referral hacks, and stacking strategies in real time. For merchants, the financial impact is subtle but persistent: eroded margins, distorted performance metrics, and a growing disconnect between marketing success and profitability.

For merchants, this shift means that promotions now carry the same risk profile as payments, but without the same level of control or visibility. What looks like strong campaign performance on the surface –  higher conversion, increased new-customer sign-ups, growing order volume –  may actually be masking coordinated abuse underneath. Over time, this leads to margin erosion, inflated acquisition metrics, and misleading ROI calculations that make it harder to know which promotions are genuinely driving growth.

Operationally, promo abuse also creates pressure across teams. Marketing sees success, finance sees shrinking margins, and fraud teams are left reacting after the damage is done. To adapt, merchants need to introduce incentive governance: tighter eligibility rules, real-time monitoring of promo performance, and identity-level controls that prevent repeat exploitation across accounts and channels. Without treating promotions as financial instruments with risk limits, merchants will continue to fund abuse at scale – quietly and persistently – while believing they are investing in growth.’

Subscription renewal scams and fraud

In 2025, the subscription payment service boomed, with online big streamers such as Netflix accounting for over 300 million paid subscribers globally, and Spotify for 281 million premium subscribers as of Q3 2025.

It comes as no surprise that renewal scams were also on the rise, particularly affecting SaaS companies and digital content providers. Fraudsters manipulate recurring payments and initiate chargebacks by falsely claiming unauthorised renewals or by exploiting companies’ laxed trial periods. Ecommerce merchants are also facing higher risks of fraud-related disputes and refunds for their subscription-based products and services offered, forcing them to handle extra costs and even deal with brand reputation damage if these chargebacks are not solved in a timely manner.

One effective way to detect fraudulent subscription transactions before they escalate into chargebacks is for merchants to opt for near-instant notifications, a service that is offered, for instance, by companies such as Ethoca by Mastercard or Verifi.

Cross-border fraud in ecommerce

Global ecommerce continues to be on the rise, which means cross-border fraud is becoming more prevalent. As fraudsters become more tech-savvy and leverage AI tools, merchants selling internationally consistently face new threats. Fraudsters exploit differences in regulations, currency conversions, and security standards between countries to perpetrate scams. Although merchants from all sectors handle cross-border fraud, this type of criminal activity is prevalent especially among high-risk merchants, as they handle increased risks of unauthorised chargebacks and currency-related disputes.

The impact is clear on merchants activating in fashion, electronics, and luxury, as high-value international transactions represent prime targets for fraudsters. Merchants operating in luxury also face the risk of being returned fake articles that cannot be foreseen before a client makes a refund claim, posing extra challenges for reputational damage. At the same time, merchants selling high-end electronics with a hefty price tag can also face swapped products, fakes, or even returned products that look 100% authentic at first glance but have certain high-end components replaced with cheaper ones or knockoffs. Adding the costs of international shipping and handling, cross-border ecommerce comes with high risks.

To avoid paying the price of fraud, merchants can work with solution providers that seamlessly integrate different card issuers that provide a holistic fraud prevention strategy. At the same time, they should invest in real-time dashboards or trend analyses that can help them further detect and mitigate cross-border fraud patterns before the costs of doing business overcome the market’s potential.

Account takeover (ATO) and fraud risks associated with new accounts

Another type of fraud that was here to stay in 2025 was account takeover (ATO). As per the 2025 MRC Ecommerce Payments and Fraud Report, MRC members continued to grapple with a greater volume and greater variety of fraud attacks, among which ATO fraud was experienced by 63% of MRC members. In 2025, in the US alone, the FBI reported that account takeover fraud caused USD 262 million in losses. A report from Sift indicates a highly alarming global phenomenon – losses from ATO fraud were projected to climb to USD 17 billion by the end of 2025, increasing from USD 13 billion in 2024. Fintech and finance represent the sectors with the highest surge in ATO fraud, with 122%, while the travel and ticketing sector experienced a 56% increase.  

Either accessed fraudulently or bought from previous legit customers, fraudsters accessed aged accounts with clean histories to commit resale fraud, chargebacks, or fraudulent refunds. The scheme is simple and effective as there are now hundreds of Telegram rooms providing a wide array of services for fraudsters, one click and a few dollars away.

Fraudsters prefer dormant accounts with clean histories that won’t raise flags when placing an online order, which usually means verified shipping addresses, verified card credentials, and thorough KYC during onboarding.

Taking over legit accounts can also occur through a series of other types of fraud, usually combining deepfakes, scams, malware, and social engineering, where attackers impersonate banks or financial institutions to steal credentials. Gaming/streaming platforms are constantly improving their defences, forcing attackers to move to social media, exploiting password reuse or AI-driven deepfakes.

Cheques and wire transfers fraud

This type of fraud is particularly prevalent in the US, where cheques remain a preferred payment method for employees across all sectors. In 2025, fraudsters made use of AI, high-resolution printers, and business email compromise (BEC) schemes to create highly realistic counterfeit cheques that can be cashed in rapidly, before the bank can flag the suspicious activity. And, with mobile banking on the rise, mobile deposit fraud and altered cheques became another concern.

Cheque fraud and wire transfer fraud have become prolific, taking advantage of the slower banking system in the country, where balances can take up to a couple of days to settle. In one type of wire transfer fraud, the fraudster can find the email address of a certain decision-making individual within a company and then pose as the CEO through digitally altered pictures and videos. Then, the fraudster creates the urgency of a wire transfer that the employee can make in the name of the C-level individual, usually to cover a last-minute deal. This type of fraud exploits not only well-intentioned employees but also security breaches in a company’s systems.

Another type of fraud involves remote deposits. In this scheme, scammers deposit a check into an account through mobile banking, often using fake names and forged IDs. They convince the recipient to withdraw the money before the cheque clears – and, when the bank discovers the cheque is fraudulent, the recipient is held liable for the amount. This type of fraud has become increasingly popular in marketplaces, where fraudsters insist on fast cash withdrawals.

Real-time payments fraud

Payment fraud was on the rise in 2025, with surges in real-time payment fraud observed among merchants in North America, Europe, and the Asia-Pacific region, according to the MRC 2025 Global Ecommerce Payments and Fraud Report.

The rise of faster payment systems accelerated fraud, with attackers now focusing on high-volume, low-value transactions that are hard to detect. Real-time payments fraud happens when money involved in fraud and scams immediately moves between accounts. There are several types of fraud linked to real-time payments fraud, including APP (authorised push payment) fraud, ATO fraud, money mule fraud, or phishing.

In APP fraud, criminals trick victims (either individuals or businesses) into authorising payments to fraudulent accounts through phishing, impersonation, or social engineering, preying on the victim’s emotional response to a time-sensitive situation.

In 2024 alone, around GBP 450 million were lost to APP fraud, while an estimated GBP 10 billion of illicit funds were laundered through money mule activities.

With fraudsters exploiting the speed of real-time payments, it has become crucial for banks and businesses to adopt advanced and flexible security measures to avoid paying the cost of fraud. Specialists suggest opting for a multi-layered approach that combines customer education, robust authentication, behavioural analytics, behavioural biometrics, and real-time monitoring. And, while rule-based systems provide a solid foundation, companies should integrate new tech such as AI, machine learning, and behavioural biometrics to enhance fraud detection in a timely manner. Continuous monitoring and adaptive fraud models are key to understanding how real-time payment fraud happens.

The rise of fraud rings

Fraud is evolving, and so do criminals. With the rise of ecommerce and globalisation, fraudsters now work in organised groups, often with physical headquarters in which they run operations costing individuals and companies billions.

Fraud rings use similar tactics to individual scammers or small groups but benefit from a bigger infrastructure and work on a massive scale. They also have access to the latest tech and, often enough, obtain funds through other illicit methods, including drug and weapon trafficking, human trafficking, or money laundering.

A report from Experian shows that fraud rings cause an estimated USD 5 trillion in financial damages yearly, leaving millions of people around the world scammed or broke. Fraud rings commit a series of scams, from forgery to false claims, identity theft, identity manipulation, account takeover, mortgage or loan fraud, social engineering, phishing, impersonation, counterfeit checks, romantic scams, or pig butchering.

Becky Holmes, fraud expert and author of ‘Keanu Reeves is Not in Love With You’, mentions:

‘Fraudsters have become increasingly organised this past year, working together to share skills, process transactions, and evade repercussions. The speed of their evolution has been astonishing. Cases of romance fraud have continued to rise in 2025, and I don't expect that to be any different in 2026. In fact, the more that fraudsters employ AI to change their faces, voices, language, and ability to reach out to thousands of people at the same time, the more callous acts of romance fraud we are going to see.’

Unfortunately, fraud rings have shifted into true organised crime entities, many headquartered in Southeast Asia or Africa. Countries like the Philippines, Myanmar, Thailand, or Vietnam have become well-known in the past few years for housing criminal compounds, with thousands of people being scammed or forced to become scammers. Regular citizens from emerging countries were tricked by fraudulent online ads, friends, and even family members into working abroad, only to have their passports stolen and forced to work in billion-dollar financial schemes, romantic scams, and pig butchering. Some of these organisations have been consistently dismantled, with people being liberated after years of physical, emotional, and financial abuse. Many other fraud rings continue to operate as well-structured organisations, similar to terrorist cells, defrauding millions of people worldwide.

Conclusions

Fraud has become one of the biggest threats of today’s society, a faceless enemy that lurks in the Internet’s corners or hides in plain sight, preying on the gullible and less tech-savvy individuals. If a Hollywood celebrity starts texting you on social media, if a handsome doctor claims to have millions but can’t afford to pay for his relative’s surgery, if your boss urges you to wire a large amount of money without previous approval from the company’s funds, if your newly acquired Internet friend nags you to open a crypto account and start trading on a random platform, chances are you are being scammed.

Staying alert is not 100% successful, even for fraud professionals. Unfortunately, GenAI continues to perfect the voice of a troubled son or a distressed mother, with fraudsters behind the screen looking to squeeze you dry and then some.

According to documents obtained by Reuters, Meta is earning a fortune on fraudulent ads, with 10% of its projected revenue for 2024 coming from ads for scams and banned goods. Behind these lie hundreds of Chinese companies, freely advertising on Meta and earning the owner of Facebook, Instagram, and WhatsApp USD 18 billion in annual sales. The problem? More than USD 3 billion of the revenue ‘was coming from ads for scams, illegal gambling, pornography, and other banned content’, showing an unequal fight between greed and keeping customers safe.

So, how can we protect ourselves against this fraud tornado? In a world based on social constructs like trust, truth, and solidarity, trusting no one is the paradox that might keep your wallet safe and your mind sane. The alternative is navigating through the complexities of a world filled with fraud by securing your data, remaining sceptical or at least suspicious, and sharing as little as possible on social media.

 

About the author

Irina is a Senior Editor at The Paypers, primarily specialising in online payments and fraud prevention. She has a Ph.D. in Economics and a strong economic academic background, with interests in fraud prevention, chargebacks, fintech, AI, ecommerce, and online payments. Reach out to her via LinkedIn or email at irina@thepaypers.com.