{"id":943,"date":"2026-05-22T14:00:20","date_gmt":"2026-05-22T19:00:20","guid":{"rendered":"https:\/\/www.paymentconsulting.net\/Blog\/wordpress\/?p=943"},"modified":"2026-05-22T14:00:20","modified_gmt":"2026-05-22T19:00:20","slug":"fraud-and-scam-initiators-are-adapting-again-visa-says","status":"publish","type":"post","link":"https:\/\/www.paymentconsulting.net\/Blog\/wordpress\/?p=943","title":{"rendered":"Fraud and Scam Initiators Are Adapting, Again, Visa Says"},"content":{"rendered":"
\n
\n

Fraud and Scam Initiators Are Adapting, Again, Visa Says<\/h1>\n

<\/i>Kevin Woodward<\/a><\/span>\u00a0<\/i>May 22, 2026<\/span>\u00a0<\/i>Competitive Strategies<\/a>,\u00a0Credit Cards<\/a>,\u00a0Debit Cards<\/a>,\u00a0E-Commerce<\/a>,\u00a0Fraud & Security<\/a>,\u00a0Point-of-sale<\/a><\/span><\/p>\n

<\/div>\n
\n

Fraud and scam bad actors are adapting again to changes in technology and consumer behavior, but so, too, are organizations charged with preventing their misdeeds. In its \u201cSpring 2026 Biannual Threats Report,\u201d Visa Inc. points to four shifts in the second half of 2025 as fundamentally changing how criminals interact with consumers.<\/p>\n

Released Thursday, the report shows on a global scale that controls are helping improve outcomes for those caught up in fraud and scams even as attack volume rises,\u00a0Visa<\/a><\/strong>\u00a0says. Other changes are that scams are the primary source of consumer harm and artificial intelligence is speeding up both the attack and defense aspects. Fourth, the economics of ransomware, though still prevalent, are changing.<\/p>\n

\n
\n
<\/div>\n<\/div>\n
\n
<\/a><\/div>\n<\/div>\n
\n
<\/div>\n<\/div>\n<\/div>\n

Visa data shows that fraud at the device-token level decreased 9.6% in the latter half of 2025 compared to the second half of 2024, while\u00a0enumeration<\/a><\/strong>\u00a0\u2014a reconnaissance stage for criminals to verify stolen data\u2014dropped 16% in the same period.<\/p>\n

\n
\"\"<\/figure>\n<\/div>\n

The implication from this is that criminals are moving toward vectors like consumers and third-party dependencies, Visa says. \u201cThe most important question is no longer \u2018how much fraud occurred,\u2019 but \u2018where is fraud migrating\u2013and how quickly?\u2019\u201d Visa\u2019s report says.<\/p>\n

The second notable shift, the ascendancy of\u00a0scams<\/a><\/strong>, cannot be solved solely with controls at the authorization layer, Visa says. To counter this, a multi-element response is needed, it says. Scams are when criminals trick a consumer into willingly sending them money, providing them with payment details, or providing access to their accounts, as defined by Wells Fargo.<\/p>\n

\u201cWhen the user behaves \u2018legitimately\u2019 from a transaction perspective, scam defense becomes a combined challenge of identity verification, intent assessment, and manipulation detection\u2014often requiring coordinated action beyond a single institution,\u201d Visa says.<\/p>\n

Just as AI is weaving itself into productive uses, it is being used for other less-than-legal ones, too. Visa says AI is shortening the fraud cycle for both sides, the attackers and defenders.<\/p>\n

Criminals are using\u00a0AI<\/a><\/strong>\u00a0to create more personalized and convincing attacks they can automate at scale, while organizations trying to halt that activity are able to use AI to spot anomalies sooner than without AI, stop attacks before they reach consumers or merchants, and make their identification of attacks more precise, Visa says.<\/p>\n

Thus, \u201cOrganizations that rely on manual, siloed review models are structurally disadvantaged. The advantage belongs to those that can act in real time, coordinate across partners quickly, and automate the detect-triage response lifecycle,\u201d Visa says.<\/p>\n

The fourth shift, more ransomware with changing economics, may be a result that organizations are being more resilient when under threat and increasingly recognizing that paying the extortionist does not reliably \u00a0prevent a data release, Visa says.<\/p>\n

Ransomware<\/a><\/strong>\u00a0is becoming more of a recovery issue, not just a prevention problem, it says. Visa says this suggests a shift in approach when dealing with ransomware to treating business continuity and recovery as primary security controls instead of afterthoughts.<\/p>\n<\/div>\n

Share<\/span><\/p>\n