Spike in first party fraud could presage raging storm of generative AI

The latest version of LexisNexis Risk Solutions’ annual Cybercrime Report shows what a release calls “a significant swing in the composition of global fraud attacks,” with first-party fraud taking the global lead in representing 36 percent of all reported fraud in 2024.

First-party fraud involves people using their own identity to misrepresent or give false information for personal or financial gain. Loan applications, credit card charge disputes and claiming ordered goods were not delivered all count.

As such, says Stephen Topliss, vice president of fraud and identity for LexisNexis Risk Solutions, consumers are now emerging as “the single largest source of human-initiated fraud.”

While account takeover (ATO) fraud fueled by phishing and smishing activity accounts for a further 27 percent of global reported fraud, and scams, including authorized push payment (APP) fraud, represent 11 percent of cases, first-party fraud is now the biggie.

“The change in composition of attacks presents a significant challenge for fraud prevention, since detecting first party fraud requires a subtly different approach from detecting scams or account takeovers,” Topliss says. “Organizations can’t afford to be complacent, however – there were more than three billion brute-force automated account takeover attacks detected last year alone and scams remain a global problem. It is vital for organizations to have models tuned to detect these varied forms of fraud.”

Fraud shows signs of an overall flattening. Regionally, attack rates fell in both EMEA countries and LATAM.

But the report speaks of “underlying signs of a coming storm powered by AI.”

“Ongoing concern about fraudsters using generative AI has, so far, been limited to a relatively small number of well-reported cases that have required a fair amount of planning and sophistication (and human intervention),” it says. “We do expect AI-powered fraud to grow and evolve; we’re already detecting more frequent usage in new account origination attempts to defeat less-robust document authentication checks.”

Topliss says we are at a tipping point. “While many organizations have improved their defenses over the past few years, we also know that cybercriminals are embracing new innovative, AI-enhanced capabilities and we will likely see these extensively tested and executed over the coming months. Our analysis of attacks over a longer multi-year period shows that significant attacks often come in waves and this latest set of figures could indicate the imminent arrival of the next, AI-enabled wave of global attacks.”

Sift releases trio of new AI features for fraud prevention

Sift has announced new large language model (LLM) capabilities in its fraud and risk platform. A release says ActivityIQ “leverages generative AI to better identify and surface account takeover (ATO) fraud patterns that might otherwise go undetected” and summarize them for analysts.  The feature builds on Sift’s previously announced Activity Analyzer, which Sift announced earlier this year.

Sift is also releasing FIBR In-Console as part of its Fraud Industry Benchmarking Resource for fraud KPI measuring. This allows customers to “directly compare their own key fraud metrics, including payment fraud attack, manual review, general chargeback, and fraudulent chargeback rates against their industry peers.”

Finally, Sift has released automatic chargeback labeling, which “creates a feedback loop for Sift’s payment fraud prevention solution by automatically updating machine learning models with chargeback outcomes.”

“The fraud ‘attack surface’ demands both intelligence and efficiency from risk operations teams, all while maintaining great consumer experience,” says Swift Chief Product and Technology Officer Raviv Levi. “With our latest innovations, Sift customers can more easily establish and maintain identity trust by benchmarking their fraud KPIs against industry peers and with AI-generated insights to prevent ATO.”

Vidos to explore Authorized Push Payment attacks for digital sandbox

Vidos has been selected to participate in the UK Financial Conduct Authority’s (FCA) Digital Sandbox programme. A blog post says its participation will focus on “leveraging digital identity verification technology to combat authorized push payment (APP) fraud for banks, payment processors, and merchants.

In particular, Vidos aims to combat purchase scams, invoice and mandate scams, CEO fraud, and general impersonation scams.

“Purchase scams have become particularly problematic,” it says, “accounting for 67 percent of all APP cases in 2023 with losses of £85.9 million (US$116M). These scams exploit specific verification weaknesses that directly impact financial firms.”

By looking at seller verification integration, transaction validation architecture and cryptographic methods for financial firms to verify critical transaction details without exposing excess personal data, Vidos aims to give financial firms stronger fraud prevention capabilities while maintaining transaction efficiency and customer experience.

“APP fraud devastates victims, and we’re focused on practical ways to stop it,” says Tim Boeckmann, CEO of Vidos. “Robust digital identity can protect people and businesses from scams without adding friction to payment processes – creating value for financial firms while reducing their liability exposure.”

The firm points out that “under the new UK APP Fraud Reimbursement Model, both sending and receiving firms face equal financial liability for fraud losses.” As such, “digital identity verification isn’t just a security enhancement – it’s becoming an essential component of sustainable financial operations as regulatory requirements evolve.”

Sumsub takes fight against fraudemic to Singapore for first WTF summit

Sumsub is launching its inaugural flagship event. A release says the What The Fraud Summit (WTF Summit), a “visionary summit to beat the global fraudemic,” will take place at Andaz Singapore from November 19 to 20, 2025. Experts and industry leaders from fraud prevention, compliance, financial crime, regulation, and product innovation will gather to discuss AI-driven security, regulatory shifts, digital resilience and trust in identity.

“With the rapidly growing fraud risks across the globe, we recognized a critical need for a dedicated platform for industry leaders, regulators and fraud experts to have bold conversations and exchange actionable insights to beat the global fraudemic,” says Andrew Sever, Co-founder and CEO of Sumsub. “By launching the WTF Summit in APAC, we aim to fill the gap in discussions surrounding the multifaceted nature of fraud prevention in the region. Our goal is to collaborate with top minds to craft holistic strategies to create a safer digital future for everyone.”

Speakers listed for the event will represent organizations including Flywire, Green Link Digital Bank, Peak IDV, and more.

While the main summit on November 20 will cover AI fraud, digital Identity, compliance and crypto, on the 19th Sumsub will host expert-led workshops with certifications in three specialized modules: modern scams and deepfakes, smart and compliant onboarding, and AML investigations and case management.

Article Topics

AI fraud  |  biometrics  |  digital identity  |  financial services  |  fraud prevention  |  generative AI  |  identity verification  |  LexisNexis  |  Sift  |  Sumsub  |  Vidos