Although many organizations are still strategizing and piloting their artificial intelligence implementations, bad actors have already made AI an integral part of their fraud operations. One of the main reasons that criminals have been able to implement emerging technologies so rapidly is they are free from the constraints that hinder many legitimate organizations.
In the 2025 Identity Fraud Study: Breaking Barriers to Innovation, Jennifer Pitt, Senior Fraud and Security Analyst at Javelin Strategy & Research, detailed the rising fraud trends, the ways financial institutions can better educate their customers, and the out-of-the-box solutions required to battle fraud.
Growing Out of Control
Fraud attacks involving the unauthorized use of personal identifiable information have been a persistent threat over the more than two decades of the long-running Javelin study. Last year was no exception, as identity fraud incidents and dollar losses saw year-over-year upticks.
Many factors are involved in the increase, including the rising prevalence and scope of data breaches. There has also been an increase in cyber intrusions, whereby a criminal takes over an individual’s phone or computer.
One interesting finding from the report was that the financial losses and the incidence rate of scams—where the target is tricked into divulging money or data—decreased from the previous year.
A possible reason for the decline could be that the barrage of headlines about novel and pernicious scams—coupled with awareness efforts by financial institutions—has consumers on guard. While there has been some discussion about identity fraud, such as how consumers can protect their identity once it’s stolen, it hasn’t been as all-consuming as the focus on scams.
“The other thing is it’s hard for everybody, including consumers, to categorize things into separate buckets,” Pitt said. “How do you categorize a scam that leads to identity fraud? Is it a scam or is it an identity fraud incident? It very well could be that these consumers are thinking of how it finished and not how it started.
“Regardless, if we look at the combined victim count, it was an increase of one million victims, which is astounding. This fraud problem is essentially growing out of control.”
Opening Eyes on Information
Though many assume that fraud attacks are mostly perpetrated for financial gain, bad actors are often after something more valuable than money: information.
“I know that scams target information and money, but the fact that 71% of scam victims also were tricked into providing some sort of information was eye-opening,” Pitt said. “I think as an industry, we have a long way to go on educating consumers about how information can be used against them. A lot of consumers look at information like an email address, phone number, name, even date of birth as somewhat benign.”
Though these data points may seem harmless on their own, they can be used in concert to commit identity fraud against the individual or to perpetrate additional scams on a larger scale.
To mitigate this threat, financial services providers should expand their consumer education efforts. They will also need to take a hard look at their communications with customers—an area where some organizations muddy the waters.
“Many of us, including myself, have gotten text messages, emails, even phone calls from financial institutions where it was legitimate and they’re asking for things they say they’d never ask for—like one-time passcodes or to click on the link,” Pitt said. “Instead of questioning that, consumers are opting on the side of, ‘It’s probably legitimate, let me go ahead and give that information.’
“We as financial service providers do ourselves a disservice when we give consumers mixed messages, and that’s a huge thing we need to fix.”
Reporting Fraud Appropriately
Consumers are also falling short in reporting fraud properly. When a fraud event occurs, the first act by most consumers is to notify their financial institution. Unfortunately, it is often the only step they take.
“When people think of fraud, people typically think of their financial institution, so they contact their financial institution and think they’ll solve everything,” Pitt said. “Reporting to law enforcement is down, reporting to credit card companies is down, reporting to identity protection service providers is down. Some of that, I think, is consumers don’t know who to report their incident to anymore.”
One of the issues is that there are numerous providers that consumers should contact if they believe they are a fraud victim. Most consumers are unaware of this, and the ones who are aware are either unwilling or unable to report fraud appropriately.
Instead of looking at reporting as a vital way to get restitution for their loss and to stop the criminals from striking again, many consumers are simply calling their bank and moving on.
“I was recently asked an interesting question,” Pitt said. “I was asked, ‘Why would fraud victims report if it’s just a low dollar loss and we’re talking about, let’s say, a few hundred dollars? Is it worth their time to contact all these agencies or should they just say, it’s a few hundred dollars, let’s just forget about it?’
“That happens a lot, unfortunately. The reason to not discard your fraud reporting is because if you don’t report fraud, it can impact other victims as well. Other victims may have the same perpetrator or the same fraud ring that you had as a consumer, and that fraud will never stop if people don’t report it.”
Expanding AI Knowledge
One of the reasons cybercriminals have been able to carry out attacks on a larger scale is that they have deployed AI to do the heavy lifting. However, AI can play an equally essential role in financial institutions’ fraud prevention measures.
Organizations will first have to improve their education efforts—the Javelin report had a new set of questions this year that probed consumers’ comfort with how financial institutions utilize AI fraud prevention tools.
“What we found is over half of consumers said they had zero to little knowledge of what AI is,” Pitt said. “I know that sounds shocking to you and I—who hear about AI all the time—but clearly we’re missing the mark. If people don’t even know what it is, then they don’t know how AI can be used against them, and they don’t know how AI can be used to protect them.
“Of the people that had knowledge of AI, the majority of them were willing to allow their financial institution to use AI-powered products to help protect against fraud. If we can get the education level up to where they understand what AI is, we can get buy-in from consumers on using AI-powered tools and start using those tools.”
Combating Fraud Through Innovation
Implementing more robust educational measures and AI fraud detection tools are significant steps toward mitigating fraud. However, it is clear that bad actors have gotten a substantial head start.
This means that many institutions will have to dramatically shift their attitudes toward fraud. Banks and credit unions are highly regulated institutions that have traditionally been resistant to anything that could introduce risk.
The industry’s rules, regulations, and protocols have created an environment that has stifled innovation—exactly the ingredient needed to combat bad actors.
“Fraudsters aren’t doing that,” Pitt said. “They have no box; they have no rules. That’s how they were able to capitalize on AI so quickly and got ahead of us in that game, and quite a bit quicker than we anticipated. It’s because we’re still operating in this box.”
“What we need to do as innovative thinkers is pretend there is no box,” she said. “Start thinking of what all the possible solutions are for how we can prevent fraud and protect the organization and the customer. Pretending we had no regulations, pretending we had none of these requirements, we can at least see the solutions. Then, we need to make leaps and bounds to even catch up to this problem at this point.”
