Visa Report: AI-Powered Scams Drive New Wave of Consumer Fraud as Traditional Defenses Improve
Visa's Spring 2026 Biannual Threats Report warns that AI-enabled impersonation and social engineering are fueling a surge in consumer scams, even as token fraud and enumeration losses decline.
Visa's Spring 2026 Biannual Threats Report reveals a fundamental shift in the fraud landscape: while core payment defenses are improving, criminals are increasingly bypassing them by targeting people rather than technology. The report, released Thursday, documents a 9.6% decline in token fraud and a 16% drop in enumeration losses from July through December 2025 compared with the same period in 2024, thanks to stronger tokenization, authentication, and network-level detection. Yet nearly $1 billion in scam activity was identified during that same six-month window, driven by AI-generated content, voice impersonation, and deepfake media that make fraudulent schemes more convincing and harder to detect.
"Payments at a network level continue to get safer, but threats are evolving faster than ever," said Paul Fabara, Chief Risk and Client Services Officer at Visa. "Criminals are increasingly targeting people rather than technology, using deception, urgency and AI‑enabled tools to exploit trust." The report underscores that attackers are redirecting their efforts toward less-defended areas such as end users and third-party dependencies, exploiting behavioral manipulation and fragmented ecosystems to pressure victims into authorizing payments themselves.
Authorization controls have inherent limits in scam prevention because transactions can appear legitimate when users approve them voluntarily. Visa's report notes that detection efforts are expanding to include identity verification, intent analysis, and indicators of manipulation. Enterprises are now focusing on identifying impersonation patterns, monitoring higher-risk channels such as search, advertising, and social platforms, strengthening trusted customer communication methods, and improving coordination between ecosystem partners to disrupt scam operations.
AI is accelerating the speed of fraud operations dramatically. Threat actors are using AI to create more personalized scams, automate workflows, and adjust tactics in real time. The report highlights that AI tools have compressed ransomware attack timelines from days to minutes. Defenders are responding by applying AI to identify anomalies earlier, stop attacks before they reach consumers or merchants, and improve detection accuracy. Organizations that rely on manual review processes face increasing pressure, driving more attention toward automation in detection, triage, and response.
Ransomware activity continued to rise during the second half of 2025, with incidents increasing 26% compared with the same period in 2024. However, victims paid less often — only 23% paid ransoms, the lowest rate on record — and average ransom payments dropped 66% from July through September 2025 compared with the prior quarter. Organizations are prioritizing operational recovery and limiting the spread of incidents after intrusions occur, with recovery time objectives, backup integrity, and measures to reduce the impact of third-party incidents becoming larger parts of ransomware planning.
"The rapid adoption of AI has fundamentally lowered the barrier to entry for fraud," said Michael Jabbara, SVP, Payment Ecosystem Risk and Control at Visa. "What once required deep technical skill can now be executed with a prompt. That reality makes intelligence-driven defenses and coordinated action across the ecosystem more critical than ever." The report calls for continuous innovation at the network level and close collaboration across banks, merchants, policymakers, and the broader payments ecosystem to address the evolving threat landscape.
Visa's findings align with broader industry trends showing that social engineering and AI-enabled impersonation are becoming the dominant vectors for consumer fraud. As traditional payment security measures improve, criminals are adapting by exploiting human trust and the speed of AI-generated deception. The report serves as a warning that the payments industry must evolve its defenses to counter threats that target people, not just technology.