TrustSphere
 

Elder financial exploitation is now one of the fastest growing categories of consumer fraud in developed economies, yet it remains substantially under-detected by the controls banks have historically deployed. The victims are often long-standing, profitable customers with steady income, low charge-back exposure and clean KYC profiles — precisely the characteristics that traditional monitoring rewards rather than interrogates. In the United States alone, reported losses by con

In an era dominated by real-time payments, instant P2P apps and cross-border stablecoins, check fraud should by rights be a dying typology. Instead, US banks reported more than two million check fraud cases in 2025 and losses have continued to climb. Across parts of Europe and Asia, check-equivalent instruments have seen similar criminal resurgence. The paradox is that the same digital modernisation that was supposed to kill the check has in fact given criminals easier access

Business Email Compromise has persisted as the most financially damaging category of cyber-enabled fraud for most of the past decade, and 2026 has provided no reason to expect that pattern will change. Losses reported to law enforcement worldwide are approaching USD 60 billion cumulatively, with individual events routinely exceeding seven figures. What has changed is the operational sophistication of the attackers. Generative AI, voice cloning and adversary-in-the-middle phis

For two decades, cyber and fraud have lived in adjacent but separate operational silos, with different leadership, tooling, and metrics. That separation has become indefensible. Modern attacks rarely respect the boundary between credential theft, account takeover, social engineering, and downstream payment fraud. Tier-1 banks need a single operational picture across cyber and fraud, with shared telemetry, casework, and accountability.

Ransomware has long been treated as a cyber problem with a financial crime tail. That framing is no longer tenable. With ransom payments increasingly routed through regulated financial institutions, sanctions exposures embedded in the threat-actor ecosystem, and disclosure rules tightening on both sides of the Atlantic, ransomware now sits squarely on the AML and sanctions risk register.

Real-time payment rails have become the default in major economies, and authorised push payment scam losses have followed them upward. When funds settle in seconds, the window for traditional rules-based monitoring collapses, and the receiving bank's ability to identify mule behaviour at first deposit becomes the most important control in the chain. The control stack must move at the speed of settlement.

Generative AI has moved scams from a labour-intensive cottage industry to an industrial supply chain. Voice clones cost a few dollars per minute, deepfakes defeat live video verification, and large language models draft fluent lures at scale. Banks need to assume synthetic content is the norm in their inbound channels and design layered controls accordingly.

Generative AI has moved from novelty to weapons-grade in less than three years. Voice cloning that requires fewer than fifteen seconds of source audio, deepfake video that survives liveness checks, and large-language-model-generated phishing prose that is grammatically flawless in any language have collectively dismantled the heuristic defences on which most consumer fraud detection has historically relied.

Generative AI has done for fraud what cloud computing did for legitimate business: it has industrialised what used to be artisanal. Voice cloning, synthetic video, LLM-driven phishing and persona-as-a-service offerings are now stitched together into end-to-end attack stacks that no individual fraud control was designed to detect.

Chargeback volumes are climbing again across card-not-present commerce, and the dominant driver is no longer organised criminal fraud but first-party misuse — customers disputing legitimate purchases for convenience or buyer's remorse. The frictionless refund era is ending; the next phase will reward institutions that can tell genuine fraud, friendly fraud, and merchant error apart at speed.

Synthetic identity fraud has crossed the threshold from niche typology to systemic risk in 2026. Generative AI has industrialised every step of the synthetic identity supply chain — from inventing plausible biographies to producing photorealistic ID documents and animated liveness footage — and the cost of producing a 'good' synthetic now sits well below the value of a single approved retail credit line.

Visa Compelling Evidence 3.0 was the most consequential change to the card-not-present dispute regime in a decade. A year on, the rebalancing of issuer and acquirer liability is producing a clear pattern of winners and losers — and quietly reshaping how merchants, processors and banks invest in dispute defence.

The 2024 Hong Kong incident, in which a finance employee was tricked into wiring USD 25 million after a fully synthetic video conference with what appeared to be the CFO and several senior colleagues, was treated at the time as a cautionary one-off. Two years later it looks more like an opening shot. Generative AI has industrialised the production cost of executive impersonation, and treasury and accounts-payable functions are now squarely in the crosshairs. Regulators have n

Chargeback volumes have outpaced card spend growth for three consecutive years, and what was once treated as a back-office dispute workflow is now a strategic loss line for issuers and merchants. The growth is no longer driven by classical card-not-present fraud — it is being driven by first-party misuse, where the legitimate cardholder disputes a transaction they recognise. This shift is forcing a fundamental rethink of evidence, liability and dispute economics.

Agentic commerce has moved past the demonstration phase. AI agents now research products, negotiate terms, and complete checkout on behalf of human principals at meaningful daily volumes. The fraud and identity controls built for human-driven e-commerce assume a single, attentive customer in front of every transaction. That assumption no longer holds, and the implications for issuers, merchants, and payment networks are still being worked out.

Romance fraud has been the quietest billion-dollar problem in financial services for a decade. In 2026 it has stopped being quiet. The combination of cheap multimodal generative AI, off-the-shelf "persona farms" sold openly in dark-web marketplaces and the maturation of pig-butchering playbooks has industrialised a crime category that used to be artisan. The FBI's 2025 IC3 report logged $4.3bn in confirmed romance and investment-impersonation losses in the United States alone

AI agents are now placing orders, comparing prices and completing checkouts on behalf of consumers and businesses, and the volume of agent-initiated commerce is compounding faster than the trust frameworks that are supposed to govern it. The fraud surface looks unfamiliar because the buyer is not a person — and most of the industry's authentication, mandate and recourse models assume that it is.

Quishing — phishing via malicious QR code — has graduated from a niche social-engineering technique to a mainstream payments attack. The combination of post-pandemic QR ubiquity, account-to-account payment rails activated by camera scan and the ease with which a printed sticker can overlay a legitimate code has produced a year-on-year growth rate that few internal fraud teams budgeted for. The UK's Action Fraud reported a 587% rise in QR-code phishing reports between 2023 and

The UK's mandatory APP-scam reimbursement regime has been in force since October 2024, and the scheme data is finally giving us a clean picture of what works at the point of payment and what does not. The headline finding is straightforward — Confirmation of Payee, in its first-generation form, was a useful but porous control, and the 50/50 reimbursement liability split between sending and receiving PSPs has placed real economic pressure on both sides to do better. Confirmati

Agentic commerce — where AI agents browse, compare, and complete purchases on behalf of their human principal — is moving from research demonstration to live deployment. Major platforms and payment providers are publishing protocols, identity frameworks, and merchant onboarding specifications designed to let autonomous agents transact at scale.