Digital Transactions Authoritative, insightful and timely information for payments professionals
Thanks to criminals’ increasing adoption of artificial intelligence, cyberfraud rose 14% in 2024, according to a report from Trustpair, a provider of fraud-prevention technology.
Overall, 90% of U.S. companies were targeted by cyber fraud the past year, compared to 79% in 2023. The increase is being driven by criminals’ use of AI, according to the report. Generative AI tactics used in cyberfraud attacks, such as deepfakes and deepaudio, increased 118% in 2024, according to the report.
Deepfakes are images, videos, or audio edited or generated using artificial intelligence tools. Deepaudio allows users to separate and edit audio files. Trustpair surveyed 200 senior finance, treasury, and accounts-payable executives for the report.
The jump in cyberfraud is having a significant impact on payments. About 60% of companies surveyed said they experienced more than $5 million in payment fraud in 2024, compared to just 25% a year earlier. Some 20% of companies surveyed said payment fraud exceeded $25 million.
Payment fraud is expected to increase in 2025, but most companies are not prepared to combat it, the report says. Just less than 70% of companies still use manual methods, such as human callbacks or emails, to handle bank-account validations. By comparison, 31% use an automated account-validation tool, and 8% check supplier credentials across all stages of the procurement process.
In addition to suffering financial losses from cyberfraud, 53% of companies say cyberfraud hurt their reputation with customers. Cyberfraud also impacted a company’s reputation with investors (49%), as well as vendors and suppliers (48%).
Vendors are increasingly becoming targets for cyberfraud, with 69% of companies saying they were targeted by this type of fraud in 2024, up from 47% a year ago.
Some 63% of companies surveyed pointed to vendor fraud and wire-transfer fraud as the two leading types of fraud attacks they face and as the ones with which they are least prepared to fight.
Among the types of attacks, business email compromise and imposter email scams ranked first, with 63% of companies saying they were targeted by those scams in 2024, more than double the previous year.
Companies remain underprepared when it comes to employee training. Less than half of companies (43%) have invested in fraud-awareness training the past 12 months. One of their biggest challenges is that employees don’t always follow fraud-prevention policies (39%).
In related news, payment processor Worldpay LLC has entered into an agreement to acquire Ravelin Technology Ltd., a provider of fraud-prevention solutions for e-commerce merchants. Terms were not announced.
Ravelin specializes in identifying payment fraud, account takeover, return and refund abuse, promotion and voucher-abuse and marketplace fraud, and 3D Secure authentication.
The acquisition of Ravelin will enable Worldpay merchants to increase authorizations, the processor says by email.
Ravelin has more than 300 merchant clients globally, including audio-streaming and media-services provider Spotify AB; Trainline.com Ltd., a train-ticketing platform in the United Kingdom and Europe; Deliveroo, an online food-delivery company in Britain; and fashion brand River Island.
