As we pass the quarter century mark into 2025, we have access to more data than ever before on consumer spending habits and fraud trends. Using the 2024 MRC Global Survey, Sift’s Fraud Industry Benchmarking Resource (FIBR), and newsworthy stories, Julie Fergerson, CEO of MRC, and Brittany Allen, Senior Trust and Safety Architect at Sift, share their insights on how businesses can fit into the changing landscape of fraud.
2024 Fraud Trends
Brand abandonment and post-purchase fraud, such as refund policy abuse and first-party misuse, posed significant challenges for merchants globally. There was also a notable rise in account takeover incidents and scams, damaging consumer trust and business reputation.
Brand Abandonment Kills Growth
When consumers encounter fraud, they are quick to abandon brands. 2024 Sift research found that 76% of consumers would stop shopping on a site whether they have been a victim of payment fraud, while 80% would stop due to an account takeover. Even one bad experience is enough to lose a customer’s business for good, leading to lost revenue, hindered life-time value, and higher customer acquisition costs.
“Fraud can come from many different angles and there can be many different types of fraud, but all of them in the end can affect whether an individual is comfortable still using your site or interacting with your platform,” explained Allen.
Post-Purchase Attacks Move to #1
For the first time, post-purchase fraud, including refund abuse and first-party misuse, topped the list of fraud types experienced globally. This shift negatively impacted 38% of merchants’ ability to manage fraud effectively. Notably, only 67% of merchants actively reviewed non-fraud chargebacks and declines, indicating a significant area for improvement.
Ferguson added, “One of the things that we also have noticed is as the economy gets worse or people get a little bit leaner on their budgets, these kinds of fraud attacks go up. Things are still pretty tight across the planet right now, so I think that we will see more of the same for the next couple of years. I’d recommend looking at any resources that you can to learn about what attacks may be the most common on your site.”
Account Takeover (ATO) on the Rise
The average ATO attack rate saw a significant 24% increase across the Sift Global Network in Q2 2024 compared to the same period in 2023, rising from 2.9% to 3.6%. Marketplaces were particularly hard hit, with a 90% increase in ATO attack rates. Alarmingly, in 38% of successful ATOs, stored payment methods were exploited for unauthorized purchases. Additionally, 37% of consumers reported seeing offers to participate in account fraud, with 21% knowing someone who perpetrated ATO, highlighting the pervasive nature of this issue.
The Year of Scams
Scams reached unprecedented levels in 2024, with more than $1 trillion lost globally. The vast majority of victims (70%) failed to report these incidents, indicating a significant gap in law enforcement reporting. Electronic transfers, bank transfers, and e-wallets were the most targeted payment methods. Shockingly, 7% of individuals were willing to act as money mules, facilitating fraudulent transactions to meet basic needs.
Predictions for 2025
Every year brings a new set of risk-based challenges and opportunities. Regulatory changes, including BNPL regulations in the UK and Visa’s new VAMP program, are expected to impact the industry, along with evolving AI laws that will challenge compliance efforts. Additionally, the industry is anticipated to see a shift towards cyber-fraud fusion teams as companies enhance their approach to online fraud detection.
ATO to Remain a Top Concern
Research shows that nearly 70% of security leaders view account takeover attacks as the greatest concern to their organizations. Certain industries, however, are more heavily targeted than others. Social media, subscription services, and bank or credit card accounts are expected to remain prime targets for ATO in 2025. These sectors offer high value for fraudsters due to their extensive user bases and stored payment methods.
Upcoming Regulations
- Buy Now, Pay Later (BNPL) Regulation in the UK: Set to take effect in 2026, new regulations will enhance consumer protections. Companies must obtain FCA authorization, be subject to supervision, and report data to credit agencies. Businesses should be aware that this regulation may expose more fraudulent activities.
- Visa Acquiring Monitoring Program (VAMP): Launching in April 2025, VAMP consolidates two programs into one, simplifying compliance, but requiring vigilance from merchants. The key focus will be on preventing chargebacks through robust authentication at the login or checkout process.
- Artificial Intelligence: AI’s role in fraud prevention and perpetration will be significant in 2025. With 28 U.S. states enacting nearly 60 AI laws by the end of 2024, businesses must ensure they adhere to these regulations and correctly implement AI technologies. AI tools, capable of making autonomous decisions, could be manipulated if not properly managed, leading to sophisticated fraud tactics.
Cyber-Fraud Fusion is the Future
Gartner predicts that by 2028, 20% of large enterprises will shift to cyber-fraud fusion teams to combat internal and external adversaries targeting the organization, up from less than 5% today.
The merging of fraud prevention and cybersecurity is expected to revolutionize the way companies combat fraud, meaning businesses must adapt and innovate in order to stay ahead of the curve. This trend is already growing, with many fraud prevention teams now reporting into cybersecurity or information security departments.
Loyalty Points are at Risk
Loyalty points emerged as a significant target for fraudsters, with a fraud rate of 6.7%. In contrast, credit and debit cards, despite higher volumes, showed a lower fraud rate. Identifying and securing unconventional payment methods such as prepaid cards and gift cards should be a priority.
“Being in the deep and dark web doing the investigations that my team does, we constantly see different strategies popping up about where certain loyalty points can be redeemed or how they could be converted to cash, how they can be used. I think that we should see more fraud prevention focusing on how to keep these points safe, how to monitor their redemption, and to bring them down as not having the most prevalent payment method by fraud rate designation,” said Allen.
Actions to Take in 2025
As 2025 marches on, the fight against fraud will necessitate vigilance, adaptability, and collaboration. By staying informed of the latest trends and regulatory changes, leveraging global insights, and fostering a collaborative environment, businesses can better defend against evolving threats. Embrace technology like AI and cyber-fraud fusion teams with caution and awareness, ensuring these tools serve as allies rather than risks. Staying ahead in fraud prevention will require a blend of traditional strategies and innovative thinking.
- Leverage Global Insights: Using global data helps frame internal findings within a broader context, assisting in explaining fraud trends to stakeholders and aligning your strategy with industry standards.
- Collaborate: Engage in community groups and special interest groups, such as those offered by the MRC, to stay updated on fraud trends and mitigation techniques. Collaboration platforms, like Sift’s customer community, Sifters, provide valuable insights and peer support.
- Get Creative: Innovative approaches, such as gamified learning modules from initiatives like picoCTF, can enhance your team’s understanding and readiness in combating fraud techniques. Conducting internal “think like a fraudster” exercises can also reveal vulnerabilities and improve defenses.
You can compare your own fraud rates against Sift benchmarks with FIBR, the first Fraud Industry Benchmarking Resource of its kind delivering crucial fraud insights to businesses across verticals and regions. Explore data in FIBR.
