Dive Brief:

• Visa’s payment ecosystem risk and control group issued a report last week that analyzed fraud through the first half of 2025 to distill patterns in how criminals are using artificial intelligence and other new tech tools to commit crimes and what the card network is addressing them. The patterns “reveal how criminals are adapting faster, operating at greater scale, and exploiting structural vulnerabilities in ways that challenge conventional defenses,” the Fall 2025 Biannual Threats Report said.
• The patterns identified by Visa include the industrialization of fraud schemes to become systemic; crooks timing their use of stolen data to avoid detection; fake “everything” across merchants websites, web agents and even compliance processes; lagging legacy defenses; and third-party gaps in fending off fraud, according to the report released Thursday.
• In a separate report also issued last week, Mastercard’s Recorded Future cybersecurity unit explained how bad actors created a web of fake e-commerce activities to trick consumers, posting sham marketing come-ons and luring consumers to fraudulent merchants to steal data and snare payments.

Dive Insight:

The card networks issued their reports ahead of the year-end holiday shopping season, a period of massive and rushed online shopping as U.S. consumers prepare for gift-giving during the holidays. 

The reports explain potential traps and scammer techniques that await consumers and advise those who are engaged in online commerce, including the card networks’ merchant clients, about how to skirt potential purchasing pitfalls.

San Francisco-based Visa, which operates the largest U.S. card network, was particularly focused on how criminals are turning their long-time hacks into more sophisticated enterprises that upgrade their impersonation tricks and fake content.

“The payments ecosystem is experiencing a paradigm shift in how fraud operates,” said Chief Risk and Client Services Officer Paul Fabara in a press release accompanying the report. “Criminals are no longer working as opportunistic individuals – they’re operating like tech startups, building reusable infrastructure and deploying systematic, industrial-scale operations that challenge conventional defenses.”

Purchase, New York-based Mastercard bought Recorded Future last year for $2.65 billion as fighting fraud has become an increasingly important service provided by card companies. 

“Purchase scams present financial institutions, card networks, and other payment organizations with a financial fraud risk,” the Recorded Future report said. “Reducing this risk requires remediation that leverages scam merchant intelligence, which enables proactive identification of scam-linked merchant accounts before the fraud occurs.”

The No. 2 network’s cybersecurity unit explained how the dark web is rife with traps luring consumers into authorized payments to fraudsters that provide crooks with a quick payout and challenge companies’ intervention. Consumers being alert to potential scams is key to combatting the crimes, Recorded Future emphasized.

“The victim’s inherent participation in purchase scams limits the effectiveness of card issuers’ fraud model–based detection methods, preventing the discovery of purchase scams,” Recorded Future’s report said. “As a result, financial institutions depend on customer reporting to detect purchase scam activity and scam-linked merchant accounts.”