The latest edition of Sift’s Digital Trust Index describes an ever-evolving world of fraud, one where different access points are being used and old methods are becoming less popular.
Fraud is increasingly being committed earlier in the life cycle as criminals look to compromise credentials and otherwise gain unauthorized account access. That entry allows them to exploit stored payment methods, redeem loyalty balances, and place fraudulent transactions. Those transaction gain legitimacy because they appear to originate from trusted users.
“Consumer experiences reinforce this trend,” the report states. “A meaningful share of users report encountering both account takeover and payment fraud, illustrating how attacks frequently move across multiple stages of the digital customer journey.”
Global e-commerce fraud is predicted to grow at 19% CAGR through the decade’s end; annual losses are expected to top $107 billion by 2029. True organizational costs are much higher, as that doesn’t include expenses related to investigations, dispute management, customer support, and prevention. Add that in and fraud can cost a company close to 10% of annual online revenue.
This comes amidst a surge in digital activity. Total transaction volume is up 18% from 2024, so more organizations are handling more activity across payments, accounts and devices. This naturally attracts criminals, too.
Data also shows that certain industries are more popular account takeover targets. Top fraudster choices are internet and software programs and digital commerce and travel platforms (due to large numbers of accounts and stored credentials). Finance and fintech saw lower average rates. For consumers, social media and financial accounts are top targets, with food delivery, e-commerce and subscriptions also highly ranked.
“Authentication remains one of the most important defences against credential-based attacks, but organizations must balance stronger controls with a smooth customer experience,” the report states. “Across the Sift network, two-factor authentication (2FA) adoption fluctuated during 2025, declining through the middle of the year before rising again toward the end. The increase later in the year suggests many organizations strengthened authentication requirements following periods of elevated account takeover activity.”
Consumers remain security conscious, with most taking extra steps to secure their accounts. More than 90% would accept extra verification if it reduces risk.
Four sectors saw payment fraud attack rates north of 3%:
- Travel ticketing 4.85
- Food/delivery 3.54
- Internet/sfotware3.42
- Finance and fintech 3.04
Where do customers experience payment scams?
- Banking/financial 41%
- Subscriptions 23%
- Social media 20%
Fraud rates by payment method
- Points/rewards 5.2
- Financing 4.3
- Cryptocurrency 4.2
- Digital wallet 3.8
The stakes are high for companies associated with a successful fraud campaign. If 100 consumers are victimized, 52% will stop using that brand, and 37% will weigh the company’s response. Only 11% would still definitely use the brand.
Almost three in four have abandoned an online purchase because of fraud fears. Roughly 23% are unfamiliar with AI agents while 12% use them regularly.