Visa (NYSE: V) has released its latest online / digital threats research report, underscoring a significant evolution in the payments fraud landscape. As network-level security measures grow more robust, fraudsters are pivoting toward sophisticated social engineering tactics enhanced by artificial intelligence. These approaches focus on deceiving individuals into voluntarily approving transactions rather than attempting direct technical breaches.
The report, drawing on data from Visa’s network, indicates that scams now represent the main form of consumer payment fraud.
Between July and December 2025, the company detected close to $1 billion in scam-related transactions.
Perpetrators typically impersonate reputable organizations, create artificial urgency, and guide victims through seemingly legitimate payment processes, bypassing the need for system intrusions.
Paul Fabara, Visa’s Chief Risk and Client Services Officer, emphasized the dual nature of progress in payment security.
“While transactions at the network level are becoming increasingly protected, emerging threats are advancing at an unprecedented pace,” he noted.
Criminals are shifting their focus from technological vulnerabilities to human psychology, leveraging manipulation, time pressure, and AI tools to erode trust.
Effective responses, according to Fabara, demand ongoing technological advancements alongside collaboration among financial institutions, retailers, regulators, and the entire payments industry.
The report outlines four key developments reshaping global payment risks: First, established security protocols are proving quite effective, yet fraud patterns are adapting.
Incidents involving device tokens fell by 9.6 percent in the second half of 2025 compared to the prior year, demonstrating the overall effectiveness of enhanced authentication methods.
Nevertheless, overall fraud attempts continue to climb as bad actors seek new entry points.
Second, scams are surging as the primary consumer threat. Fraudsters now favor psychological manipulation over technical exploits, making these attacks harder to detect via traditional system monitoring alone.
Third, artificial intelligence is reshaping the ecosystem for cyber-attackers as well as defenders.
On the criminal side, AI lowers the technical expertise required to craft highly persuasive scams, enabling rapid scaling of operations through simple automated prompts.
Conversely, security teams are harnessing AI to identify and interrupt suspicious activities earlier in the transaction process. Finally, the ransomware landscape shows mixed signals.
Global ransomware incidents rose 26 percent year-over-year in the monitored period. However, the proportion of victims paying ransoms dropped to a record low of 23 percent.
This decline reflects stronger organizational resilience, improved data recovery options, and growing reluctance to pay when information leaks remain a risk regardless.
Michael Jabbara, Senior Vice President for Payment Ecosystem Risk and Control at Visa, highlighted AI’s effect on fraud.
“Advanced tools have dramatically reduced the skills barrier for committing fraud,” he explained.
“Operations that previously demanded specialized expertise can now be launched with minimal effort. This underscores the urgent need for intelligence-based protections and unified efforts across the ecosystem to intervene before threats impact everyday users.”
Visa continues to focus on positioning itself at the center of these pressing challenges through responsible innovation and key ecosystem collabs.
The report provides informative insights for industry professionals seeking to stay ahead of evolving risks. Visa has concluded in the report that as digital payments expand and become more efficient, careful vigilance against human-targeted deception will remain essential for ensuring a frictionless customer experience and system integrity.