Entrust, a global enabler of identity-centric security solutions, released its Identity Fraud Report. The report examines key trends, tactics, and techniques used in identity fraud in the past year, offering insights in order to help businesses protect customers and operations.
Data reveals deepfakes account for “one in five biometric fraud attempts, and instances of deepfaked selfies increased by 58% in 2025.” Other fraud tactics across biometric systems include “photo of a screen, photo of a printout, 2D and 3D masks, video of a video on screen, and video of photo on screen.”
This rise in deepfakes is part of a broader trend of “increasingly sophisticated attacks driven by injection attacks, which surged 40% year-over-year.”
Injection attacks enable fraudsters to bypass “live capture processes by feeding manipulated images or videos directly into verification systems.”
When combined with deepfakes, these sophisticated techniques can convincingly mimic users and live capture experiences, “making detection difficult without robust, multi-layered fraud prevention.”
The report also highlights trends in when fraud happens “during the customer lifecycle and how it varies by industry and business models.”
Sectors offering sign-up bonuses, such “as cryptocurrency, face the highest rates of onboarding fraud, accounting for 67% of fraud attempts.”
Meanwhile, industries with valuable, “long-standing accounts, such as payments and digital-first banks, experience higher rates of account takeover (ATO) fraud, accounting for 82% and 55% of fraud attempts targeting the authentication process, respectively.”
ATO fraud involves hijacking existing user accounts, “typically through stolen credentials, phishing, malware, or social engineering, to steal funds or harvest sensitive data.”
Building on the technical threats, the report also reveals how fraudsters are increasingly targeting individuals through “psychological manipulation.”
By using tactics such as phishing, impersonation, and coercion, fraudsters are convincing victims to “use their genuine identity, hand over sensitive data, or transfer funds.”
Physical and digital document fraud: In 2025, digital forgeries “made up 35% of document fraud – up from a 29% average between 2022 and 2024.”
Overall, there’s a higher volume of “physical counterfeits (47%), but typically the sophistication of digital forgeries is higher, driven by the online availability of AI tools.”
National ID cards most exploited: National ID cards accounted “for nearly half (46%) of all fraudulent document submissions globally.”
Fraudulent national IDs are most “prevalent in EMEA (45%) and APAC (60%), whereas AMER experiences more fraudulent driver’s licenses (37%).”
Peak activity after hours: Modern fraud operations are “highly organized and global in scale, making fraud a 24/7 business.” Data from Entrust reveals that fraud attempts peak “between 2:00 am and 4:00 am UTC, when defenses in many regions are offline.”
Fraud on repeat: Fraudsters often use a “rinse and repeat” strategy, recycling fake details across fraudulent identity documents. Commonly used elements include names “such as Jon Doe, document numbers like A12345678, and birthdates including October 16, 1986.”
The 2026 Identity Fraud Report serves as a guide to identity fraud trends and techniques threatening businesses. Via its identity verification solution, Entrust processes “millions of identity verifications each year across 195 countries.”
The report unveils insights gained on the state of remote identity fraud over the past year, based on analysis of data “collected from September 2024 to September 2025.”
The data and trends are said to be reflective of the verification space and might not always “mirror broader market trends.” Data has been “normalized by client and industry distribution.”