- Key Insight: Fraud is no longer the province of individual scammers, but the product of a burgeoning industry of its own.
- What's at Stake: Operational defenses risk being overwhelmed without significant changes.
- Forward Look: Bankers need to take a clear-eyed look at the new fraud landscape and adjust their systems to reflect the new level of danger.
Source: Bullets generated by AI with editorial review
If there's one lesson 2025 reinforced, it's this:
Over the past year, I've shared hundreds of observations on
In 2025, fraudsters didn't just steal accounts — they repurposed them.
Bank accounts, credit lines, business entities, aged emails and even government benefit identities increasingly functioned as infrastructure. On Telegram and darknet markets, vendors openly advertised "aged" personal and corporate accounts, wire-transfer services, funnel accounts and mule recruitment pipelines. Proof-of-transfer videos became marketing tools. Laundering moved from an afterthought to a core product.
What stood out wasn't just the volume, but the coordination. What once looked fragmented now resembles a supply chain: identity sourcing, grooming, monetization and laundering, often handled by different actors specializing in each stage.
This shift helps explain why suspicious wire activity, account takeovers and mule-enabled transfers surged in parallel. When fraud becomes infrastructure, scale follows.
One of the most persistent myths in fraud prevention is that identity theft begins with data breaches. In 2025, the evidence told a more complicated story.
But breaches weren't irrelevant. When identities appeared on darknet markets, nearly all of them were eventually used in fraud attempts, often repeatedly, by multiple actors, across years. These weren't one-and-done events. They were long-tail exploitation cycles.
The takeaway was clear: Exposure matters, but where and how an identity is exposed determines how aggressively it will be used.
Much of the conversation this year focused on artificial intelligence and deepfakes and how those tools played an increasing role in identity crimes and scams. Face swaps, synthetic video, voice changers and gen AI-generated IDs were all observed in live fraud operations.
But what stood out wasn't just the sophistication of these tools, but also the coordination.
Romance fraud wasn't a lone scammer behind a keyboard. It was a team effort: One person running the script, another managing the face-swap, others coaching in real time. Check fraud required collectors, washers, runners and cash-out partners. Student loan fraud came with tutorials, identity bundles and step-by-step playbooks.
Even simpler tools like signature stickers, aged Amazon accounts and Google Translate's speech features were effective because they fit into well-understood workflows.
Fraud succeeded not because every actor was brilliant, but because the system was organized.
Check fraud has risen 385% since the pandemic, with criminals using stolen mail and digital tools to deceive major financial institutions.
Another pattern that repeated throughout the year: Fraudsters didn't target "the careless."
They went after former international students and immigrants whose U.S. identities remained active but unmonitored; draft-eligible athletes before they had professional protections in place; retirees, disabled individuals and benefit recipients; and mid-to-high-income homeowners with stable credit profiles.
Even death row inmates, whose identities were assumed to be unusable, became targets.
Fraud wasn't just opportunistic anymore; it became more strategic. Identities were selected based on expected resistance, not just availability.
And, critically, many victims never realized what had happened until months or years later.
Banks warned customers relentlessly in 2025: Don't click links. Don't share codes. We'll never text you.
And yet, people still clicked.
Research I co-authored this year confirmed what many practitioners suspected: Fear-based messaging produces short-term compliance at best. What worked better, and lasted longer, was empowerment. When people were told how specific actions reduced their risk, protective behavior persisted.
The implication is uncomfortable but necessary: Customer education must be treated with the same rigor as transaction monitoring. Messaging is a control. And controls should be tested.
If you spent time in the fraud underground in 2025, one of the most striking features was the evolution and increased importance of customer service. To attract new customers and retain existing ones, vendors offered seasonal promotions, bulk discounts, referral bonuses, quality guarantees and holiday greetings. Some even sent gifts to victims to build trust during long-con romance and investment scams.
This wasn't accidental. Fraud markets borrowed heavily from legitimate e-commerce because it works. Trust, rapport and reputation matter, even in illicit economies.
That professionalization makes disruption harder. Taking down a single actor doesn't collapse the market. Just like in the legitimate economy, when one competitor goes out of business, there are plenty of others ready to fill the demand for products and services.
Studying fraud isn't risk-free. Publicly documenting networks, markets and tactics can provoke retaliation, as I learned the hard way.
Just as important, however, was how my experience reinforced why this work matters. Fraud thrives in obscurity. Careful, evidence-based and responsible illumination remains one of the few tools that consistently raises the cost of crime.
If 2025 taught us anything, it's that fraud will continue to evolve incrementally, not dramatically. There will be no single tool, model or regulation that "solves" it. Progress will come from our ability to better understand fraud as a system, connecting upstream intelligence with downstream impact, and recognizing that fraudsters adapt fastest where institutions assume stability.
Fraud isn't static. Neither can our thinking be.
