Fraud trends: How merchants can stay ahead of AI‑Driven threats

The fraud landscape has been shifting rapidly over the past few years, setting the stage for the challenges merchants now face heading into 2026. 

By the end of 2024, global eCommerce fraud losses had already reached historic levels, with online merchants losing an estimated $115 billion to fraud in a single year, and losses growing at a compounding annual rate of more than 27%. Automated attacks surged as well: Malicious bots accounted for 37% of all internet traffic in 2024, overtaking human traffic for the first time, a shift driven largely by attackers’ rapid adoption of generative AI.  

In 2025, the picture became even clearer. Account takeover attacks increased by 250% in 2024, compromising more than 6 million consumer accounts across retail, travel, and digital commerce platforms, despite most targeted organizations already having bot‑detection tools in place. At the same time, synthetic identity and AI‑generated document fraud surged, with some regions seeing triple‑digit growth rates year over year as fraudsters used generative AI to create convincing identities capable of bypassing traditional KYC checks.  

Post‑transaction abuse also accelerated. By late 2024, merchants reported that friendly fraud represented 50% or more of their disputes, and major card networks warned that the figure could be even higher for some merchants. These losses didn’t just impact fraud teams; they directly eroded margins, increased operational costs, and forced merchants to rethink refund, returns, and customer trust policies.  

Together, these trends laid the groundwork for the 2026 fraud environment: attacks that move at machine speed, identities that appear legitimate for months, and abuse that hides inside normal customer behavior. Fraud is no longer an isolated payments problem; it is embedded across identity, onboarding, login, checkout, refunds, and compliance. In 2026, merchants are not facing new risks so much as an amplified version of risks that legacy tools were already struggling to contain.  

Fraudsters have embraced agentic AI with astonishing speed, using it to automate and optimize almost every stage of the attack lifecycle. These systems can orchestrate phishing campaigns, generating tailored social‑engineering messages, producing convincing synthetic documents, and adapting attack routes in real time. What once required coordinated human effort can now be executed autonomously in milliseconds. Merchants report increasing volumes of highly convincing, AI‑generated interactions, including chat messages, customer‑service transcripts, identity documents, even dispute claims, that blend seamlessly into legitimate traffic. Compounding the issue, attackers increasingly deploy hybrid “bot + human” models where AI handles the initial compromise and human fraudsters handle monetization. 

As agentic fraud operations mature, merchants are seeing coordinated patterns across login, checkout, and refund flows, all happening too quickly for manual review or static rules to keep pace. The result is a new kind of arms race: one where only AI‑driven, real‑time decisioning can match the speed and sophistication of the attacks being launched. Those still relying on legacy, rules‑heavy systems are finding that by the time a rule is written, the attack it was meant to stop has already evolved. 

Synthetic identities have moved beyond sporadic use and are now considered a mainstream, highly scalable fraud vector. These identities—crafted from a blend of real and fabricated information—behave like legitimate customers, often over long periods, to build trust with merchants before striking. Internally, merchants are seeing a rise in “slow‑burn” synthetic behavior: accounts that browse, make small purchases, redeem loyalty benefits, or even contact customer support months before any fraud event occurs. Because these profiles look and act like real customers, they blend into normal behavioral baselines and are nearly impossible to catch using point‑in‑time risk checks. 

In 2026, synthetic fraud is also becoming increasingly omnichannel. Fraudsters allow these synthetic customers to interact across web, mobile apps, and even physical store environments to deepen perceived legitimacy. Without continuous identity assessment, behavioral biometrics, and cross‑merchant network intelligence, merchants have little ability to detect the subtle anomalies that give these identities away. The shift from “verify identity once” to “establish continuous identity trust” is now crucial for staying ahead of this quietly expanding threat. 

Credential abuse remains one of the most pervasive and damaging fraud trends for merchants, with the majority reporting attempts against their platforms. Massive breaches and credential dumps have made stolen login data abundant and cheap, allowing fraudsters to run high‑velocity credential‑testing attacks with minimal cost. During peak retail periods when login volumes naturally spike, attackers exploit the surge to mask automated activity and overwhelm rate‑limiting systems. 

What makes 2026 particularly challenging is the rise of sophisticated automation paired with AI‑generated spoofing behaviors. Fraud rings now simulate human‑like sessions, replicate common browsing patterns, and bypass bot‑detection systems designed for older forms of automation. Once accounts are compromised, fraudsters quickly exploit stored credentials, loyalty balances, saved cards, and subscription settings. By the time a merchant detects misuse, the damage is often already done. Risk‑based authentication and behavioral intelligence have become essential to distinguish illegitimate access from legitimate customer behavior without adding friction. 

While third‑party fraud continues to rise, merchants are increasingly reporting that first‑party and policy abuse are growing even faster. Friendly fraud (i.e., customers disputing legitimate purchases) is now responsible for a significant portion of merchant fraud losses. But the issue extends far beyond chargebacks. Refund manipulation, false “item not received” claims, empty box returns, coupon stacking, and loyalty‑point exploitation are becoming everyday challenges for businesses across sectors. 

The shift toward more flexible return policies, rapid fulfilment, and instant payouts has unintentionally opened the door to new forms of low‑risk, high‑reward abuse. Merchants that once relied on customer‑centric leniency are now reevaluating their refund, returns, and promo operations through a fraud‑focused lens. Behavioral history, delivery confirmation, device consistency, and trust scoring are emerging as critical tools for reducing losses without introducing excessive friction into the customer experience. As these abuses scale, merchants adopting first‑party fraud detection will be better positioned to protect revenue and preserve margins. 

Regulatory and network-level pressures are reshaping how merchants manage fraud. Visa’s VAMP program directly ties merchant fraud rates to enforceable risk thresholds, creating commercial consequences for organizations that fail to maintain acceptable fraud levels. At the same time, PSD3 introduces stricter authentication requirements and obliges merchants to adopt more intelligent, adaptive security controls across their payments stack. 

Meanwhile, Nacha’s 2026 mandate demands risk‑based ACH fraud monitoring, continuous assessments, and auditable controls—not periodic reviews. These shifts represent a broader industry movement toward real‑time compliance accountability. Merchants can no longer rely on fragmented systems or delayed reporting. Instead, they must implement centralized fraud orchestration platforms capable of evaluating risk across identity, payments, and post‑transaction flows with full auditability. The upside: Merchants who modernize these processes gain not only compliance but conversion uplift, trust, and operational resilience. 

2026 marks a turning point where fraud becomes faster, more autonomous, more intelligent, and more intertwined with infrastructure, identity, and compliance. Many merchants still rely on legacy fraud solutions built around static rules and siloed data. These systems cannot adapt quickly enough to emerging fraud patterns, nor can they interpret complex behavioral signals across multiple channels. As threats evolve, merchants with outdated stacks experience higher fraud losses, increased false declines, and reduced customer trust. The operational burden grows as fraud teams spend more time reviewing alerts and less time optimizing strategy. The industry is moving decisively toward AI‑powered orchestration platforms that provide real‑time intelligence, unified signals, and automated decisioning—capabilities essential for remaining competitive in 2026. 

Fraud prevention has historically been viewed as a cost center, but leading merchants are reframing it as a source of competitive advantage. Smarter decisioning increases approval rates, reduces false declines, preserves customer satisfaction, and unlocks revenue otherwise lost to friction or fraud. Merchants leveraging advanced fraud orchestration are seeing direct improvements in conversion and lifetime value. In an era where customer expectations for seamless experiences continue to rise, fraud strategy becomes inseparable from commercial success. 

Winning merchants will be those who: 

• Deploy AI that acts in real time and use machine‑speed decisioning to stop fraud at login, checkout, and refund moments, before losses occur and before customers feel friction
• Orchestrate fraud controls across the full customer lifecycle by connecting identity, authentication, payments, refunds, and post‑transaction activity into a single decisioning layer, instead of managing disconnected point solutions 
• Continuously prove trust, not just verify identity once, combining behavioral signals, device intelligence, and transaction context to reassess risk dynamically as customer behavior evolves over time 
• Design compliance into everyday fraud operations which meet regulatory and network requirements through continuous monitoring, auditable decisioning, and centralized controls—not last‑minute remediation  

What comes next 

Understanding the fraud trends shaping 2026 is only the first step. The real advantage comes from seeing how leading merchants are already using AI to stop fraud earlier, reduce false declines, and protect revenue without adding friction for good customers. Improve customer service and prevent fraud with ACI Fraud Management.