While AI drives innovation, B2B payments expert Brandon Spear cautions that companies need to also adopt strategies to address the surge in fraud and cyberattacks
Digital transformation has unlocked significant advantages, but it has also introduced new vulnerabilities—most notably, business identity theft. The scale of this threat highlights the urgency of stronger corporate defenses, as fraudsters increasingly deploy websites that appear credible yet hide malicious intent, a tactic known as website spoofing. In fact, in 2024, 35% of UK businesses experienced impersonation through email or online channels.
The challenge isn’t new, but Artificial Intelligence (AI) is making these fraudulent sites far more sophisticated, spanning multiple layers of pages, subpages, and redirects, all while preserving a convincing veneer of legitimacy. This creates a troubling cycle: as businesses strengthen their fraud defenses, fraudsters counter with increasingly sophisticated tactics.
The urgency is clear. Data breaches reached a record high in 2023, and the reality is most businesses recover less than 10% of what is lost to fraud. By 2025 only 25% of people think organisations are doing enough to protect customers’ personal data. For retailers and e-commerce merchants, this makes strengthening cyber, and now AI-resilient, defenses essential for survival.
An AI-enabled threat landscape is more dangerous
The risks are made more complicated by the shift to cloud technologies and digital B2B business suites. Businesses now operate in a far more complex threat landscape. The centralisation of data in cloud systems gives attackers the ability to compromise multiple endpoints at once, multiplying the impact of any successful breach.
As operations become increasingly digital, fraudsters can also manufacture large volumes of fake data. AI enables them to create convincing malware and fraudulent communications at scale. Where traditional fraud once required significant manual effort and technical expertise, tasks like hacking and phishing can now be largely outsourced to AI.
Phishing, in particular, has experienced an AI-driven boom. Sophisticated attacks are generated using emotional triggers to manipulate individuals. Unlike consumer-focused scams, B2B identity fraud often targets employees with access to financial systems or sensitive data. These attacks can be carefully and convincingly personalised, appear legitimate, and exploit AI’s ability to research targets online and generate highly convincing approaches—automating what once demanded advanced skill and time.
In the context of B2B payments, fraudsters can generate fake invoices, purchase orders, or payment instructions that closely mimic legitimate communications. In organisations managing high transaction volumes or complex approval workflows, these AI-generated documents can be nearly impossible to distinguish from authentic ones.
Set a ‘thief’ to catch a ‘thief’
To minimise risk, every stage of the order-to-cash (O2C) cycle, from invoice creation to payment processing, demands close scrutiny. Yet traditional ERP systems often fall short, lacking the advanced fraud-detection capabilities needed to counter today’s threats. These platforms were designed for a time when employee access was assumed trustworthy, processes were predictable, and AI-driven fraud wasn’t on the horizon. Now, however, disputes, late payments, AI-powered attacks, and operational challenges such as reconciliation gaps create openings for fraud that legacy systems were not built to address.
The rapid pace of AI-enabled fraud makes swift detection and response critical. Sophisticated real-time monitoring and analysis is the armour necessary for effective fraud prevention. Security teams must continuously analyse transaction data, spot anomalies, and flag suspicious activity for immediate review.
Partnerships and composability are the future
Addressing these challenges requires sophisticated technology, efficient processes for investigation and response, and partnering with fraud-prevention experts. A composable approach, in which businesses outsource specific functions to specialised organisations, can further strengthen security. Collaboration with third parties for real-time decision-making and credit risk assessment, along with robust identity verification such as payment card validation and address verification, helps prevent AI fraud.
Adding multi-factor authentication (MFA) further enhances security by making it significantly harder for bad actors to gain unauthorised access. Continuous, 24/7 monitoring of accounts and transactions also enables businesses to detect suspicious activity in real time and respond immediately to prevent potential losses.
Our enterprise payment solution customers are turning the tables on cybercriminals by harnessing AI to their advantage. Organisations are using AI to validate the authenticity of invoices, purchase orders, and payment instructions before processing. In the best cases, modern advanced B2B payment platforms further bolster security by ensuring every stage of the procurement and payment process is auditable, well-documented, and fully traceable—promoting accountability and making unauthorised changes easier to detect.
Staying one step ahead of the fraudster
Addressing AI-enabled fraud while maintaining operational efficiency requires finding the right balance between security, usability, and cost-effectiveness. We are actively strengthening defences for our customers, including by supplementing data sources to detect fraudulent applications more effectively.
No matter how sophisticated AI makes the bad actors, businesses can stay ahead by adopting advanced technologies, leveraging AI themselves, partnering with fraud-prevention experts, and implementing robust identity verification. With diligence and the right tools, this is a fight we can and will win, for the sake of our customers.
