The pandemic hardwired always-on digital habits — frictionless payments, remote work and collaboration, same-day eCommerce — that never snapped back, creating a permanently (and exponentially) larger attack surface. Since 2019, the volume of suspected digital fraud attempts has surged 80% globally and 122% for U.S.‑originating transactions.
At the same time, cheap and accessible AI tooling has put capabilities once reserved for advanced criminal groups — hyper‑realistic phishing, deepfake IDs, scalable social engineering — into the hands of almost anyone with a laptop. Stateside, consumers reported losing more than $12.5 billion to fraud in 2024 alone, a 25% jump over the prior year, driven not by more complaints but by a higher share of attacks that successfully extract money. Together, these trends define a new era of fraud acceleration: post‑COVID digital behaviors that expose more value online, and AI that enables both opportunistic scammers and organized syndicates to industrialize attacks across every channel.
The Post-COVID Digital Rachet
Post‑pandemic, fraud is riding on the coattails of digital growth. Between 2019 and 2023, suspected digital fraud grew about 105%, outpacing even the roughly 90% growth in digital transactions over the same period — a clear sign that attackers are scaling faster than the underlying commerce. Over roughly the same period, U.S. fraud complaints have risen by 135% and identity‑theft reports by 160% compared with 2019, signaling a structurally higher baseline of digital crime rather than a transient COVID spike. This is the “digital ratchet” in action: once commerce and customer interaction shifted online at scale, the attack surface stayed large even after the public‑health crisis faded.
The payments and banking stack has been rewired for speed, which changes the fraud equation. Real-time payments have become ubiquitous across major markets, compressing settlement windows and pushing more value through instant channels where, once funds move, they are effectively gone. For executives, the implication is that fraud risk is no longer a marginal cost of digital innovation; it is a built-in feature of the post‑COVID operating model. A larger, always‑on digital surface — more logins, more remote onboarding, more real‑time payment endpoints — creates more front doors for attackers, who can iterate on exploits faster than most controls, processes and talent models are evolving to contain them.
AI as Force Multiplier
Off‑the‑shelf generative tools now write fluent, localized phishing emails, mimic corporate tone and branding and spin up endless variants, collapsing the effort required to run good enough scams at scale. Deepfake audio and video, once a research novelty, can now convincingly imitate an executive’s voice on a hurried CFO call, or generate a believable selfie to defeat basic KYC checks. The net effect is that what used to require a capable, organized group with language skills, design resources and time to iterate, can now be executed by a single actor who knows how to prompt a model.
When outreach can be automatically personalized to thousands of targets, with scripts that adapt in real time to live responses, and synthetic identities can be spun up to bypass low‑to‑mid maturity controls, conversion rate goes up and the marginal cost per fraud attempt goes down. In fact, 90% of companies report being targeted by cyber fraud in a single year, 86% report actual monetary losses, and the use of generative‑AI tactics like deepfakes has jumped more than 100% year‑over‑year — clear evidence that more attempts are turning into real loss events. Attacks are leaping from what used to be considered noise into actual loss events, showing up as first‑party abuse, account opening fraud and authorized push payment scams, all challenging scenarios to repudiate or recover. In other words, AI is pushing fraud from the periphery of operations into the core revenue and loss equation, forcing risk and product leaders to treat it as a strategic design constraint rather than an after‑the‑fact control problem.
Industrialized Fraud, Horizontal Impact
Instead of being intermittent and isolated instances, fraud operates like a end-to-end supply chain: data‑harvesting crews, document‑forgers, mule‑herders, call‑center scammers and cash‑out specialists all plugging into shared infrastructure. As‑a‑service offerings for malware, phishing kits, deepfakes and synthetic identities mean the fixed costs of standing up a serious operation are dramatically lower, and capacity is easy to scale up or rent. For legitimate businesses, this matters because the attackers on the other side of the screen increasingly behave like competitors — measuring ROI on campaigns, reallocating resources to whatever channels, products and regions show the highest payout and weakest controls.
This industrialization cuts across verticals in ways that traditional fraud taxonomies often miss. The same synthetic identity that opens a buy‑now‑pay‑later account can be re‑used to create a money‑mule profile at a digital bank, to claim a refund in eCommerce or to abuse promo credits in a SaaS product. Authorized push payment scams that begin on a social or messaging platform can end in a bank, a brokerage or a crypto exchange, with liability and reputational damage distributed unevenly along the chain. That horizontal nature of modern fraud means risk leaders in banks, fintechs, eCommerce and even software and media companies are now grappling with a shared problem: attackers see a single, contiguous digital landscape where defenses are still designed firm‑by‑firm and product‑by‑product.
The Strategic Question for Leaders
The uncomfortable conclusion is that fraud is more than a control problem; it is a market‑shaping force. Product, go‑to‑market and operating decisions that don’t explicitly consider fraud economics — time‑to‑cash versus time‑to‑detect, customer delight versus impersonation risk, automation versus accountability — are effectively subsidizing attackers. Left alone, the post‑pandemic digital ratchet plus AI as force multiplier will keep shifting value from legitimate participants to increasingly professionalized criminal networks. That shows up not only as direct write-offs, but also as higher customer-acquisition costs, more abandoned applications and lower trust in digital channels.
The opportunity, and the challenge, is to architect fraud resistance horizontally rather than bolt it on vertically. That means treating fraud patterns that cut across credit, payments, onboarding, and support as a shared signal asset; designing products so that high‑risk flows carry their own friction and telemetry; and aligning incentives so revenue owners are rewarded for sustainable growth, not just gross volume. It also means collaborating beyond your own four walls: sharing intelligence with peers, working with platforms that sit earlier in the customer journey, and engaging regulators on frameworks that reflect how fraud actually works today. In a fraud acceleration era, the real differentiator is engineering digital business as if fraud and risk were core system properties of every interaction.
