Agentic commerce has ushered in exciting times for retailers this holiday season and it’s only set to further shape the industry’s future. However, the widespread deployment of agentic AI is not without risk. The same awe-inspiring automation that powers agentic commerce also exposes a critical attack surface primed for sophisticated threats.
Until retailers reach for safer, more reliable methods of establishing trust, the proliferation of the technology could trigger a rise in agentic AI scams. The threat would shift from traditional, human-powered phishing techniques to fully autonomous, multi-step fraud: rogue agents impersonating trusted entities and exploiting end-to-end systems, at scale.
The Evolution of Fraudulent Attacks and Sophisticated Points of Entry
We’ve entered an era of end-to-end deception. Just as generative AI lowered the barrier to entry for innovation while simultaneously enabling phishing, deepfakes, and other forms of fraud attacks, agentic AI extends that same ease of automation and scale to both businesses and bad actors.
The entry point is crucial. That’s why spoofed brands and synthetic identities are bad actors’ favorite tools for impersonating real companies. First, they can create a synthetic ecosystem of convincing assets that might include a fake merchant profile, a fake brand website, and a ghost identity. In fact, AI agents can use hyper-realistic deepfakes and cloned voices to execute vishing (voice phishing) campaigns that are so personal and convincing that they quickly gain trust. For example, an employee might be deceived by an agent impersonating her manager or even the CEO of her company. Combine social pressures or the pressures to perform and excel quickly on the job, and the odds of success sway toward the agent’s favor.
Wreaking Havoc with Trust
Once trust is obtained, the agent can ask the victim to complete a transaction that appears to be legitimate. After the victim takes action, the agent can route the purchase funds elsewhere or use the credentials to gain additional access. And since AI agents act on behalf of users, they can leverage stolen credentials to pursue additional access and admin privileges. From there, they may take over devices and networks, create new accounts, and target high-value assets such as financial accounts, personal information, and private corporate data. For example, a fake agent could mimic a customer service bot to secure access or credentials before setting off this chain of events… all without manual inputs or oversight once the initial agent has been set up. Now multiply these actions across thousands or millions of consumers.
The Dark Web and the Peak of the Holiday Season
There’s a perfect storm upon us: the peak of the 2025 holiday season emerges in tandem with a surge of activity on the Dark Web. Unfortunately, we’re predicting a sizable spike in AI-executed attacks during the hubbub of the holiday season. The sheer number of transactions executed during this time of year presents a greater risk, as does the ease of deceiving everyday consumers amid so much activity. Such attacks will largely use bots that mimic popular shopping agents to intercept gift purchases and credentials at scale. This isn’t conjecture; confirmed Dark Web discussions and marketplaces reveal criminals selling custom-tuned LLMs and autonomous fraud toolkits to other criminals. We’re seeing organized crime scale right before our eyes.
How to Protect Commerce in a Higher-Risk Future
The non-linear, rapid deployment of autonomous AI agents is fundamentally redefining what it means to trust digital interactions. If the authenticity of an agent cannot be reliably verified, the security of commerce, communications, and transactions is at risk.
So what can be done? To defend against these emerging threats, organizations must evolve beyond reactive measures and adopt AI-scaled solutions that enable agent-to-agent verification. Traditional determinants of trust and detection cycles are no match for the risk of scalable losses posed by agentic AI.
It’s time to establish cross-sector collaboration and proactive security guardrails — and it’s time to move at the same speed as these scalable attacks. We can create a future where AI enhances trade without compromising the future of commerce. But that future requires a sweeping, multi-layered trust.
