Account Takeover Fraud,
Fraud Management & Cybercrime
Reflecting on 2025’s Key Trends in Identity Fraud
The landscape of fraud continues to highlight that traditional methods remain effective for cybercriminals. Despite the influx of artificial intelligence-driven threats like deepfakes, scammers are finding success with age-old strategies such as synthetic identities and account takeovers. A focus on emerging technologies in the security realm often leaves basic fraud prevention measures under-prioritized.
See Also: Going Beyond the Copilot Pilot – A CISO’s Perspective
While fraud prevention teams swiftly adopt AI-powered solutions to address evolving threats, criminals continue to exploit familiar tactics. Organizations confronting identity fraud are not oblivious but often divert attention and resources toward more glamorous AI-related risks, neglecting the crucial tasks of strengthening identity verification and monitoring account activity.
Three prominent trends in identity fraud illustrate the expanding crisis as it stood in 2025.
Synthetic Identity Fraud
Synthetic identity fraud has identified auto lenders as prime targets. Rather than engaging in minor schemes, criminals have turned to fake identities to secure substantial auto loans, leading to reported losses of $2.1 billion in this sector alone in 2024, per a TransUnion report. The method typically involves combining legitimate Social Security numbers—usually of individuals who are less likely to monitor their credit—with fictitious personal information. The past five years have seen over 16,000 data breaches providing a wealth of stolen credentials, enhancing access to fraud-as-a-service offerings that facilitate identity creation on various platforms.
Account Takeover Fraud
Account takeover fraud has evolved, with attackers increasingly opting for stealthy methods to assume control over accounts, biding their time before draining funds. In 2025, the sophistication of these scams became evident, as cybercriminals preferred to impersonate users rather than lure them into voluntary transactions. During the first ten months of the year, the FBI reported over 5,100 complaints related to account takeover scams impersonating bank support teams, amounting to a staggering $262 million in losses.
The typical scenario involves a victim receiving a call from someone feigning to be from their bank’s fraud department. The provided reassurance masks ulterior motives, leading victims to relinquish account control. This is not solely a U.S. issue; globally, account takeover fraud cost businesses nearly $13 billion in 2023, reflecting an increase from $11 billion in 2022. Notably, the first half of 2025 saw a 21% surge in reported ATO incidents compared to the previous year.
A study by TransUnion revealed that fraud accounts for approximately 7.7% of annual revenue for global companies, with a substantial portion attributed to account takeovers. A recent Entrust report further illustrated that 82% of fraudulent activities occur during the authentication process, underscoring the gravity of the situation.
New Account Fraud
New account fraud remains a persistent challenge, with malicious actors leveraging the onboarding process to establish illegitimate accounts for illicit gain. Industries that offer upfront incentives are notably susceptible, with crypto platforms experiencing a staggering 67% of their fraud attempts during the account creation phase. Fraudulent documents are the linchpin of this type of fraud, with Entrust indicating that national ID cards constitute nearly half of all fraudulent documents detected globally in 2025, followed closely by driver’s licenses and passports.
The trend towards digital document forgery has intensified, propelled by generative AI technologies that enable fraudsters to produce convincing replicas using open-source models and straightforward prompts. Digital forgeries now represent half of attempts targeting crypto companies, with a notable increase in the pairing of fraudulent documents with biometric spoofing techniques.