How Banks Can Fend Off Increasingly Sophisticated AI-powered Payment Attacks
Financial criminals are reshaping the fraud landscape with a potent mix of artificial intelligence, social engineering and strategic patience. Visa's latest threat assessment reveals fraudsters are moving away from quick-hit schemes toward sophisticated operations that can net upwards of $184,000 per attack. While traditional security measures help prevent basic fraud, criminals are adapting by deploying AI-generated deepfakes, targeting third-party vulnerabilities, and even returning to physical theft.
By Garret Reich, Editorial Operations Manager
The report: Biannual Threats Report [Fall 2024]
Source: Visa
Why we picked it: AI is expanding its reach deeper into the technology world — and one of its biggest targets is payments and the banking industry. Visa’s experience provides excellent insights for how traditional banks and credit unions can fare in the payments sector.
Executive Summary
In 2024, cybercriminals are getting smarter, more organized and increasingly sophisticated in their attacks on the payments ecosystem, according to Visa’s latest threat assessment. The report reveals a dramatic shift as fraudsters leverage advanced technology and social engineering to orchestrate large-scale attacks that are more targeted and impactful than ever before.
During the first half of 2024, Visa’s Payment Fraud Disruption team found cybercriminals focusing on two key vulnerabilities: system misconfigurations and direct targeting of cardholders. The financial impact has been significant — a single successful attack now costs issuers an average of $184,000, an alarming 58% increase from late 2023. Fraudsters are successfully combining artificial intelligence, advanced social engineering, and precise targeting to orchestrate attacks that are more damaging and harder to detect than ever before.
Key Takeaways:
- Purchase Return Authorization (PRA) fraud investigations jumped 81% compared to the previous six month
- Enumeration attacks targeting U.S. financial institutions rose 16% year-over-year
- Digital skimming attacks remained steady but increasingly targeted North American merchants, accounting for 51% of all detected compromises
- Physical card theft is making a surprising comeback as criminals adapt to stronger digital security measures
Why we liked the report: Goes above and beyond to provide the level of detail you need to know about AI and ransomware attacks not generally found in similar reports.
Why we didn’t: Highly technical and a lot of detail packed into all the pages, and it could be hard to weed through if you didn’t know what you were looking for in the report.
The Rise of Artificial Intelligence in Fraud
Perhaps the most concerning trend identified in Visa’s report is criminals’ growing sophistication in deploying AI technology. A February 2024 incident highlighted this evolution when scammers used AI-generated deepfake video and voice technology to convince a Hong Kong finance employee to wire $25.6 million to fraudulent accounts. The criminals created a convincing digital impersonation of the company’s chief financial officer, demonstrating how AI can be weaponized to make traditionally suspicious requests appear legitimate.
"It takes only three seconds of audio to clone a voice using AI technology," notes the report, explaining that fraudsters can easily obtain voice samples from social media posts or voicemail messages. This capability — combined with AI’s ability to mimic human movements and writing styles — is making it increasingly difficult for potential victims to distinguish genuine requests from sophisticated scams.
What’s potentially even more concerning is that criminal organizations are showing greater patience and strategic thinking in their attack methodologies. Visa observed a significant shift away from immediate card testing toward delayed cashouts happening 8 to 90 days after account compromise. This tactical change appears designed to evade fraud detection systems that focus on suspicious activity immediately following account compromise.
Purchase Return Authorization (PRA) fraud has emerged as a particular concern, with investigations jumping 81% compared to the previous six months. In these schemes, criminals compromise legitimate merchant gateways to initiate fraudulent return authorizations, immediately cashing out funds through ATM withdrawals or peer-to-peer payment systems before the fraud can be detected.
Enumeration attacks — where criminals use automated systems to guess payment card details — continue to pose a significant threat, especially in the U.S. The report revealed a 16% year-over-year increase in these attacks targeting U.S. financial institutions, though there was a 3% decrease in attacks targeting U.S. merchant acquirers.
Keep An Eye Out:
There was a 16% YoY increase in enumeration attacks in 2024, where criminals guess credit and debit card details using automation systems.
A Return to Physical Theft
In an unexpected twist, Visa’s report identifies a resurgence in physical card theft and fraud. Despite the industry’s focus on cybersecurity, criminals are increasingly returning to traditional theft methods — including vehicle break-ins, mail theft and pickpocketing. This trend appears to be driven by stronger digital security measures, pushing some fraudsters back to more straightforward, if risky, approaches.
The report also highlights a new scheme dubbed "digital pickpocketing," where criminals use mobile point-of-sale devices registered to fraudulent merchant accounts to conduct unauthorized contactless transactions by getting close to victims’ wallets or purses.
Dig deeper:
- In the Battle Against Bank Fraud, The Very First Login is Critical
- Can Digital Check Deposit Survive in the Face of Rising Fraud?
- How Spending Priorities and Financial Health Guide Consumer Credit Card Choices
Government Impersonation Scams Are Evolving
The report identifies an interesting shift in government impersonation scams, with criminals now preferring cash payments sent through mail or courier services rather than digital payments. According to the Federal Trade Commission, the average victim lost $14,000 in these schemes during the first quarter of 2024, with total losses reaching $20 million.
This pivot to cash payments appears designed to circumvent traditional fraud detection systems and makes it harder for authorities to trace and recover stolen funds. The trend has led to a notable increase in large cash withdrawals at ATMs and bank branches.
While ransomware and data breaches showed a 12.3% decline compared to late 2023, attacks are becoming more strategic and impactful. The report notes a 24% increase in targeting of third-party service providers, reflecting criminals’ preference for attacking organizations that can provide access to multiple downstream targets.
Digital skimming attacks remained steady but increasingly targeted North American merchants, accounting for a little over half of all detected compromises. These attacks have evolved to include more sophisticated techniques for harvesting payment data, including the use of malicious JavaScript to redirect customers to fake checkout pages.
Visa’s Response and Recommendations
To combat these evolving threats, Visa has deployed a multi-layered defense strategy combining human expertise, advanced technology, and refined processes. The company’s 24/7 Risk Operations Center blocked over 51.8 million suspicious transactions worth $11.8 billion in the first half of 2024, demonstrating both the scale of attempted fraud and the critical importance of proactive monitoring.
The report recommends organizations strengthen authentication controls, improve threat monitoring capabilities, and educate customers about evolving scam techniques. Particular emphasis is placed on implementing multi-factor authentication and maintaining strict vulnerability management programs.
Visa expects threat actors to continue probing for system vulnerabilities while expanding their use of AI and social engineering tactics. The company predicts an increase in scams targeting holiday shopping events and travel bookings in the coming months.
The financial services industry faces a critical inflection point as criminal tactics grow more sophisticated. While improved security measures help prevent basic fraud schemes, attackers are adapting by combining technical exploits with social manipulation. Success in combating these evolving threats will require continued vigilance and collaboration across the payments ecosystem.
Editor’s note: This article was prepared with AI language software and edited for clarity and accuracy by The Financial Brand editorial team.