Visa: Scams now dominate the consumer payment fraud category
More and more consumers are falling victims to scams as criminals prioritize social engineering over direct system breaches.
Scams now make up the largest category of consumer payment fraud, according to a report by Visa, which identified nearly $1 billion in scam-related activity from July to December 2025. Visa’s Spring 2026 Biannual Threats Report revealed that criminals are increasingly use artificial intelligence and social engineering to manipulate people into authorizing payments themselves.
“Unlike traditional fraud, these attacks typically do not require breaching technology,” the report noted. “Instead, scammers impersonate trusted brands and institutions, manufacture urgency and deceive victims into completing legitimate-looking transactions.”
The report, which draws on intelligence from Visa’s global network, underscores a major shift in the fraud landscape: While core payment security continues to strengthen at the network level, criminals are redirecting their efforts away from technical system compromises toward exploiting human trust.
“Payments at a network level continue to get safer, but threats are evolving faster than ever,” said Paul Fabara, chief risk and client services officer at Visa. “Criminals are increasingly targeting people rather than technology, using deception, urgency and AI-enabled tools to exploit trust. Addressing this shift requires continuous innovation at the network level and close collaboration across banks, merchants, policymakers and the broader payments ecosystem.”
The latest edition of Visa’s Biannual Threats Report identifies four major trends reshaping payment security worldwide:
•Security is working, but fraud is migrating: Fraud involving device tokens declined 9.6% from July 2025 – December 2025 over the same period in 2024, reinforcing that stronger authentication and network-level protections are effective, even as overall attack volumes continue to rise.
•Scams are accelerating: Scams are now the dominant consumer threat as criminals prioritize social engineering over direct system breaches.
•AI is transforming fraud on both sides: Fraudsters are using AI to scale more convincing scams, while defenders are increasingly deploying AI to detect and stop attacks earlier in the transaction lifecycle.
Ransomware economics are shifting: Global ransomware activity increased 26% from July 2025 – December 2025 over the same period in 2024, yet only 23% of victims paid ransoms — the lowest rate on record — reflecting improving resilience and recovery capabilities, as well as a reluctance to pay when data could still be leaked, regardless of payment.
