Fraudsters target high-value credit transfers in Cyprus as losses double
Fraudulent payment transactions in Cyprus surged by 30 per cent in volume and 66 per cent in value during the first half of 2025, according to a Central Bank of Cyprus report, revealing how sophisticated criminals are increasingly targeting the island's digital payment infrastructure while authorities struggle to keep pace.
The data shows approximately 16,000 fraudulent transactions totaling nearly €4 million between January and June 2025, with fraudsters particularly focusing on high-value credit transfers and online card payments, exploiting cross-border regulatory gaps and technological vulnerabilities in the payment system.
Background and Context
While Cyprus remains below euro area averages in relative fraud terms, the rapid acceleration outpaces broader European trends. Across the eurozone, fraudulent transactions remained broadly stable at around 9 million cases with modest value growth of 6 per cent to €1.7 billion. The Cypriot surge reflects both increased digital payment adoption and evolving criminal methodologies that specifically target vulnerabilities in smaller financial jurisdictions.
The central bank's analysis identifies a clear shift toward online channels, with 97 per cent of card fraud occurring through card-not-present transactions. This digital migration of criminal activity mirrors global trends but presents particular challenges for Cyprus due to its strategic position between Europe and the Middle East, its robust tourism sector, and its sophisticated banking infrastructure.
Key Figures and Entities
The Central Bank of Cyprus, as the primary regulatory authority, has been monitoring these trends through its payment systems oversight framework. Their data reveals that Payment Service Providers (PSPs) face mounting pressure to enhance security measures, particularly for cross-border transactions where fraud rates are 24 times higher than domestic equivalents.
According to the central bank's findings, credit cards proved particularly vulnerable due to their higher spending limits, with a fraud rate of 0.017 per cent compared to 0.012 per cent for debit cards. The Cyprus Financial Literacy and Education Committee has been tasked with improving public awareness, though officials acknowledge that "human error often remains the weakest link" in preventing sophisticated scams.
Legal and Financial Mechanisms
The surge in fraudulent credit transfers—which doubled in value to €1.9 million—reveals how criminals exploit payment manipulation techniques, accounting for 59 per cent of such cases through social engineering and deception. The remaining 41 per cent stem from unauthorized transactions using stolen credentials, highlighting the dual challenge of both technical security and customer education.
Strong Customer Authentication (SCA) requirements demonstrated significant protective effects, reducing fraud rates to 0.006 per cent in volume terms for authenticated payments versus 0.018 per cent without SCA. However, regulatory limitations mean SCA may not be required for transactions outside the European Economic Area, creating jurisdictional vulnerabilities that fraudsters actively exploit.
The average fraudulent credit transfer in Cyprus reached €5,472—more than double the euro area average of €2,102—indicating criminals are specifically targeting high-value transactions. "This can be attributed to the fact that fraudsters are targeting high value transactions," the central bank noted in its assessment of the evolving threat landscape.
International Implications and Policy Response
The stark differential between cross-border and domestic fraud rates—24 times higher for card payments internationally—underscores persistent regulatory fragmentation across jurisdictions. The central bank attributes this to "differing regulatory frameworks across jurisdictions and insufficient cross-border cooperation among payment service providers and other stakeholders."
In response, the Verification of Payee (VoP) system became mandatory across the euro area on October 9, 2025, designed to contain fraud in electronic credit transfers by verifying recipient details before processing. The central bank expects this measure "to have a significant positive impact on reducing fraud in relation to credit transfers in the coming months."
However, officials warn that "the upward fraud trend shows no signs of abating, while methods are becoming increasingly sophisticated." The response requires continued investment in security technologies from PSPs alongside enhanced public education initiatives, reflecting the increasingly complex battle against financial crime in digital payment ecosystems.
Sources
This report draws on the Central Bank of Cyprus payment fraud analysis for the first half of 2025, including comparative euro area data and regulatory frameworks governing cross-border payment transactions within the European Economic Area.
