Global Fraud Surge Driven by AI Bots and Synthetic Identities, Report Finds

Global fraud attacks have surged by 8% over the past year, fueled by the emergence of sophisticated artificial intelligence tools and a shift toward "synthetic" identity theft. According to the latest Cybercrime Report from LexisNexis Risk Solutions, which analyzed 116 billion online transactions in 2025, cybercriminals are increasingly exploiting vulnerabilities in the gaming, gambling, and e-commerce sectors.

Background and Context

The data reveals a distinct evolution in criminal methodology, moving away from opportunistic theft toward long-term, complex fraud schemes. Economic pressures, including the rising cost of living, appear to be driving both customer-initiated fraud and professional cybercrime. The LexisNexis Digital Identity Network indicates that while traditional security measures have improved, bad actors are scaling automation to probe for weaknesses across the entire digital customer journey.

Key Figures and Entities

Stephen Topliss, vice president of fraud and identity at LexisNexis Risk Solutions, noted that fraud is evolving in lockstep with digital innovation. He observed that organizations are strengthening their defenses, yet criminal networks are utilizing AI-driven tools to mimic human behavior with unprecedented speed and accuracy.

The geography of fraud also varies significantly. In the Europe, Middle East, and Africa (EMEA) region, first-party fraud—where customers deceive organizations—accounts for 51.7% of all fraud cases. Conversely, Latin America faces a different threat profile, with synthetic identity fraud comprising nearly half (48.3%) of the region's fraud volume, compared to a global average of 11%.

Legal and Financial Mechanisms

Investigators identified a massive eight-fold year-over-year increase in synthetic identity fraud, making it the fastest-growing fraud type globally. Unlike traditional identity theft, which relies on stealing a real person's data, synthetic fraud involves stitching together various stolen attributes to create a completely new, fictitious identity. Because there is no direct victim to immediately sound the alarm, these schemes can remain undetected for months, allowing criminals to accumulate significant returns.

Additionally, the report documents the rise of "agentic traffic"—automated bots capable of autonomous decision-making rather than just following a set script. This type of traffic surged by 450% between January and December 2025, largely targeting credit card payments and login pages for gaming and gambling sites. Malicious bots are also becoming more adept at impersonation, specifically mimicking human cursor movements to bypass behavioral biometric checks.

International Implications and Policy Response

The shift in tactics has resulted in a spike in specific attack vectors. The fraud attack rate for e-commerce grew by 64% year over year, while login attacks aimed at taking over customer accounts jumped by 216%. Gaming and gambling sites saw a 76% rise in global attack rates, with significant peaks in activity observed throughout March, April, and August 2025.

These findings underscore a growing systemic risk as the line between human and machine interaction blurs. With malicious bot attacks rising by 59% globally, analysts warn that current detection frameworks may struggle to distinguish between genuine human behavior and AI-generated activity, particularly in high-volume digital markets in the US, Canada, and APAC.

Sources

This report draws on the LexisNexis Risk Solutions 2026 Cybercrime Report, analyzing transaction data from the global Digital Identity Network throughout 2025.