New Analysis of 236 Million Applications Exposes Surge in Coordinated Fraud and Bot Attacks

A comprehensive analysis of more than 236 million financial applications has uncovered a volatile landscape for fraud in the second half of 2025, characterized by unprecedented bot attacks and record-high identity theft rates during the holiday season. The data, compiled by identity verification firm SentiLink, draws from account applications across major sectors including auto lending, telecommunications, and banking, offering a detailed benchmark of how criminal networks are evolving their tactics.

Background and Context

The SentiLink Fraud Report for the second half of 2025 provides a rare glimpse into the scale of digital financial crime, aggregating data from over 500 partners, including 11 of the top 15 U.S. banks and major telecommunications providers. This reporting period marks the introduction of a first-party fraud rate, distinguishing between organized external attacks and deceptive behavior by legitimate customers. The findings suggest a shift toward high-volume, automated attacks designed to overwhelm traditional verification systems.

Key Figures and Entities

The report identifies auto lenders and telecommunications companies as primary targets for sophisticated fraud rings. In one notable incident, a massive bot attack targeted a major auto lending partner, generating more than 10,000 fraudulent applications daily and temporarily pushing the institution’s identity theft rate to nearly 35%. Meanwhile, the telecommunications sector saw fraud rates spike around the September launch of the iPhone 17, with identity theft averaging above 9% across mobile phone providers.

Naftali Harris, co-founder and CEO of SentiLink, noted that the company’s position at the intersection of hundreds of financial institutions allows for real-time observation of these patterns. "The second half of 2025 surfaced some of our most interesting insights to date, from bot attacks on auto lenders to DDA identity theft breaking double digits," Harris stated in the report’s release.

Legal and Financial Mechanisms

Investigators highlight the growing maturity of "Assumed Identity Abuse" (AIA), a mechanism where fraudsters utilize real identities—often advertised as "expat" profiles on online marketplaces—to bypass security checks. This method differs from synthetic fraud, which actually declined slightly from 67 basis points to 48 basis points during the period.

Additionally, the report details a rise in the use of "legacy PII"—personally identifiable information that has been exposed in previous data breaches—to evade modern fraud signals that focus on contact details. Demand Deposit Accounts (DDAs) were particularly vulnerable, with identity theft rates exceeding 10% for the first time, driven by targeted attacks and a seasonal drop in legitimate application volume.

International Implications and Policy Response

The findings raise concerns about the security of government education funding, specifically regarding FAFSA fraud and "Pell running" schemes at community colleges. The targeting of professional athlete identities and the use of organized bot networks point to systemic vulnerabilities that stretch beyond private sector losses into public assistance programs. The report underscores the need for enhanced signal analysis and cross-sector information sharing to combat the increasingly automated nature of these crimes.

Sources

This report draws on the SentiLink Fraud Report: Identity Fraud Rates & Trends, 2H 2025, which analyzed 236 million applications across credit cards, auto lending, consumer lending, deposit accounts, and telecommunications. Data was aggregated from over 500 financial partners and verified by SentiLink between July and December 2025.