AI is fundamentally reshaping the fraud landscape. It’s no longer a question of whether your organization will be targeted by fraud. The question now is this: Does your organization have the right protections in place to withstand AI-driven fraud attacks?
Cyber fraud – such as hacking, deepfakes, voice cloning, and highly sophisticated phishing schemes – is escalating, largely driven by fraudsters’ rapid adoption of AI. And the financial impact is also growing: nearly 60% of companies that Trustpair surveyed said they experienced payment fraud of more than $5 million in 2024, compared to a quarter in the prior year. A fifth said the impact was above $25 million.
Yet despite the growing threat, most organizations today don’t have the right protections to defend against AI-driven fraud. Nearly 70% still rely on manual methods, such as human callbacks or emails, to validate bank accounts – approaches that are easily exploited and no match for today’s increasingly sophisticated fraudsters. These vulnerabilities are even a greater concern given the broader backdrop of economic volatility, trade policy shifts and geopolitical instability, all of which create ripe conditions for fraud.
Macroeconomic factors that create new fraud gateways
- Tariffs and shifting trade policies
Companies across Corporate America are rushing to reconfigure supplier networks and protect their supply chains and margins amid tariffs, trade shifts and a bleak and uncertain economy. Reshoring, tapping into alternative, lower-cost vendors and accelerated onboarding of new and critical partners are all important strategies for staying agile and navigating today’s macroeconomic environment.
Procurement teams, however, are onboarding new vendors fast and with limited time and resources. These factors can lead to critical third-party verification and vetting steps being rushed, delayed or skipped entirely.
That’s a major concern given the rising scale of fraud: 90% of U.S. companies said they experienced cyber fraud in 2024, up from 79% in 2023. This leaves organizations vulnerable because while fraudsters can usurp supplier identities and infiltrate organizations at any phase in the procurement process, attacks are especially prevalent when onboarding new suppliers.
Bad actors take advantage of the fact that companies may not be familiar with the supplier’s communication style and habits. This is typically the point in the relationship where bank account information is shared, and companies are less likely to be suspicious of false credentials. In fact, a quarter of finance executives say supply chain and third-party relationship changes will most likely lead to a higher risk of payment fraud at their organizations this year.
- The uncertain global economy
More broadly, nearly half (47%) of finance leaders expect economic volatility to increase fraud risk in 2025. About a third (31%) say the same of geopolitical instability. Bleak economies can lead to resource cutbacks and other constraints that put higher workloads and stress on employees. This can make employees more susceptible to social engineering attacks and bypass standard payment controls and verification processes, either by mistake or to save time because of bandwidth issues.
- The rise and rapid adoption of generative AI
Generative AI brings remarkable efficiency and productivity benefits to organizations, but the technology is also amplifying the power and impact of fraudsters. The use of generative AI tactics, such as deepfakes and deepaudio, by cyber criminals has increased 118% year-over-year.
These bad actors are now able to do a lot more with a lot less, execute at scale and fly under the radar. Cyber criminals are using AI to do the following:
-Bypass authentication systems with deepfake audio and video
-Mimic legitimate communication to execute business email compromise (BEC) scams
-Generate realistic fake invoices and bank details to fool accounts payable teams
-Automate credential stuffing attacks to break into financial systems
AI has made fraudsters more sophisticated and opportunistic. They can strike right at moments of macroeconomic disruption when companies often have their guards down. Organizations must invest in proactive defenses to stay ahead.
What companies can do now
Companies can defend against AI-powered payment fraud by focusing on a few key areas.
- Organize your financial data and systems.
Cyber criminals exploit gaps in messy payment records and weak verification procedures. One of the best steps is to strengthen your financial foundation and ensure your data is structured, secure and centralized in an ERP or TMS system. This makes it harder for fraudsters to manipulate payment workflows. Ensure your team has clarity on who is an authorized signer and that only authorized personnel can modify payment details or approve transactions.
- Invest in automation.
Manual bank account validations are time-consuming and prone to error. Even the most vigilant employee can’t always be sure that the person they are communicating with over the phone or email is who that person says they are. Automation helps ensure that payment details are accurate and payments are directed to legitimate vendors before the transaction is processed.
The risk of payment fraud starts at supplier onboarding and extends through the entire supplier lifecycle. Automated controls can continuously monitor and flag changes in banking information, so you are alerted to and can address potential fraud before it occurs.
3. Break down silos.
All departments involved in payments – finance, procurement, treasury, accounts payable – must work together and regularly communicate. When fraud prevention is siloed and communication gaps exist, red flags are more likely to be missed.
One department might rush through an approval or important step in the process, assuming that the other has checked for incorrect information or mistakes. Everyone must know the risks, what to watch for, and their expected roles in protecting the organization.
4. Don’t rely on training.
Fraud awareness training is incredibly important, but don’t rely on it alone. Almost half of companies (43%) have invested in fraud awareness training for staff over the past 12 months yet one of companies’ biggest challenges is that employees don’t always follow fraud prevention policies in place (39%).
Nine out of 10 financial leaders express high confidence in spotting sophisticated fraud attempts, but the same percentage of companies faced successful attacks, suggesting the confidence is largely misplaced. Overconfidence is a natural human bias. AI-driven scams are intentionally crafted to deceive even well-trained employees.
Take British engineering firm Arup: Scammers used a deepfake video call to impersonate executives and convince an employee to transfer $25 million.
Give and reinforce training, but also leverage automation as a backstop in the event fraudsters trick your team.
Many companies assume that fraud won’t happen to them or that they are adequately protected with training and their standard controls. But AI is changing how fraud happens, and companies’ defense strategies need to evolve alongside it. The risks are too big to ignore. Adapt faster than the threat. With smarter systems, stronger collaboration and a clear understanding of evolving risks, businesses can stay ahead of fraud before it strikes.
