8 figures you need to know about AI-driven identity fraud

The numbers confirm that AI-driven digital fraud is already here—and growing rapidly. Organisations still relying on traditional defence systems risk being left behind. 

T

hese 8 key figures, based on a recent report¹ analysing how this phenomenon has evolved over the past two years, illustrate the scale of the problem—and why businesses must urgently adopt modern, intelligent defences. 

1.- 15 billion leaked credentials are for sale on the dark web 

Stolen personal data is widely available on criminal marketplaces, fuelling automated fraud schemes and account takeover (ATO) attacks. The more leaks there are, the more large-scale attacks fraudsters can launch. 

For instance, the breach known as MOAB (Mother of All Breaches), uncovered in January 2024, exposed over 26 billion records—including emails, passwords, usernames, and IP addresses—harvested from hundreds of online platforms and services. Considered the largest data breach in history, it has fuelled large-scale automated attacks and increased exposure for users worldwide. 

Massive leaks like this directly feed the digital fraud ecosystem, where AI can combine leaked data to create fake identities, clone legitimate logins, and bypass verification systems within seconds. 

2.- Synthetic identity fraud could cost €22 billion in the US by 2030 

Synthetic identity fraud is one of the most complex and dangerous types of fraud financial institutions face today. Unlike traditional identity theft—where fraudsters use a real person’s details—synthetic fraud involves creating an entirely new identity by combining genuine data (such as a valid Social Security number) with fabricated information (like a fictional name or address). 

These artificial identities can appear legitimate to traditional verification systems, allowing fraudsters to open bank accounts, obtain credit, subscribe to services, or access financial products without raising immediate suspicion. Often, criminals slowly build a credible credit history using these synthetic identities until they secure a high-value loan or benefit, then vanish without a trace—a technique known as “bust-out fraud”. 

Artificial intelligence has elevated this scheme to another level: fraudsters can now generate ultra-realistic fake identification documents, create deepfakes to pass biometric checks, and mimic human behavioural patterns to bypass security controls. Moreover, these synthetic identities can be reused or sold across criminal networks, exponentially increasing their impact. 

3.- Global losses from financial fraud reached €467 billion in 2023 

This alarming figure highlights that digital fraud is far from a minor issue. Identity theft was the most commonly reported complaint globally, but it wasn’t the only driver behind these enormous losses. 

• Digital payment and Buy Now, Pay Later (BNPL) fraud: BNPL services are being exploited through the opening of fake or stolen accounts, enabling fraudsters to make multiple purchases without any intention of repayment. 
• Card-not-present (CNP) fraud: Using stolen credit or debit card information, cybercriminals make online purchases without needing the physical card. This form of fraud is especially prevalent in e-commerce. 
• Bank transfer fraud: Through phishing and manipulation, scammers trick businesses or individuals into willingly transferring money to fraudulent accounts. Once completed, these transfers are nearly impossible to reverse.

4.- Account takeover attacks increased by 354% in a single year 

In 2023, Account Takeover Attacks (ATOs) surged globally. These attacks occur when fraudsters gain access to a legitimate user’s account to steal funds, change credentials, or even carry out unauthorised transfers. 

How do they do it? By using: 

• Leaked credentials purchased on the dark web. 

• Phishing and smishing (SMS-based scams). 

• SIM swapping to intercept SMS verification codes. 

• Voice cloning and deepfakes to bypass biometric authentication. 

Once inside, attackers can operate as if they were the genuine user. Without strong, continuous verification, the consequences can be catastrophic. 

Discover TrustCloud’s hacker-proof identity verification solutions 

5.- 37% of financial experts view AI-driven fraud as their biggest concern 

According to the global survey by Mitek and Censuswide, cited in the report mentioned at the beginning of this article, more than a third of risk management leaders identified AI-generated fraud as their most urgent threat. 

The reason? AI has enabled cybercriminals to: 

• Automate large-scale attacks. 

• Craft hyper-persuasive phishing messages. 

• Use cloned voices to deceive employees or security systems. 

• Create ultra-realistic fake identities. 

This exponential growth in offensive capabilities leaves many organisations vulnerable, especially those still relying on manual or static verification technologies. 

6.- 65% of organisations experienced cheque fraud in 2023 

Incredibly, cheque fraud remains alive and thriving. This so-called “low-tech” method involves: 

• Forging or altering physical cheques. 

• Stealing cheques from mailboxes or businesses. 

• Creating entirely fake cheques using legitimate data. 

Companies still using cheques for corporate payments or reimbursements are easy targets if they lack modern verification processes. This type of fraud leads to substantial losses and is notoriously difficult to trace and reverse. 

7.- 8 out of 10 companies faced digital payment fraud attempts 

In 2023, 80% of surveyed organisations reported experiencing fraud attempts in payment systems such as bank transfers, BNPL, corporate or debit cards. 

This increase is directly linked to: 

• The growth of e-commerce. 

• The rise of instant payments (which cannot be reversed). 

• Exploitation of “Buy Now, Pay Later” (BNPL) services using fake identities. 

These trends highlight that simply protecting account access is no longer enough. It’s now crucial to monitor and safeguard every transaction in real time using AI-powered tools capable of detecting anomalies and suspicious behaviour. 

8.- Advanced biometric solutions can save up to €38 million 

Implementing advanced biometric authentication methods (such as facial recognition, voice recognition, and passive liveness detection) can lead to direct savings of up to €38 million by reducing losses associated with account takeover (ATO) fraud. 

These systems: 

• Eliminate reliance on passwords and SMS. 

• Enhance security without adding user friction. 

• Detect impersonations and deepfakes by analysing behavioural patterns and contextual signals. 

Beyond cost savings, these technologies streamline onboarding, reduce false rejections, and improve customer experience, enhancing both security and retention. 

The figures don’t lie: we’re facing a new era of digital fraud, in which artificial intelligence has become a double-edged sword. While fraudsters leverage its power to scale attacks, organisations failing to adopt modern defences risk significant exposure. 

From synthetic identities and account takeovers to deepfakes, SIM swapping, and unauthorised payments, fraud techniques are evolving faster than many traditional prevention strategies can keep up. 

The good news is that solutions are available. AI-driven technologies, multimodal biometrics, and intelligent identity verification not only protect your business but also enhance customer experiences. Preventing fraud today means investing in trust, reputation, and sustainable growth for tomorrow. 

Build the most robust and tailored identity verification strategy for your business with TrustCloud. Get in touch today 

¹ Navigating a new era of identity fraud driven by generative AI | Mitek Solutions. 2025