The payments fraud landscape posed significant challenges for financial institutions and their customers in 2025. U.S. consumers and businesses had an estimated $196.3 billion in fraud losses (Off-site), underscoring the scale of the threats shaping today’s payments environment. A recent study (Off-site) found that U.S. adults expressed a high level of concern about scams and fraud. From traditional check fraud to deepfake-enabled impersonation scams, organizations confronted a diverse array of threats. It is not just the variety of individual attacks that makes the landscape so challenging, it is also how these attacks intersect and amplify across payments, channels, institutions and jurisdictions. As a result, payments fraud is more difficult to detect, more complex to resolve, and more damaging for financial institutions and their customers. This article provides an overview of today’s interconnected, complex payments fraud landscape.
Scams: A Driving Force in Today’s Payments Fraud Ecosystem
At the heart of the payments fraud landscape is the growth and ubiquity of scams, defined as the use of deception and manipulation intended to achieve financial gain. Any individual or organization can be targeted and become a victim. From a prevention and detection perspective, scam payments can be difficult to distinguish from legitimate activity, posing challenges for traditional fraud controls. A 2025 study by Deloitte (Off-site) suggests authorized push payment losses in the U.S. alone may increase from $8.3 billion in 2024 to an estimated $14.9 billion in 2028, approximately a 20% increase year over year.
Common scam types include:
Romance impostor scams, where criminals build emotional connections to persuade victims to send money
Tech‑support fraud, which happens when individuals are tricked into granting remote access to their devices or paying for fake service
Bank impostor scams, where criminals pose as a financial institution’s fraud department to gain unauthorized access to accounts
Phishing scams via text, email or phone, reported to be the one of most prevalent scam types (Off-site), with 21% of scam victims experiencing a financial loss of $5,000 or greater
In 2025, scams continued to evolve with the help of modern technology. For example, generative artificial intelligence (AI) tools can enable the creation of highly personalized phishing or scam messages in most languages. Furthermore, biometric deepfakes (voice, video, facial imagery) can impersonate trusted individuals’ voices. Today, a majority of fraud professionals report that criminals are already using generative AI to carry out voice‑cloning scams (Off-site). The growing use of AI tools also has made business email compromise more sophisticated, as criminals can more effectively mimic the tone, style and formatting of genuine correspondence. Unlike mass phishing campaigns targeted at individuals, these attacks mainly are targeted at organizations. In early 2025, business email compromise attacks surged by nearly a third (Off-site), a jump that aligns with the rise of toolkits enabling even unskilled criminals to run more effective campaigns. Criminals also frequently research organizational hierarchies and payment cycles to time business email compromise attacks for maximum impact by exploiting trust within established business relationships. The consequences often are severe, as even a single incident can result in significant losses. These attacks are particularly effective because they mimic legitimate internal workflows, making detection difficult until funds have already been moved. Even well‑staffed organizations can face growing challenges in preventing these highly targeted attacks as criminals refine their techniques using publicly available data, breached credentials and AI‑generated content.
Account Takeover Fraud is Thriving
Account takeover fraud has become one of the more persistent and damaging threats facing financial institutions, driven by both its scalability and its ability to exploit multiple entry points, such as online accounts and call centers. Criminals gain unauthorized access to accounts by using stolen or guessed login details through methods that include credential stuffing, phishing, malware or data breaches. Once inside, criminals can change the contact information, move money or tap into overdraft lines to steal funds.
Fraud related to U.S. data breaches alone accounted for $1.82 billion in losses (Off-site) in 2025, reflecting the scale of compromised information feeding today’s account takeover fraud surge. Industry data (Off-site) shows the scale of this growing threat: attacks on financial organizations and fintechs have more than doubled (122%) over the past year. Once an account has been compromised, revictimization is common, with a single breach often cascading into multiple losses and enabling follow‑on fraud, such as identity theft.
The tools for detecting account takeover fraud have become far more advanced and easier to use. What previously required manual effort or basic scripting can now be carried out through automated frameworks using email addresses and compromised personal data to predict username and password combinations. This evolution allows attackers to operate at far greater scale with higher success rates. Compounding the challenge, non-financial accounts such as email, social media and mobile carrier profiles increasingly are `being exploited as stepping stones in an attack. Checking and email accounts are the most frequently targeted for takeover (Off-site). Criminals harvest data from these accounts and combine it with stolen physical documents, such as checks or utility bills, to build a detailed victim profile that strengthens their ability to execute takeovers.
Scams remain a powerful enabler within this broader ecosystem, but they represent only one pathway. Social engineering schemes trick victims into revealing credentials or one‑time passcodes, which attackers then use to bypass authentication and seize control of accounts. When combined with large volumes of breached data and automated credential testing tools, scams amplify the speed and impact of account takeover fraud, further fueling an already resilient and adaptive criminal operation.
Check Fraud Remains an Enduring Challenge
Overall, check fraud has also seen a notable increase (Off-site). Despite declining check usage, U.S. institutions still absorbed $33.6 billion in check fraud losses in 2025 (Off-site), a 28% two‑year growth rate.
Check fraud can start a few ways, including stealing checks out of residential or business mailboxes. Once criminals have a physical check in hand, they can alter it in several ways, such as using common household chemicals to “wash” the check and remove the original payee or amount, or forging signatures to make the item appear legitimate. After altering the check, they deposit it and quickly move the funds out through payment channels like ACH, wire transfers, or person‑to‑person payments, taking advantage of the slower processing timelines associated with checks.
The physical form of checks creates unique vulnerabilities that provide criminals with access to authentic checks; check washing allows them to manipulate the details; and advances in printing and imaging technology have lowered the barriers to producing convincing counterfeit checks. As a result, checks continue to be an attractive target for fraud.
Synthetic Identities – Gateway Fraud Attacks
Synthetic identity is the use of a combination of personally identifiable information (PII) to fabricate a person or entity fraud. It can begin when criminals construct identities using a blend of real and fabricated personal information, creating personas that can pass initial identity verification reviews. Fraud fighting professionals suggested synthetic identity creation ranked among the top risks (Off-site), driven largely by criminals’ increasing use of AI to generate convincing identities. The same survey found that investments in stronger identity verification solutions had the most meaningful impact in reducing fraud, underscoring the importance of accurate identity proofing.
Generative AI may be accelerating the problem. Industry trends (Off-site) show that four in ten financial institutions are seeing more synthetic identity attacks tied to the use of generative AI, which now enables criminals to create highly convincing documents, biometric artifacts, and digital behaviors that can evade traditional identity checks. These synthetic identities are frequently used to open new accounts, exploiting weaknesses in digital onboarding to gain access to the financial system. Once opened, these accounts may be used to commit a range of frauds—such as obtaining credit with no intention of repayment, depositing stolen or altered checks, or conducting purchases that the criminal later disputes.
Beyond direct losses, synthetic identities may also play a growing role in the creation of mule accounts (accounts used to receive and move illicit funds). Mule activity has surged, with reported money mule incidents increasing 168% (Off-site), reflecting a rapidly expanding laundering infrastructure. In the U.S. alone, an estimated $48.9 billion in illicit funds were moved through money‑mule activity in 2025 (Off-site), demonstrating how these networks are scaling fraud across payment channels. Fraud networks rely heavily on mule accounts to move, layer and obscure stolen funds, and synthetic identities provide an ideal vehicle because they allow criminals to create large numbers of accounts that appear legitimate and are less likely to be tied back to a real individual. These synthetic ID mule accounts may help criminals scale operations, move funds across institutions, and fragment transactions, making tracing and recovery far more difficult.
Not Four Problems, But One Ecosystem
Reflecting on today’s payments landscape, threats such as scams, account takeover, check fraud, synthetic identity and new account fraud, are often discussed separately, but they are highly intertwined. Scams are used to manipulate victims into providing personal information that can be used to take over accounts. Once inside an account, criminals can access additional data that can be used for creating synthetic identities. These synthetic identities can be used to open new accounts to deposit fraudulent checks. Stolen funds are transferred through an infrastructure of mule accounts to move the funds at scale. Together these elements create a resilient, criminal ecosystem that is adaptive and can operate continuously, even when individual tactics are disrupted.
Building an effective defense against this interconnected fraud ecosystem requires recognizing how each threat reinforces the others. Because scams, account takeover, synthetic identity and mule activity form a continuous criminal cycle, addressing them in isolation leaves critical gaps. Investing in holistic strategies that combine prevention, detection, education and collaboration across the payments value chain is therefore key. When financial institutions, technology partners, and consumers work together, they can disrupt multiple points of the criminal workflow at once. This coordinated approach not only strengthens today’s defenses but also builds long term resilience as threats evolve.
Stay Connected
Keep informed about the Fed’s efforts to support payment security and mitigate fraud by joining the FedPayments Improvement Community.
Federal Reserve Releases Account Takeover Fraud Mitigation Toolkit and Enhancements to Existing Toolkits
Federal Reserve launches a new account takeover fraud mitigation toolkit and enhancements to their scams mitigation and check fraud mitigation toolkits.
Connect with the Fed at Nacha® Smarter Faster Payments® 2026
Federal Reserve representatives will attend the annual Nacha Smarter Faster Payments conference April 26-29. Discover opportunities to connect and engage.
Harnessing the Power of ISO® 20022: Why This Global Payment Standard Matters for Fraud Mitigation
In the first of a series of articles examining ISO 20022 and its potential, learn how financial institutions can leverage the structured, richer data that this global, interoperative standard provides to enhance their fraud mitigation efforts.
From Touch to Clicks: Navigating the Rise of Non-Human Identities
Identity verification traditionally was tied to elements such as names and passwords. Today, verifying identity with only those items might not be enough. This article explores non-human identity verification strategies.
Shaping Payments Innovation at Industry Events This Spring
Connect with Federal Reserve Financial Services representatives on the latest innovations in faster payments adoption, standards and fraud mitigation at key industry conferences this spring.
Digital Account Onboarding: The First Defense Against Fraud
Digital account onboarding can create new areas of fraud risk for financial institutions. This article highlights several approaches and tools to keep your new account process secure.
Sweet Talk to Financial Ruin: Romance Impostor Scams
Each year, romance imposter scams account for billions of dollars in consumer loss. Learn how to identify and prevent these scams that use relationships to gain the trust of their victims.
White Paper: How Instant Payments Can Accelerate B2B Payments Modernization
This white paper explores the current B2B payments landscape, how it’s changing, and the value businesses see in instant payments.
Account Takeover Fraud: A Persistent Threat
Account Takeover Fraud is prevalent and growing. Learn why this method of fraud continues to be an increasing threat and ways to improve Account Takeover detection and prevention.
Industry Signals are Key to Combating Scams, Check Fraud
In a new podcast, Mike Timoney from Federal Reserve Financial Services discusses helpful educational resources offered by FRFS and the importance of industry information sharing about fraud.