Visa Threats Report: As Network Security Strengthens, Criminals Accelerate Shift to AI-Enabled Social Engineering

Spring 2026 Biannual Threats Report shows how strengthening payment security is pushing criminals toward AI-enabled social engineering

SAN FRANCISCO: Visa (NYSE: V), a world leader in digital payments, today released its Spring 2026 Biannual Threats Report, revealing that scams have become the fastest-growing source of consumer harm as criminals increasingly use artificial intelligence and social engineering to manipulate people into authorizing payments themselves.

The report draws on intelligence from Visa’s global network and underscores a critical shift in the fraud landscape: while core payment security continues to strengthen at the network level, criminals are redirecting their efforts away from technical system compromises toward exploiting human trust.

From July to December 2025, Visa identified nearly $1 billion in scam-related activity, making scams the single largest category of consumer payment fraud. Unlike traditional fraud, these attacks typically do not require breaching technology. Instead, scammers impersonate trusted brands and institutions, manufacture urgency, and deceive victims into completing legitimate-looking transactions.

“Payments at a network level continue to get safer, but threats are evolving faster than ever,” said Paul Fabara, Chief Risk and Client Services Officer at Visa. “Criminals are increasingly targeting people rather than technology, using deception, urgency and AI-enabled tools to exploit trust. Addressing this shift requires continuous innovation at the network level and close collaboration across banks, merchants, policymakers and the broader payments ecosystem.”

Four trends shaping the global payment threat landscape

The latest edition of the Biannual Threats Report identifies four major trends reshaping payment security worldwide:

• Security is working, but fraud is migrating: Fraud involving device tokens declined 9.6% from July 2025 – December 2025 over the same period in 2024, reinforcing that stronger authentication and network-level protections are effective, even as overall attack volumes continue to rise.
• Scams are accelerating: Scams are now the dominant consumer threat as criminals prioritize social engineering over direct system breaches.
• AI is transforming fraud on both sides: Fraudsters are using AI to scale more convincing scams, while defenders are increasingly deploying AI to detect and stop attacks earlier in the transaction lifecycle.
• Ransomware economics are shifting: Global ransomware activity increased 26% from July 2025 – December 2025 over the same period in 2024, yet only 23% of victims paid ransoms – the lowest rate on record – reflecting improving resilience and recovery capabilities, as well as a reluctance to pay when data could still be leaked, regardless of payment.

“The rapid adoption of AI has fundamentally lowered the barrier to entry for fraud,” said Michael Jabbara, SVP, Payment Ecosystem Risk and Control at Visa. “What once required deep technical skill can now be executed with a prompt. That reality makes intelligence-driven defenses and coordinated action across the ecosystem more critical than ever. With this report, our goal is to help leaders act sooner – before fraud reaches consumers.”

The full Spring 2026 Biannual Threats Report can be viewed here. For more information on how Visa protects the global payments ecosystem, visit Visa.com/security.

About Visa

Visa (NYSE: V) is a world leader in digital payments, facilitating payments transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories. Our mission is to connect the world through the most innovative, convenient, reliable and secure payments network, enabling individuals, businesses and economies to thrive. We believe that economies that include everyone everywhere, uplift everyone everywhere and see access as foundational to the future of money movement. Learn more at Visa.com.

Fonte: Business Wire