Synthetic Identities and Agentic Bots Posing as Human Contribute to 8% Global Rise in Fraud Attacks – LexisNexis Risk Solutions

WHY THIS MATTERS:  This data signals a crucial inflection point where the financial crime threat is mirroring the sophistication of technological advancement. The most urgent takeaway is the structural failure of legacy defenses against the modern triad of fraud: the eight-fold spike in synthetic identity fabrication, the sharp increase in hyper-realistic ‘bad’ bots, and the startling 450% rise in benign agentic traffic. For the industry, this means that risk management is no longer a matter of identifying simple anomalies, but of authenticating intent across a complex spectrum of human, machine, and autonomous interactions. As digital identity continues to be the foundation of all commerce—from banking to gaming—firms must strategically shift from reactive measures to advanced intelligence layers capable of distinguishing genuine customer action from highly sophisticated, automated attempts to exploit the system. Failure to adapt will lead to unsustainable losses and a breakdown of trust in the customer journey.

LexisNexis® Risk Solutions’ latest Cybercrime Report reveals key global fraud trends emerging over the past year. Derived from analysis of more than 116 billion online transactions detected through our LexisNexis® Digital Identity Network® in 2025, the report shows a significant 8% rise in global fraud rates driven by attacks targeting the gaming and gambling and ecommerce sectors, cost of living pressures and new emerging fraud tactics.

Key takeaways from the 2026 LexisNexis Risk Solutions Cybercrime Report: 

• First-party fraud reigns: Customers defrauding organisations remains the leading source of fraud globally for the second year running, comprising almost two in five (38.3%) reported frauds. This varies significantly by region: Over half (51.7%) of fraud in EMEA is first-party fraud, compared to less than 10% in Latin America, where synthetic identity fraud (48.3%) is far more prevalent.
• Significant rise in synthetic fraud: More than one in ten frauds (11%) now involve a synthetic identity, representing an eight-fold global increase year on year and making it the fastest growing fraud type globally. Synthetic fraud represents a shift in tactics away from short-term opportunism to long-term goals, since they can take months to properly establish. Fraudsters stitch together new identities from various stolen identity attributes and use them to commit a variety of crimes. With no victim to immediately raise the alarm and high potential returns, synthetic fraud is proving attractive to fraudsters globally, particularly in LATAM (48.3% share).
• Agentic traffic rises 450% between January and December 2025: This traffic was mainly linked to credit card payments and logins at gaming and gambling sites. While there is no indication of malicious intent, these agents present a new challenge for fraud detection longer term, introducing a third type of digital interaction in addition to genuine human transactions and traditional bots carrying out a defined instruction set.
• Malicious ‘bad’ bots are getting better at impersonating people: Bots can now mimic genuine human actions, such as how we move a cursor around a login screen, with a high degree of plausibility to fool the latest behavioural fraud detection tools. Last year saw a significant (59%) rise in malicious bot attacks as criminals test and deploy these sophisticated tools, with significant peaks seen throughout March and April and again in August 2025.
• Fraudsters target ecommerce and online betting accounts: The ecommerce fraud attack rate grew 64% year on year and the attack rate at login, where fraudsters work to gain control of customer accounts, jumped 216%. Growth occurred across all regions, particularly in the US, Canada and APAC. Gaming and gambling sites experienced a notable 76% rise in the global attack rate in 2025.

“Fraud continues to evolve at pace with digital innovation,” said Stephen Topliss, vice president of fraud and identity at LexisNexis Risk Solutions. “While organisations are strengthening defences across channels, cybercriminal networks are scaling automation, shifting tactics and probing for any available weaknesses across the digital customer journey. Increasingly, attackers rely on advanced bots and AI-driven tools to mimic human behaviour and test defences with unprecedented speed and accuracy.”

Regional fraud trends highlight evolving global threat patterns 

• North America experienced periodic spikes in ecommerce fraud activity during the year, although the overall attack rate remained steady at roughly 2.2%. Fraud attacks most frequently target login events and ecommerce platforms.
• EMEA’s attack rate increased significantly for the first time in several years, rising 27% year on year, largely driven by account takeover attempts as fraudsters target authentication weaknesses across digital services.
• APAC continued to see strong digital transaction growth alongside rising fraud activity, with the attack rate increasing to 1.7%. Desktop browser attacks rose sharply as fraudsters deployed more sophisticated automation tools.
• LATAM fraud patterns remained diverse across industries, though the region saw growing concerns around synthetic identity fraud linked to expanding digital services and regulated online gaming markets.

Topliss continued, “Cybercriminals are experimenting with the same technologies that are transforming digital commerce and organisations must prepare for a future where both legitimate users and malicious actors rely on automated agents to interact online. Those that succeed must be able to confidently distinguish between humans, bots and agents as well as determining intent. We continue to see increasing collaboration between organisations with global digital intelligence, advanced analytics and strong cross-industry partnerships. Organisations that share risk intelligence are best positioned to protect consumers and build trust in the digital economy.”

Download a copy of the LexisNexis Risk Solutions Cybercrime Report: Evolving Threats Beneath the Surface. 

Methodology: The LexisNexis Risk Solutions Cybercrime Report analyses over 116 billion transactions through its LexisNexis Digital Identity Network between January and December 2025. It identifies fraud attempts during near real-time analysis of consumer interactions across the online journey, from new account creations, logins and payments to non-core transactions such as password resets and transfers. 

FF NEWS TAKE: This report unequivocally moves the needle by confirming the industrialization of financial crime, fueled by AI-driven bots and synthetic identity abuse. The focus must now shift from basic detection to deep digital identity authentication, especially given the 450% rise in agent traffic that complicates risk scoring. The next major industry focus will be regulatory action requiring standardized, auditable frameworks to confidently distinguish between a genuine customer, an approved autonomous agent, and a malicious attacker across all digital channels.