Synthetic identities

Synthetic identity fraud — the creation of identities that blend real and fabricated information — has matured from an artisanal operation to an industrialised supply chain. Generative AI has dramatically reduced the cost of producing convincing synthetic documents, social footprints, and credit histories. Our threat intelligence team identified 14 active marketplaces selling fully-formed synthetic identities with 24-month credit histories for under €500 each.

The detection challenge is fundamental: a synthetic identity may be entirely indistinguishable from a real one at onboarding. Detection requires longitudinal analysis of behaviour patterns that deviate from the statistical norms for the claimed identity's demographic and credit profile.

AI social engineering

Authorised push payment (APP) fraud has always relied on social engineering — convincing a real person to authorise a fraudulent payment. AI has supercharged this vector by enabling highly personalised attacks at scale. Voice cloning of family members, deepfake video calls from "bank security teams", and AI-generated urgency sequences are now documented at scale across UK and EU fintech platforms.

Bot payments

Autonomous payment bots — software that opens accounts, passes KYC, builds transaction history, and then executes large fraudulent transactions — have moved from theoretical to operational. Three coordinated bot operations were documented in EU fintech platforms in H2 2025, each operating hundreds of accounts simultaneously.

Defense strategies

2026 predictions

We expect all three vectors to intensify in 2026. Synthetic identity fraud will expand into credit products as attackers' AI-built credit histories mature. APP fraud will incorporate real-time voice cloning via telephone interception. Bot payments will become harder to distinguish from human behaviour as adversarial training against behavioural models matures. The only sustainable response is continuous adaptation — static rules will not be sufficient.