HomeIntelligenceBrief
BREACH BRIEF🟠 High ThreatIntel

AI‑Powered Scam Surge Threatens Consumers and Third‑Party Vendors in Payments Ecosystem

Visa’s Spring 2026 Threats Report shows AI‑enabled scams generated $1 billion in losses in H2 2025, highlighting a shift from technical exploits to social‑engineering attacks that target users and third‑party payment partners. TPRM teams must adapt controls to this evolving threat.

LiveThreat™ Intelligence · 📅 May 22, 2026· 📰 helpnetsecurity.com
🟠
Severity
High
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
4 sector(s)
Actions
3 recommended
📰
Source
helpnetsecurity.com

AI‑Powered Scam Surge Threatens Consumers and Third‑Party Vendors in Payments Ecosystem

What Happened – Visa’s Spring 2026 Threats Report reveals a rapid rise in AI‑enabled scams that manipulate users into authorising fraudulent payments. Scams accounted for nearly $1 billion in losses in the second half of 2025, outpacing improvements in tokenization and network‑level defenses.

Why It Matters for TPRM

  • Fraud is shifting from technology‑centric attacks to human‑centric deception, exposing gaps in vendor onboarding and third‑party risk controls.
  • AI lowers the skill barrier, allowing low‑cost actors to launch large‑scale impersonation campaigns that can bypass traditional authentication.
  • Continuous monitoring of partner‑related vulnerabilities and early‑indicator analytics become essential to protect the payment supply chain.

Who Is Affected – Financial services, payment processors, merchants, SaaS platforms handling payments, and any organization that relies on third‑party payment gateways or identity‑verification services.

Recommended Actions

  • Re‑evaluate vendor risk assessments to include AI‑driven social‑engineering threats.
  • Strengthen user‑facing authentication with behavioural analytics and intent‑based checks.
  • Deploy real‑time fraud‑monitoring that flags anomalous approval patterns and third‑party dependency anomalies.

Technical Notes – The surge is driven by AI‑generated text, voice‑deepfakes, and synthetic media used in phishing and vishing attacks. While token‑fraud dropped 9.6 % and enumeration losses fell 16 %, the human‑layer remains the weakest link. Source: Help Net Security – Visa Consumer Payment Fraud Report

📰 Original Source
https://www.helpnetsecurity.com/2026/05/22/visa-consumer-payment-fraud-report/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Security Awareness

Phishing and social engineering are a people-and-policy problem.

The Verisq AI Trust Operations platform pairs Security Awareness Training with policy adoption tracking, so human-risk controls are documented and audit-ready.

Explore the Verisq AI Trust Operations platform →