The Industrialization of Fraud Redefines Payment Security: Visa Publishes Its Semiannual Report

The Industrialization of Fraud Redefines Payment Security: Visa Publishes Its Semiannual Report The crisis of authenticity, the erosion of traditional controls, and third-party vulnerabilities are among the five forces redefining the global landscape of payment security. Visa emphasizes that while technological advances like agent commerce are positive, they also pose a real risk to consumers, making being informed one of the best forms of protection. Visa is collaborating closely with global partners, investing over $13 billion in the last five years in technology and infrastructure, including security and trust, to develop risk management capabilities and next-generation security technologies.

In this context, as the holiday season approaches, the entire ecosystem must stay one step ahead of the threats.

The Five Transformative Forces of Global Fraud Visa's report identifies the following trends that are evolving the nature of risk:

1. The Industrialization of Fraud Fraud has escalated to systematic operations where criminals build reusable infrastructure. The document, prepared by Visa's Payment Ecosystem Risk and Control (PERC) team, highlights a fundamental shift in fraud operations, which have moved from opportunistic incidents to sophisticated tactics executed on an industrial scale. Paul Fabara, Global Head of Risk and Client Services at Visa, noted that criminals no longer act as individuals but rather "operate like tech startups, building reusable infrastructure and deploying systematic operations on an industrial scale that challenge conventional defenses".

The analysis by Visa's PERC team reported a 41% increase in ransomware incidents affecting entities in the payments ecosystem between January and June 2025, compared to the previous six months. Additionally, a 173% increase was recorded in the distribution of compromised accounts in Account Management Systems (CAMS) compared to the same period in 2024. Michael Jabbara, Senior Vice President of Risk and Control for the Payment Ecosystem at Visa, commented that the reality is that "anyone with internet access can be a scammer".

Criminals identify and exploit gaps in these systems, forcing a constant update of defensive strategies.

1. The Third-Party Vulnerability Gap The high interconnectivity of the payments ecosystem creates cascading risks, where external providers become critical points of vulnerability. This approach aims to maximize their reach and evade detection by security systems.

2. The Crisis of Authenticity The growing proliferation of sophisticated identity theft techniques and synthetic content poses unprecedented challenges for verifying the legitimacy of transactions and communications across the entire payments ecosystem.

3. The Problem of Control Erosion Legacy defense mechanisms and traditional security controls are being systematically circumvented.

4. The Monetization Playbook Criminals now use dual-speed strategies, operating with slowness and deliberation to accumulate stolen credentials.

This includes botnets, synthetic identities, pre-designed scam scripts, and artificial intelligence (AI) tools, which can be deployed simultaneously in multiple types of attacks with the efficiency of a tech company.