Stephen Topliss from LexisNexis warns organisations face a potential tipping point as cybercriminals embrace AI-enhanced capabilities.
What’s happening: First-party fraud has doubled in one year to represent 36% of all reported fraud globally, according to LexisNexis Risk Solutions analysis of over 104 billion transactions. Consumers now emerge as the single largest source of human-initiated fraud.
Why this matters: The shift in fraud composition presents significant challenges for prevention, requiring different approaches than traditional scam detection. With over three billion brute-force automated account takeover attacks detected last year, Australian businesses face mounting cybersecurity pressures.
First-party fraud has overtaken traditional scams to become the dominant global fraud threat, marking a significant shift in cybercrime patterns that puts consumers at the centre of fraud activity.
LexisNexis Risk Solutions released its Global State of Fraud and Identity Report 2026, revealing first-party fraud now accounts for 36% of all reported fraud globally in 2024, more than doubling from 15% the previous year.
The report analyses over 104 billion global transactions through the LexisNexis Digital Identity Network platform during 2024, identifying fraud attempts during near real-time analysis of consumer interactions across the online journey.
Economics driving fraud surge
First-party fraud includes misrepresenting or providing false personal or account information for financial gain, such as when applying for loans, claiming credit or debit card purchases are fraudulent to obtain refunds, known as friendly fraud, or claiming ordered goods were not delivered.
Stephen Topliss, vice president of fraud and identity at LexisNexis Risk Solutions, explains the significance of the shift.
“These findings represent a notable shift in global fraud patterns, with consumers now emerging as the single largest source of human-initiated fraud,” Topliss said. “The change in composition of attacks presents a significant challenge for fraud prevention since detecting first party fraud requires a subtly different approach from detecting scams or account takeovers.”
Buy Now, Pay Later providers and financial institutions report uplift in first-party fraud, which research shows is exacerbated by periods of inflation and rising cost of living.
Mike Nathan, vice president of international professional services at LexisNexis Risk Solutions, connects the trend to economic pressures.
“First-party fraud is tied to economics and an increased cost of living. When you have money problems, you’re more likely to respond to a mule-recruitment advert or take a loan without any intention to repay,” Nathan said.
Regional variations show EMEA recording 51% first-party fraud rates, up from 18% last year. North America reached 30%, up from 8%, whilst APAC recorded 6%, up from 4%. LATAM decreased slightly to 11% from 13%.
Dark web marketplace thrives
The dark web has evolved into a comprehensive fraud-as-a-service marketplace, providing criminals with data, tools and expertise.
LexisNexis Risk Solutions dark web research reveals fraudsters can purchase accounts from challenger banks with strong mobile phone fraud controls, preinstalled on physical phones, for approximately $900 including shipping.
Basic fraud data available includes aged email accounts for $3 to $5 each, reward point accounts offering 400,000 to 500,000 points for $120, and bundled services with tutorials for $200 each.
Advanced offerings command higher prices, with KYC-as-a-service packages selling for $500 to $800 and high-value business accounts fetching $1,000 to $2,000 each.
Dr Jeffrey Feinstein, vice president of global advanced analytics strategy at LexisNexis Risk Solutions, highlights the speed advantage criminals possess.
“When we have an anti-fraud idea, it takes time to implement because of regulations, company policies and other well-meaning checks and balances. But if a fraudster wakes up in the morning with a new plan, they can be testing it 10 minutes later,” Feinstein said.
Mule networks move fast
Money mules play critical roles in modern global crime infrastructure by moving stolen money out of financial systems quickly and efficiently.
Network retro analysis shows how stolen funds from two separate scam victims were washed in just 30 minutes, funnelled through multiple banks and ultimately into gaming and retail websites.
The snapshot reveals funds moving at 1:59, 2:06, 2:08, 2:23, 2:24 and 2:29 through five different banks, with amounts ranging from $500 to $1,500.
Leading institutions fight back by benchmarking against global intelligence, collaborating across institutions, following mules with digital assessment beyond banking, analysing full customer journeys, scrutinising inbound payments and taking down mule networks with actionable analytics.
Attack rates stabilised in 2024 after two years of substantial increases, with only 1% increase in human attack rate and 15% decrease in global bot attacks.
However, Topliss warns of potential escalation ahead.
“We are at a potential tipping point. While many organisations have improved their defences over the past few years, we also know that cybercriminals are embracing new innovative, AI-enhanced capabilities and we will likely see these extensively tested and executed over the coming months,” he said.
Regional attack rates vary significantly. EMEA continues recording the lowest regional attack rate globally at 0.6% of transactions according to the LexisNexis Identity Abuse Index. LATAM decreased to 1.6%, now below North America’s 2.2%. In contrast, APAC’s attack rate grew 37% through 2024, reaching 1.5% of all regional transactions.
Account takeover fraud comprised 27% of total fraud cases, often resulting from phishing and smishing attacks. More than three billion brute-force automated account takeover attacks were detected last year alone.
The battle between good and bad AI intensifies as criminals use generative AI to create disturbingly realistic deepfake photos and videos that bypass security checks or improve scams. Legitimate businesses leverage AI too, with tools using deep-learning neural networks to analyse enormously complex identity data at scale.
Data collaboration helps companies amplify risk management efforts. By sharing risk intelligence and insights in real-time, businesses collectively protect consumers and one another and keep fraud from spreading.
Topliss emphasises the necessity of adaptive approaches.
“Organizations can’t afford to be complacent, however. Scams remain a global problem. It is vital for organizations to have models tuned to detect these varied forms of fraud,” he said.
For Australian businesses already managing cybersecurity as a top concern, the report’s findings underscore the evolving nature of threats requiring continuous adaptation and investment in detection capabilities.
Keep up to date with our stories on LinkedIn, Twitter, Facebook and Instagram.
