In 2025, the cyber threat will dominate the concerns of companies worldwide. According to Allianz's ranking of the main business risks, cyber-attacks are now in first place, relegating natural disasters, climate change and geopolitical tensions to second place.
The financial haemorrhage accelerates
The figures are staggering: in 2023 alone, online payment fraud is estimated to have cost $38 billion worldwide, rising to $91 billion by 2028, according to Juniper Research. The booming e-commerce sector has not been spared: global losses are estimated at $107 billion by 2029, compared with "only" $44 billion in 2024. In addition to the staggering amounts involved, the perception of risk is real: 72% of French citizens agree that online fraud is becoming increasingly frequent.
Six trends that create fertile ground for online fraud
- Individuals are increasingly connected, but not always protected... including via cell phones, which have become prime vectors for fraud. All the more so as 50% of mobile devices are still running obsolete information systems, according to the Global Mobile Threat Report 2025.
- The e-commerce boom and a widening attack surface. The explosion in online purchases is good news for business... but it also attracts fraudsters. Today, 100% of businesses with more than 20 employees are committed to a policy of digital transformation. Fevad (Fédération du e-commerce et de la vente à distance) reveals that Internet sales will pass the 175 billion euro mark in 2024, an increase of 9.6% in one year.
- Business-critical processes are becoming increasingly dematerialized, as seen in e-invoicing, but also in supply chains and public services. It's practical and fast, but also risky. Because every link in this digital chain can be targeted, exploited... or hijacked.
- The risks are low, especially for cross-border fraud. Cybercriminals know how to exploit the grey areas of the law and blur the lines between different jurisdictions. The result: a feeling of impunity that encourages repeat offenses.
- Low-cost, industrialized attacks. Fraud can be easily automated, with software traded on the Dark Web. Phishing kits, for example, enable non-specialists to carry out large-scale frauds.
- Awareness levels lag behind the skills of fraudsters, as shown by the number of companies that are victims of attempted fraud (63% in France in 2023).
Multiple entry points
Online fraud can be grouped into three broad categories,
- Who I am" fraud: this is identity theft, where one person pretends to be someone else. A study by Ping Identity estimates that 87% of consumers are concerned about identity fraud. Artificial intelligence is obviously an aggravating factor: according to a Signicat study on digital identities, 42% of frauds in this field are generated by AI.
- I've got it" frauds: these include bank account hacking and the use of false IBANs...
- Know-it-yourself" fraud: the aim is to obtain information of all kinds (names of customers, people, copies of invoices, personal information on individuals, particularly politically exposed persons...).
Fraudsters, entrepreneurs like any others!
The fraud economy works like the rest of the economy, with fraudsters using the same strategies as entrepreneurs. There are at least three common strategies:
- Matching supply to demand: frauds proliferate as soon as buyers are willing to purchase the product (personal data, IBANs, personal details that can be used for identity theft, etc.). For example, credit card data can be traded for between 5 and 110 dollars, depending on the quality of the information; access to a bank account costs between 200 and 2,000 dollars, depending on the profile of the holder, and a complete identity can be acquired for less than 100 dollars.
- Aiming for maximum profitability: the most lucrative financial frauds are often those targeting high-stakes companies, particularly financial institutions. They rely on opaque and sophisticated modus operandi (using cryptocurrencies, for example). As the tools needed to orchestrate these frauds are inexpensive, the return on investment for cybercriminals is considerable.
- Innovate and seek new outlets: as soon as a sector becomes overcrowded or is subject to increased vigilance on the part of potential victims (e.g. SMS fraud, which arouses more mistrust than in the past), fraudsters look for new outlets. These attacks exploit social engineering to create anxiety among victims, prompting them to act quickly without verifying information. By targeting a new sector, distrust has not yet set in, and profits can be more rapid and substantial.
A technological response is needed
When it comes to online fraud, awareness-raising is essential. However, despite the efforts of the media, banks, e-tailers and public authorities, it is not enough. The alliance of a technological response is just as crucial in limiting the number of frauds and their impact.
Artificial intelligence, as we have seen, while increasing risks, can also become a formidable asset in the mirror. It can analyze massive quantities of data in real time to identify suspicious behavior and anomalies. According to PWC, one French CFO in two is already using it to combat fraud.
AI is at the heart of anti-fraud solutions. Provided, however, that detections are traceable, transparent, explainable and not "Black Boxes". We're talking aboutAugmented Intelligence, combining algorithmic power and human expertise, and intelligent automation, two major pillars of the tools offered by AP Solutions IO.
Find out more:
