Revisiting 2025’s biggest fraud predictions: What came true, and what missed the mark?
2025 reshaped the fraud landscape in ways few could ignore. AI‑powered scams accelerated at a blistering pace, consumer behavior shifted under economic and digital pressure, and new vulnerabilities emerged across every major sector. For many fraud leaders, the year became an ongoing exercise in recalibrating defenses — trying to keep pace with threats that had quietly been building long before most organizations felt their full impact.
Next week, I’ll join Kathleen Peters, Chief Innovation Officer at Experian, to look ahead at what fraud teams can expect in 2026 and how to prepare for another year of rapid change. But before we dive into what’s coming next, it’s worth revisiting the five major predictions Experian made going into 2025 — what we got right, where the landscape shifted and what those outcomes tell us about the year ahead.
1. Crypto scams supercharged by AI deepfakes and impersonation
Experian’s 2025 prediction: As crypto value increased, fraudsters would fuse AI‑generated deepfakes with impersonation and phishing to increase scam sophistication and scale losses.
What happened: Nailed it. 2025 brought record losses tied to AI‑enabled impersonation. Estimates put crypto scam losses at about $17 billion last year, with impersonation scams up roughly 1,400% year over year — a major shift from one‑off hacks to industrialized, AI‑amplified social engineering.
Why it matters for 2026: Crypto value remains high, meaning fraudsters will continue to target it. Expect more polished, AI‑driven ‘trust attacks’ (fake support, executive impostors and authority‑figure deepfakes) as criminals scale scripted conversations, cloned voices and realistic video with low-cost, low-effort tools.
2. Pig‑butchering scams: bigger than ever, but still a long con
Experian’s 2025 prediction: Scammers would intensify pig‑butchering — including romance scams and fake crypto investing — pushing for faster wins.
What happened: Losses surged, but pig butchering remained an intensive, long-term play for fraudsters. Pig butchering grew into a multi‑billion‑dollar industry, but experts continue to expect weeks‑to‑months of emotional grooming in a pig butchering attack rather than quick‑hit blitzes.
Why it matters for 2026: Even as AI lowers the cost of outreach, the “trusted guide” narrative still converts best over time. Detection, therefore, hinges on behavioral signals — new contact patterns, off‑platform migration and sudden anomalies — just as much as it does on transaction‑only heuristics.
3. ‘Is it a social media challenge—or a crime?’
Experian’s 2025 prediction: Viral “financial hacks” would result in large-scale fraud.
What happened: Too early to call. Experian highlighted the risk of viral check‑fraud behaviors amplified via social platforms, but 2025 didn’t bring a wave of similar trends. Instead, feeds skewed toward pro‑savings trends — “loud budgeting” and no‑spend challenges — rather than overt fraudulent “hacks”. It seems as if consumers are focused more on saving the money they have, and less on finding new avenue to quickly make more.
Why it matters for 2026: Financially conscious trends are a double‑edged sword — good for consumer resilience, but also useful cover stories for scammers. As social media users seek more content on saving, fraudsters may begin to infiltrate algorithms with well-disguised scams.
4. Healthcare: automation‑driven credential attacks and cloud‑app malware
Experian’s 2025 prediction: GenAI would scale password spraying/credential‑stuffing and expand risk via cloud apps.
What happened: On trend. Netskope’s 2025 Threat Labs report found 88% of healthcare orgs now use GenAI apps, while malware distribution via trusted cloud apps remained a major initial‑access vector. Health‑ISAC simultaneously ranked compromised credentials among the sector’s top threats, even when terms like ‘password spraying’ weren’t used verbatim — pointing to the same automation‑enabled exposure.
Why it matters for 2026: Credential‑stuffing attacks are increasingly carried out by AI‑enabled bot fleets engineered to mimic human behavior, making traditional device‑based controls far less effective. In 2026, fraud teams will need bot‑detection systems that can distinguish humans from automation at the behavioral level (more on that in a moment).
5. Gen 4 bots: AI‑powered automation that behaves like humans
Our 2025 prediction: New bot generations would emulate human behavior and slip past conventional controls.
What happened: Spot on. Imperva’s 2025 Bad Bot Report shows automated traffic surpassed human traffic for the first time (51%), with malicious bots now ~37% of all internet traffic. Increasingly, these bots harness AI to mimic human behavior and bypass traditional bot detection, forcing a pivot toward behavioral analytics and modern bot management.
Why it matters for 2026: In 2026, bot defenses must evolve from CAPTCHA or device-based detection to a comprehensive, behavior-based approach. Otherwise, advanced bot attacks will fly under the radar of defenses — meaning your business could be under siege, and you wouldn’t even know it.
Building your 2026 playbook
In 2025, some forecasts hit squarely, while others evolved in unexpected ways — but each one told us how the fraud landscape is changing, and where fraud professionals should focus their energy moving forward. And while 2025 was certainly pivotal in fraudsters’ evolution, 2026 promises to bring a new set of unique challenges for businesses to defend against.
The most effective way to stop advancing attacks is to get ahead of them. For our latest 2026 predictions, join our Future of Fraud Forecast webinar on February 5.
