The Entrust Cybersecurity Institute has released findings from its 2025 Identity Fraud Report. As cyber criminals continue to adapt their techniques to find new ways through defences, AI-assisted fraud is growing increasingly sophisticated and frequent, as evidenced by the global report. The findings reveal a deepfake attack happened every five minutes in 2024, while digital document forgeries increased 244% year-over-year. Average fraud rates remain highest for businesses based in the APAC region (6.8%), closely followed by the Americas (6.2%).
Digital identity verification is a vital part of the onboarding process, essential for preventing fraud and financial crime. This first moment of interaction provides organisations with the opportunity to establish trust in an individual’s identity from day one. Now in its sixth year, the annual report shares insights gained on the state of remote identity fraud at onboarding over the past year to understand today’s rapidly evolving fraud landscape. The report identifies digital document manipulation and deepfakes as the biggest growing threats going into 2025.
Key findings from the 2025 Identity Fraud Report include:
-
Digital over physical: the new era of document fraud emerges: For the first time, digital document forgery surpassed physical counterfeits as the leading method of fraud in 2024, with digital forgeries accounting for 57% of all document fraud globally. This marks a 244% increase from 2023 and a staggering 1,600% surge since 2021 when almost all fraudulent documents were physical counterfeits. Threat actors are taking advantage of as-a-service platforms for phishing, fraud, and ransomware that facilitate knowledge sharing of “best practices” and the use of generative AI tools to create sophisticated digital forgery and injection attacks. The three most targeted documents in 2024 were all from APAC. Fraudsters targeted the India Tax ID more than any other document, (27%), followed by Pakistan National Identity Card (18%) and Bangladesh National Identity Card (15%). The India tax ID is likely the most targeted document in 2024 because there are a lot of templates available online for this document, making it an easy target for digital manipulation.
-
Basic fraud tactics give way to sophisticated, hyper-realistic deepfakes: The report identifies AI-assisted deepfakes as an area of particular concern for global organisations, as basic fraud tactics that are relatively easy to discern, like phishing, are quickly giving way to hyper-realistic AI-generated deepfakes and synthetic identities. The rise in face- swap apps and GenAI tools has allowed fraudsters to perform and scale increasingly believable biometric fraud attacks. The capacity for malicious usage is widespread and includes fraudulent account openings, account takeovers, phishing scams, and misinformation campaigns. Deepfake attacks occurred at a rate of one every five minutes in 2024.
-
Financial services become top target for bad actors: Globally, the top three most targeted industries in 2024 were all related to financial services, with cryptocurrency seeing almost double the number of fraud attempts compared to any other industry (9.5%), followed by lending and mortgages (5.4%), and traditional banks (5.3%). Crypto platforms saw the highest rate of fraudulent activity attempts, which have risen 50% year-over- year, from 6.4% in 2023 to 9.5% in 2024. This could be due to Crypto reaching an all-time price high in 2024, making it very attractive to fraudsters. At the same time, traditional banks experienced a 13% increase from last year in fraudulent onboarding attempts, which happened as inflation rates were also high, leading to a rise in lending and mortgage scams.
“The drastic shift in the global fraud landscape, marked by a significant rise in sophisticated, AI- powered attacks, is a warning that all business leaders must heed,” said Entrust Senior Fraud Specialist Simon Horswell.
“This year’s data underscores this alarming trend, highlighting how fraudsters are rapidly evolving their techniques,” he said. “These threats are pervasive, touching every facet of business, government, and individuals alike. To stay ahead, security teams must proactively adapt their strategies, prioritise monitoring these emerging threats, and prepare their organisations to face this new reality. It’s no longer optional; it’s imperative.”
You can read the full report here.
