Fraud has evolved from clumsy scams to AI-powered campaigns. This piece explores why cyber and fraud defences must now fuse into one fabric.
From dial-up to AI-powered attacks
Remember the 90s? Dial-up tones, MSN Messenger, floppy disks. Fraud was almost funny back then. Emails flopped because most people barely trusted the internet, and scams emerged, clumsy, obvious, and easy to spot. Banks kept cyber and fraud teams in separate corners because digital threats were still seen as minor and disconnected from financial crime. A phishing email might ask for your password in a sentence full of typos. You could almost laugh before you deleted it. Oh, and being connected digitally to everyone, including your bank? Definitely not a “thing.”
Today, fraud looks very different. It’s a cyber war. Attackers combine malware, bots, fake apps, social engineering, and AI-powered tactics into seamless campaigns. According to Action Fraud, it is estimated that at least 85% of fraud reported is cyber-enabled.
AI hasn’t reinvented fraud. It has supercharged tactics criminals already use, making them faster, more adaptive, and harder to catch. Some campaigns run across dozens of devices at once, replaying actions, pausing, and adjusting responses in real-time to avoid detection.
Many banks still operate fraud and cyber separately. Signals of potential attacks slip between teams, leaving gaps. By the time a transaction triggers monitoring, the damage is often done.
Fraud is a process, not an event
Fraud isn’t just account activity gone wrong. It’s the days or weeks of probing, testing, and infiltrating that happen before money moves. Criminals rehearse, infiltrate, and only then execute. Traditional systems see only the final act. They flag anomalies but don’t connect the story.
AI-powered tactics don’t start at the transaction. Some signals appear the moment an app or website is opened, before a user even enters their login details. Often, however, these tactics escalate after compromise, post-login, after a device is taken over, or during a live session. Some campaigns now run across dozens of devices simultaneously, replaying compromised sessions and adapting in real-time, leaving traditional detection trailing behind. Observing from the very start of the session makes it possible to see probing and automation as it unfolds, rather than just the aftermath. Actions may look legitimate to perimeter checks, but subtle patterns reveal manipulation in progress.
If you’re not watching the session itself, you’re only seeing fraud after the fact. Observing interactions, logins, taps, swipes, and device signals exposes manipulation that would otherwise go unnoticed. Sometimes, the earliest signals appear days or even weeks before money moves.
Why the old playbook fails
Rules and risk scores once gave banks confidence. But rules demand constant rewriting. Scores often come from opaque models that no analyst can fully explain. Fraud teams chase alerts—cyber teams chase logs. Silos multiply.
Attackers don’t respect silos. They employ blurred tactics, exploit every channel, and continually move forward. The result is a defence model that feels like control but is really fragmented and reactive.
Fusion is the future
Fraud and cybercrime can no longer be separated. They must form a unified defensive fabric, with shared intelligence, visibility, and response.
That’s how fraud becomes predictable. By spotting reconnaissance signals and early manipulation, attacks can be forecast an average of 15 days before money moves. Fraud can be stopped in rehearsal, not just at performance.
The next era
The digital perimeter has vanished. Every tap, swipe, and login is part of the battlefield. Attacks are only getting faster, stealthier, and more automated. With cyber-fraud fusion, banks can finally fight on equal terms: one view, one language, one defence fabric.
Fraudsters have always had the same goal. The methods have changed. The goal never has.
