Visa Says AI Scams Are Doing the Hard Part for Fraudsters

Fraud has always been asymmetric. The fraudster only has to be right once, the defender has to be right every time. That asymmetry was tolerable when the labor cost of running a personalized attack was high. One scammer, one victim, days of work, modest return.

That math is changing. Visa says so directly.

AI does not invent new fraud. It removes the labor cost of doing the fraud well. The defender problem is that detection labor scales the same way.

What Visa said this week

Visa's latest fraud report, covered by Payments Dive, names AI as the active driver behind a new shape of attack: larger, more targeted, more personalized, and run at industrial cadence. Cybercriminals are using generative tools to research individual victims, draft tailored social engineering, automate the conversation, and orchestrate the payout path.

The report is, on one reading, a routine network update on fraud trends. On another reading, it is Visa laying down a public record. The card network is telling regulators, issuers, merchants, and consumers that the fraud landscape has crossed a line that matters.

We think the second reading is the right one. Visa does not publish reports like this without a regulatory audience in mind.

Why the shift is structural, not cyclical

Fraud volume goes up and down with the economy, with rollouts of new payment products, with the cycle of which credentials are most recently leaked. That is the normal rhythm. What Visa is naming is different.

Pre-AI, a high-quality personalized scam required a human operator. That operator could run, generously, three or four targeted attacks in a working day. The economics meant attackers reserved that labor for high-value targets or fell back to volume techniques that were obvious enough to be filtered by basic defenses.

Post-AI, one operator runs hundreds of personalized scams in parallel. The personalization that used to come from human attention now comes from a model that has read the target's public footprint and tailored a script to match. The labor cost per personalized scam collapses toward zero.

Volume scams used to be detectable because they were lazy. The grammar was wrong, the personal details were generic, the urgency cues were the same on every message. AI removes those tells. The cheap end of fraud now looks like the expensive end used to.

This is what Visa is trying to communicate.

The defender side of the asymmetry

Defenders have AI too. Networks, issuers, and merchant acquirers all run model-based fraud systems. Detection is also benefiting from the technology.

The problem is that defenders carry a constraint attackers do not: the cost of a false positive.

When a card network blocks a legitimate transaction, three things happen. The cardholder is annoyed and may switch issuers. The merchant loses the sale and may dispute the block. The issuer absorbs the call center cost of the inquiry. Each of those has a measurable price. Networks set thresholds carefully, and those thresholds cap how aggressive defenders can be.

Attackers have no false positive cost. A failed scam costs them effectively nothing. They send the next one. The defender constraint is real and the attacker constraint is not, and that is where the asymmetry compounds.

We have written before about how the Fime-Fact-Alipay agentic commerce trust layer split revealed the same structural asymmetry from the trust-layer angle. Visa's report is consistent with that picture. The shape is consistent across networks because the structural drivers are the same.

What the agentic commerce angle adds

The fraud picture gets messier when you add agents into it.

When a consumer authorizes an agent to make purchases on their behalf, the network has a new question to answer. Who initiated this transaction? Was it the consumer, or was it the consumer's agent acting under standing instructions, or was it an attacker who compromised the consumer's agent, or was it an attacker's agent impersonating a consumer's agent?

The standard fraud controls were not designed for any of those distinctions. They were designed for a model where the cardholder either initiated a transaction or did not. Agentic commerce splits that binary into a tree of possibilities and the tree is still being mapped.

We laid this out in detail in the missing commitment governance layer for agentic commerce and in Finix plugging three frontier models into its processor with the liability layer still empty. What is new this week is that Visa is now publicly naming the threat surface in a fraud report rather than a policy paper. That is a signal about where regulatory attention is heading.

PYMNTS data this week makes the same point from a different angle. 79 percent of firms now verify identity at login. Login is the wrong place to verify when the next attack vector is an authorized agent acting on a verified identity at the right time. Identity-at-authorization is the harder problem, and it is the one that needs solving.

What changes from here

Three things, in approximate order of how quickly we expect them to happen.

The first is network-level data sharing. Card networks have been incrementally building cross-bank fraud signals for years. The AI scam wave pulls that timeline forward. Expect tighter consortium-level data flows between issuers, acquirers, and the networks themselves, with regulatory cover.

The second is a renewed push on consumer-side authentication that is harder to socially engineer. Voice biometrics, behavioral biometrics, device telemetry, and step-up authentication tied to transaction context. None of these are new. What is new is the cost-benefit math now that AI-generated scams can defeat the older controls at scale.

The third is policy. Visa publishing a public report naming AI as the fraud driver is the kind of move that creates regulatory air cover. Congress, the White House, and Nacha all have ongoing fraud workstreams, as Payments Dive noted last week. Visa adding its voice to that record makes a policy response more likely.

The policy response will not fix the asymmetry. Nothing fully fixes it. The honest goal is to slow the compounding.

What to watch

Two things. First, whether other networks publish similar reports in the next 60 days. Mastercard and American Express track the same trends. If they publish, regulatory pressure converges. If they do not, Visa's report stays an outlier and the policy push is weaker.

Second, whether issuers start exposing more granular fraud telemetry to merchants. The defender side has been hoarding data for a long time. The AI scam wave gives both networks and issuers a reason to share more of it downstream. Whether they actually do is the test.

If the cost of a personalized scam falls to zero, what is the smallest unit of value that is still worth defending one transaction at a time?

Charlie Major is a Product Development Manager at Mastercard. The views and opinions expressed in Major Matters are his own and do not represent those of Mastercard.