Rising Cybersecurity Threats in Global Payments: Visa Fall 2025 Biannual Threats Report
Visa has released its Fall 2025 Biannual Threats Report, highlighting five transformative forces reshaping the global payments security landscape. Released during International Fraud Awareness Week, the report details fundamental shifts in fraud operations, which are now characterized by unprecedented speed, scale, and industrial-level organization.
Key Findings and Transformations in the Payments Ecosystem
Industrialization of Fraud
- Fraud has evolved from opportunistic acts to organized, industrial-scale operations. Criminals are building reusable infrastructure—including botnets, synthetic identities, templated scam scripts, and AI tools—enabling them to launch multiple attacks simultaneously with efficiency similar to tech enterprises.
Advanced Monetization Strategies
- Criminals are employing dual-speed tactics, acting deliberately when stockpiling stolen credentials to maximize reach while evading detection, reflecting sophisticated planning and coordination.
Authenticity Crisis
- The rise of impersonation techniques and synthetic content has created major challenges in verifying legitimate transactions and communications across the payments ecosystem, significantly increasing the risk of sophisticated fraud.
Erosion of Traditional Controls
- Fraudsters are systematically testing and bypassing legacy security controls, exposing weaknesses in conventional defense mechanisms and highlighting the need for advanced, modernized security solutions.
Third-Party Vulnerability Gap
- The interconnected nature of the payments ecosystem makes third-party service providers critical points of vulnerability. Visa reported a 41% increase in ransomware incidents affecting payments entities from January to June 2025 compared to the previous six months, with a 173% increase in compromised CAMS accounts versus the same period in 2024.
Role of Artificial Intelligence and Emerging Threats
- The report also emphasizes risks linked to AI-driven agentic commerce, where anyone with internet access could potentially commit fraud. Visa executives highlighted that awareness and education about these emerging threats are essential for consumer protection.
Visa’s Cybersecurity Strategies
Visa is actively collaborating with partners across the global payments ecosystem to address these evolving threats by:
- Enhancing intelligence sharing
- Using advanced analytics to detect and predict fraud
- Implementing collaborative defense strategies
Over the past five years, Visa has invested more than $13 billion in technology and infrastructure, including security and trust initiatives, to develop next-generation security technologies and risk management capabilities that protect consumers, merchants, and financial institutions.
Visa’s Fall 2025 Biannual Threats Report underscores that cyber threats in global payments are evolving rapidly, driven by organized, technologically sophisticated fraud operations. The findings highlight the critical need to update traditional security controls, strengthen third-party risk management, and maintain vigilance across the payments ecosystem to safeguard the financial infrastructure effectively.
