SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Dave rossi
#
Data Analytics
#
CX
#
Phishing

Identity fraud: The double-edged sword of trust and technology

Thu, 20th Nov 2025
By Dave Rossi, Managing Director, National Hunter

Identity, previously central to how banks assess trust, is now both a layer of defence and a weapon wielded by criminals. Generative AI has made financial fraud far more damaging and unpredictable, with tools like Fraud GPT, deep fakes, and large-scale automated and agentic, autonomous decision-making capabilities supercharging identity-based fraud methods. Criminals, empowered by AI, are now flooding the industry with financial applications which increase phishing and identity theft, especially for vulnerable individuals. 

Combatting this explosion requires a different approach; one that not only transforms identity checks through robust, multi-tiered tools but also includes assessment of behavioural signals, transaction monitoring and cross validation to highlight suspicious activity at any point in the customer lifecycle.

The Explosion of Synthetic Identities

According to Signicat, AI-driven identity fraud is up 2,100% since 2021. This is largely attributable to the ease with which AI creates synthetic identities. Rather than stolen passports and forged documents, fraudsters are using AI to create manufactured personas, ID documents and accounts that appear legitimate but have been built to deceive. In fact, according to LexisNexis Risk Solutions, there are around 2.8 million synthetic identities in circulation in the UK, and hundreds of thousands more are created annually. They also claim 85% of synthetic IDs go undetected by standard models, creating a potential cost to the UK economy of £4.2 billion by 2027 unless companies adopt more stringent screening measures.

Using AI, criminals can now ensure the behaviour of synthetic accounts mirrors real customers over months or years to build a credit history before cashing out and leaving the business and bank to handle the write-off. Criminals are playing this long game in every industry. According to Experian, over a third (35%) of all UK businesses reported being targeted by AI-related fraud in the first quarter of 2025 - an increase of more than 50% over the same time period last year.

Financial Institutions Must Watch Their Backs 

Organisations cannot afford the current levels of (over) trust. Synthetic IDs succeed when the focus is only on verification, which checks identity, rather than on-going monitoring of behaviour and transactions, as well as cross validation, which highlights intent. Spearfishing leverages a culture of uncertainty, succeeding in environments where individuals do not feel confident or are not encouraged to question the veracity of the CFO's payment orders, for example. 

The reliance on credentials verification is inadequate in a world of Fraud GPT. With diverse sophisticated technologies now being deployed at scale, it is no longer acceptable to rely on traditional models of verification, such as document validation. Furthermore, organisations are losing trust in newer techniques, such as facial biometric authentication due to the sophistication of AI deepfakes. Concerns are growing about the risks associated with proposed national eIDs: when a digital ID appears to be verified by government there is a temptation to believe without additional, yet essential, scrutiny.

Organisations need to consider intention as well as identity: what are the behavioural signals that could indicate fraud? Which transactions are suspicious and what additional insight can be surfaced through continual cross-validation of activity? Adding layers of verification and flagging possibly suspicious activity may initially annoy the odd genuine customer, but the reality of AI-enabled fraud is devastating individuals, businesses and financial institutions. It is now vital to adopt a fraud-first culture, where individuals at every level of the organisation have both the tools and understanding to spot suspicious activity and are encouraged to call out concerns, especially if they relate to senior management requests. 

Collaboration as the Ultimate Safeguard 

Organisations must shift from over-trust to low-trust. Delaying this will only continue to play into the hands of criminal gangs – gangs that are constantly sharing information about weak targets. 

Innovative, anti-fraud organisations are leading the fight back through intelligence sharing, cross-validation and next generation screening. Adding defence measures – both technology and human – to the process may potentially add friction to the customer experience, but failing to protect either the business or customers will, without any doubt, cost significantly more. Adopting both robust verification and validation technologies and a culture that encourages suspicion and also fosters cross-industry insight is key to addressing this complex, evolving threat.

By proactively sharing the information surfaced through comprehensive verification as well as behavioural and device analytics, the industry can gain a rapid understanding of the fast-changing tactics being deployed and take the appropriate remedial action to effectively blunt the double-edged sword of identity fraud. 

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Oxylabs experts forecast AI bubble risks & browser wars
AI reshapes cyber threats as experts warn on automation
Tenable hack of Copilot AI agent exposes fraud risks
Agentic AI surge in 2026 sparks fresh cyber security risks
AI-driven cyber threats spur surge in intel spending

Top stories

Enterprises pivot to risk-aware, human-centric AI in 2026
Cyber leaders warn resilience gap as boards eye 2026
AI bubble cools as HR shifts to outcomes & new roles
Keeper links identity security alerts into ServiceNow
Safe AI coaches staff to cut cyber attack errors