SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
International Women’s Day
260 opinions Read now

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Spanish bank digital security threats cybersecurity scammers vigilance
#
AI
#
Cybersecurity
#
ML

Spanish banks see fraud drop with behavioural tech, but scams rise

Thu, 3rd Jul 2025
Author image
By Shannon Williams, News Editor

Spanish banks have reported a 23% decline in overall fraud attempts in the first quarter of 2025, following the implementation of behavioural technology solutions from BioCatch.

This fall in fraud cases follows BioCatch's release of its 2025 Digital Banking Fraud Trends in Spain report, revealing substantial reductions compared to the same period a year earlier. The report notes a 52% decrease in fraud attributed to third-party account takeovers among BioCatch's Spanish banking partners.

The new figures differ significantly from broader banking sector trends. In a global survey conducted by BioCatch, 73% of Spanish banking leaders reported an increase in fraud attempts within their organisations in the past year. The reduction seen by BioCatch partners stands in contrast to these findings and could signal the impact of wider adoption of behavioural fraud detection and prevention strategies in Spanish banking.

Changes in fraud tactics

While the report identifies a fall in some fraud types, social engineering scams now comprise 58% of all reported fraud in Spain, representing a persistent threat. The report observes that, as account takeover fraud becomes more difficult due to advances in detection, criminals are shifting to tricking victims into authorising transactions themselves.

As third-party fraud has grown more difficult to execute in Spain, bad actors have pivoted, mastering the art of socially engineering their victims to willingly authorise and execute fraudulent payments on the criminals' behalf," BioCatch Director of Global Fraud Intelligence Thomas Peacock said. "In 2025, this is undoubtedly the No. 1 problem facing banks in Spain.

The report also highlights that nearly a third of all fraud reported by BioCatch customers takes place on the instant-payment platform Bizum. This underlines the continued risk associated with real-time payment methods, which can be vulnerable to manipulation and scams.

Mobile fraud increases

BioCatch's research observes a steady shift in the platform used for fraudulent activities. The percentage of fraudulent sessions on mobile platforms grew from 72% to 80% over the past year, according to the report. Nearly three quarters of mobile banking sessions in Spain now originate from Android devices, which the report identifies as particularly targeted by malware attacks.

Highlighting this trend, Thomas Peacock said:

This reinforces the need for a proactive malware detection strategy rather than reactive approaches. Isolating the behaviours seen across multiple malware strains can help banks get ahead of the problem and reduce their dependence on the quick identification of individual malicious packages. With behavioral solutions, banks can identify malware sessions even when fraudsters modify or the bank has never before seen the malware's packaging.

The statistical increase in mobile-based fraud comes as malware attacks proliferate, particularly on Android devices, which are commonly used in Spain for digital banking.

Prevalence of scams

The BioCatch report identifies investment, purchase, and job scams as the three most prevalent types of scams in Spain. These forms of fraud often rely on social engineering, where criminals convince individuals to part with money or confidential information under false pretences.

Despite the overall reduction in fraud attempts reported by banks using behavioural technology, the report suggests that the challenge in Spain is shifting rather than disappearing. While technological defences have had success against some fraud types, criminals adapt their tactics, with a current emphasis on manipulating victims rather than compromising banking systems directly.

The data underscores an ongoing need for Spanish banks to develop and implement adaptive security strategies. With a large proportion of fraudulent activity migrating to the mobile space and focusing on real-time payment platforms, continuous enhancements in behavioural analytics and malware detection will remain central to financial crime prevention in the country.

Related stories
In a cost-pressured AI race, operational maturity is now the competitive advantage
AI cyber threats outpace staff readiness, report warns
UK AI budgets shift to data infrastructure & storage
Teramind launches AI governance to tackle shadow AI
Red Hat, Nvidia, Palo Alto forge AI-native telco stack

Top stories

Autonomous AI 'agentic customers' set to reshape banks
How women in cyber change the conversation at board level
The weight women carry
Preserving our voice: Why women must shape the future of AI and cybersecurity
Bridging the gap: Cybersecurity breakthroughs and imbalances