Fraud experts warn that payment redirection scams are evolving rapidly. Here are the key trends to watch.
By mid-2024, an estimated 40% of BEC phishing emails were AI-generated
AI enables more convincing fake emails that bypass traditional detection
Threat actors are leveraging layered, automated, and AI-amplified methods
Voice deepfakes are emerging as a new verification bypass threat
BEC attacks up 15% in 2025 vs 2024
30% increase in BEC attacks by March 2025
Vendor Email Compromise (VEC) attacks rose 66% in first half of 2024
Supply chain relationships increasingly exploited
While report volumes may decline, losses per incident are increasing:
Australia 2025: Fewer false billing reports but losses up from $11.3M to $19.4M
More sophisticated targeting means higher-value victims
Australian banks are implementing the Scams Prevention Framework. Businesses that can demonstrate proper verification processes may have stronger grounds for recovering lost funds.
The EU's new regulation (EU 2024/886) requires all payment service providers to have verification systems in place by October 2025. A similar UK system reduced fraud cases by 60%.
Changes to Nacha Rules taking effect in 2026 aim to reduce successful BEC fraud and improve fund recovery.
Fraud experts identify the biggest scam threats for 2026 as:
Investment scams
Business Email Compromise
Money mule recruitment
Identity fraud in 2026 is described as "a direct threat to business continuity, regulatory compliance, and long-term trust."
Manual verification processes are increasingly inadequate
Proof of verification will become a compliance requirement
Early adopters of fraud prevention tools will have competitive advantage
Data from Hoxhunt, Abnormal AI, ACCC, EU regulations, Nacha, and The Nightly.
