TL;DR: Prepare for 2026 After the AI Attack Spike

AI-enabled attacks are surging because automation, generative tools, and synthetic video and voice let attackers scale faster, cheaper, and more effectively.

• Who: Fraudsters use AI to supercharge and scale their schemes across channels.
• Used for: Financial fraud, identity fraud, account takeover, and social engineering schemes.
• Seen most in: Real-time conversations

Important details

• AI fraud surged 1210% in 2025.¹
• Non-AI fraud is also increasing—up 195% at the end of 2025²—but it’s still outpaced by AI fraud growth, meaning more fraudsters are turning to AI-backed schemes.
• Healthcare is facing a new wave of bot attacks—with one major healthcare provider experiencing over over 15,000 unique bot calls in the summer of 2025³—leaving these orgs exposed.
• Return fraud in retail is skyrocketing as fraudsters automate refund scams at scale. Among major retailers and Pindrop customers, there was a 330% increase in AI fraud in 2 months.⁴

Quick takeaways

• AI dramatically increases fraud speed and volume.
• Many enterprises are unprepared for AI-driven fraud.

Trust needs a redesign.

In this modern threat landscape, enterprises need to change how they define and defend trust. Legacy security methods often assume identity can be proven through knowledge-based authentication (KBAs), one-time passwords (OTPs), or human judgment. In the age of AI, that assumption is no longer valid.³ Security leaders must shift from assuming these methods work against AI to knowing their methods can spot AI in an instant. The chapters that follow dive into the data behind the rise in AI attacks: how they’re scaling, where they’re succeeding, and what still works when everything can be convincingly faked.

What does an AI scam look like?

In voice channels, it often starts quietly. Bots hit the Interactive Voice Response (IVR) system, not to drain funds immediately, but to learn. They identify which prompts trigger security checks and attempt to validate breached data. Their goal first and foremost is reconnaissance. Later, those same bots—now smarter—come back armed with knowledge about weak points, setting up a much more effective fraud attempt.

In other real-time channels like video meetings, the scam is often direct and bold. An employee gets pulled into a last-minute meeting. On screen is a convincing impersonation of their CFO. The CFO’s face, voice, and mannerisms are realistic—the employee sees no cause for alarm. The request is urgent: a sensitive transaction, a delayed payment, a problem that cannot wait. The fake CFO uses the same old social engineering tactics, now backed with video and audio credibility. The attacker applies just enough pressure to bypass normal checks: “I’ll explain later” and “I need you to take care of this right now.” By the time the employee realizes the meeting was deceptive, the money is gone.

Even with awareness, humans remain the weakest link, especially when urgency or perceived authority enter the conversation. Understanding that weakness, attackers now generate highly realistic human videos and voices, deliberately making small talk and sounding patient, polite, and real. That perceived real-ness builds exploitable trust.

AI bots are hammering healthcare—with no signs of slowing.

After implementing Pindrop, a major U.S. healthcare provider uncovered bot attacks account for more than half of all fraud in their systems.¹ Bots like these systemically exploit healthcare contact centers, probing IVR systems for reconnaissance, using intel from the IVR to carry out social engineering schemes with live agents, taking over accounts, and in some cases, gaining access to HSA, FSA, and other employer-funded savings accounts.

This same customer saw over 15,000 unique bot fraud calls since the summer of 2025,¹ indicating that attackers are turning this tactic into a repeatable scheme. By deploying automated bots at scale, attackers can harvest or validate Social Security numbers, dates of birth, balances, and transaction histories—without ever speaking with a live agent.

Why do we think they’re bots?

Despite the fact that our researchers aren’t seeing text-to-speech artifacts or lag, they’re noticing “programming-style” commands that suggest script-driven interactions. These commands let bots interact with near-human speed. Background noise analysis also suggests that attackers are in a call-center-style fraud operation, deploying their fraud schemes at scale.

AI attacks put your bottom line at risk.

AI-driven scams create real business damage fast. The most immediate impact is financial loss. Compromised accounts can lead to direct financial losses, especially when potentially high-balance accounts like HSAs and FSAs are targeted. Beyond that, indirect costs like investigations and reimbursements can quickly add up, turning a single incident into a significant financial loss.

Trust is also damaged. Healthcare organizations are trusted with some of the most sensitive and valuable data and financial accounts consumers have. When those accounts are compromised, confidence in an organization can drop drastically. High-balance accounts attract attackers, and even a small number of public failures can damage brand reputation. Rebuilding trust takes time, effort, and additional investment long after the attack itself is mitigated.

AI isn’t always nefarious.

AI isn’t necessarily the villain—it’s just a tool. Its impact depends entirely on the intent of the human behind it.

In healthcare, that reality is already playing out in legitimate ways. Providers, trying to reduce administrative burden, may turn to AI agents to handle routine tasks like insurance verification. Or members may use AI to assist in translation services during a call. These AI-assisted callers aren’t trying to deceive or steal; they’re trying to communicate, access systems, or streamline workflows. The challenge for healthcare organizations isn’t stopping AI—it’s learning how to distinguish between AI being used as a productivity or accessibility tool and AI being weaponized for fraud.

AI changed the script for retail scams.

Retail fraud has entered a new era—and it’s powered by AI. Fraudsters are using AI and machine-learning technologies to attack at unprecedented speed and scale. These aren’t isolated scams or human-driven schemes. AI-enabled attacks are automated, adaptive, and designed to appear like normal customer behavior.

Return fraud as a continuous attack.

One of the most damaging schemes is AI-powered return fraud. Attackers deploy bots equipped with common scripts that initiate return requests on retail sites. The strategy is intentional: target low-dollar refunds that stay below a certain threshold to avoid suspicion. One refund is small. Thousands of them are not.

The attack surge is here.

AI-backed fraud isn’t confined to a specific industry or channel. Instead, AI is used as a sophisticated tool to fuel a wave of unprecedented, fast, cheap, and scalable attacks. Across healthcare, retail, financial services, telecom, and beyond, attackers are using AI to exploit the processes we’ve long taken for granted—the processes that rely on us believing what we see and hear.

One playbook. Every industry.

Every industry experiences the pain differently, but the fraudster’s playbook is strikingly consistent. In healthcare, bots flood contact centers for recon, aiming to take over patient accounts and gain access to HSA and FSA funds. In retail, AI-backed schemes exploit return policies—with micro-transactions compounding to massive losses. Inside corporate channels, AI-generated videos and voices impersonate job candidates to gain system access or high-level executives to execute social engineering scams. The tactics differ, but the foundation is the same: convincing, sophisticated AI-backed schemes.

This isn’t an awareness problem.

Training, policies, and awareness campaigns still matter—but they’re no longer enough in isolation. Asking employees or agents to “be more vigilant” in the face of extremely convincing AI deception is not a practical strategy.

Enterprises must acknowledge a hard truth: you can’t rely on awareness alone to combat synthetic deception.

How will you protect your enterprise?

This surge in AI fraud signals a permanent shift in the threat landscape. Attackers have found a faster, cheaper, more effective way to operate—and they’re only growing in sophistication.

Adaptive and future-focused enterprises will treat AI fraud not as an emerging trend, but as a foundational change that necessitates security that matches. The enterprises that don’t risk fighting today’s fraud with yesterday’s strategy.

In 2026 and beyond, the question is no longer if AI-backed scams will reach your enterprise. It’s whether you’ll recognize them—and have the proper defenses in place—when they do.

Why is trust in real-time interactions breaking down?

Because AI can now convincingly impersonate faces and voices, human judgement is unreliable in real-time conversations.

Are knowledge-based authentication (KBAs) questions still effective?

No. KBAs are no longer enough in a robust enterprise security strategy. The rise of data breaches has led to widely accessible personal information. Fraudsters can now weaponize this breached information to bypass KBAs successfully and consistently.

Where is AI fraud actually occurring?

Inside real-time interactions. Fraudsters can take social engineering tactics to the next level, impersonating real people through video meetings, email, phone calls, live chat, and other real-time interactions.

Why can’t humans detect AI-driven fraud in real time?

AI is growing particularly adept at sounding and appearing real, convincingly mimicking empathy, patience, and politeness.

What must enterprises do to catch AI attacks?

Re-evaluate security for real-time interactions. Move beyond knowledge-based questions, OTPs, and human judgement with AI-backed multi-layered security that combines deepfake defense, fraud detection, and multifactor authentication.