Overview
- Visa published its Spring 2026 Biannual Threats Report on May 20, 2026, and found scams powered by AI and social engineering were the fastest-growing source of consumer payment harm.
- From July to December 2025 Visa identified nearly $1 billion in scam-related activity as criminals moved away from stealing credentials and toward getting victims to approve transactions themselves.
- The report documents a 26% rise in global ransomware activity in that same period and notes only 23% of victims paid ransoms, a historic low that changes attackers’ incentives.
- Security firms and reporters say attackers are using generative AI for tailored phishing, voice deepfakes, automated vulnerability discovery and adversarial techniques designed to evade transaction-scoring systems.
- Visa and industry sources call for faster automation, identity-focused controls like hardware MFA and cross-industry information sharing to detect deception earlier and reduce consumer losses.