E-commerce is entering a brand new phase of fraud, where transactions that appear legitimate — valid accounts, correct details, even routine behavior — can mask coordinated attacks powered by synthetic identities and AI.
From account takeovers (ATOs) to loyalty abuse, fraud now targets identity slightly than the purpose of sale, warned Dany Naigeboren, senior director of risk at fraud prevention company Forter.
Fraud is not any longer breaking into systems — it’s operating inside them.
These attacks have gotten easier to execute, allowing smaller actors to operate with capabilities once limited to organized fraud rings.
“It’s an enormous game changer. Until now, online fraud has mostly involved sophisticated fraud syndicates with vast engineering resources,” Naigeboren told the E-Commerce Times.
To counter that threat, Forter uses AI to detect and forestall “invisible” fraud across the complete customer journey, not only at checkout.
Its global merchant network draws on data from over $1 trillion in transactions to enhance detection accuracy, reflecting a broader need for AI-driven systems to trace and stop increasingly difficult-to-detect attacks.
Digital Thieves Use AI Against Us
AI is lowering the barrier to entry for e-commerce fraud, allowing individuals with limited technical skills to execute attacks once limited to organized teams.
“With two to a few hours of labor, anyone can grow to be proficient in conducting fraud online. And this manifests itself in quite a few ways,” Naigeboren said.
In lots of cases, the fraud not looks like an obvious attack. Compromised accounts, valid credentials, and routine purchasing behavior allow transactions to maneuver through ordering and payment systems without triggering traditional defenses.
Attackers are increasingly bypassing merchant systems by targeting consumers directly, using account takeovers and similar schemes to operate inside legitimate user activity.
AI tools also make it easier to perform social engineering and phishing attacks, helping fraudsters steal credentials and impersonate users at scale.
“We’re suddenly getting more emails targeting us to get information to conduct fraud online. That is one area that has modified immensely,” he said.
He added that AI is making fraud each easier to execute and more profitable, enabling attackers to deploy automated agents that scale these activities rapidly.
Fighting Fire With Fire
Forter’s approach centers on identity — determining who’s behind each interaction and whether that intent is legitimate.
“The best way we see it’s that to conduct fraud using sophisticated AI tools, you would like equally advanced systems to stop it,” Naigeboren said.
While the platform is primarily utilized in e-commerce, it also supports hybrid models similar to buy online, pick up in store, where online identity signals extend into physical transactions.
It provides real-time decisions that approve or decline transactions, reducing false declines while addressing account takeovers, fake accounts, payment fraud, and promotional abuse.
AI Redirects Fraud Toward Consumers
Naigeboren is seeing spikes in account takeovers and social engineering, with phishing and impersonation attacks growing more convincing and harder to detect.
Quite than targeting merchant systems directly, many fraudsters now deal with consumers, using compromised accounts to maneuver through e-commerce workflows with fewer controls.
In practice, that may mean a legitimate account placing what appears to be a routine order — but one initiated by an attacker using stolen credentials.
“It’s often easier and more lucrative to focus on consumers directly,” Naigeboren said.
AI also enables attackers to deploy automated agents that scale these tactics, reducing the necessity for technical expertise while increasing attack volume.
At the identical time, retailers face rising “friendly fraud,” where legitimate-looking customers abuse policies, promotions, and chargebacks.
The challenge, Naigeboren noted, is determining intent — whether a user is making a legitimate purchase or attempting to game the system.
Forter addresses this in real time and thru post-transaction evaluation of returns and chargebacks, which remain amongst essentially the most difficult areas to administer.
How Forter Differs From Competitors
Effective fraud detection is determined by combining real-time signals with historical context to grasp user behavior.
Most systems evaluate transactions in isolation. Forter as a substitute connects behavior across interactions, linking activity across sessions, devices, and transactions to construct a unified view of every user.
That permits the platform to evaluate risk on the identity level, as a substitute of counting on individual transactions or single touchpoints.
“Traditional fraud detection systems are siloed. They appear at one or two data points at a single touchpoint. Modern fraud prevention needs a holistic, identity-centric view over multiple touchpoints similar to checkout, returns, promotions, and logins,” he said.
The Way forward for Fraud Prevention
E-commerce fraud is expanding rapidly, with recent attack methods emerging faster than traditional defenses can adapt.
“There is no such thing as a single silver bullet. The hot button is holistic visibility into interactions and identities. Detection and protection systems have to be AI-driven and repeatedly learning, not static rule sets,” Naigeboren said.
As AI agents increasingly transact on behalf of users, the central challenge is identifying who — or what — is behind each interaction.
In some cases, those interactions may look indistinguishable from legitimate customer behavior, with automated agents browsing, adding items to carts, and completing purchases without obvious signs of fraud.
Distinguishing between human users and AI-driven activity stays inconsistent across systems, often counting on fragmented signals or indirect detection methods.
“As AI agents handle more checkouts and logins, it becomes essential to tie each agent’s activity back to a verifiable underlying human identity,” he said — a requirement that’s quickly becoming central to modern fraud prevention.