by AKANI CHAUKE
JOHANNESBURG – BANKS are confronting a new generation of fraud threats that are adaptive, intelligent, and increasingly powered by artificial intelligence.
These dynamic attacks exploit real-time vulnerabilities across digital channels, mimicking human behaviour so convincingly that they can even manipulate banks’ own systems against them.
According to Andries Maritz, Principal Product Manager at Entersekt, the industry is not necessarily facing entirely new fraud types, but rather a dramatic escalation in how existing attack methods are executed.
“We’re seeing a step-change in adaptability, realism and efficiency,” he explains. “Bots now learn, adapt and personalise continuously as they interact with live systems.”
In card-not-present and 3-D Secure environments, social engineering and BIN-level attacks are rising sharply.
Criminals are refining tactics to bypass authentication controls, coordinating efforts with greater precision. On the digital access front, bot-driven login attempts and fraudulent account creation are also increasing.
These attacks are no longer simple scripts. Fraudsters are spoofing traditional identifiers with greater accuracy while replicating human-like behaviours.
Advanced AI agents can imitate subtle cues such as irregular typing rhythms or mouse movements, making it increasingly difficult to distinguish genuine customers from automated intruders.
The strategy often begins with probing a bank’s systems, analysing live feedback such as successful logins or flagged payments.
Attackers then map weaknesses and launch targeted follow-ups. Automation allows them to harvest vast volumes of contextual data, enabling highly personalised strikes instead of broad campaigns.
By constantly adjusting digital signals like device fingerprints or timing patterns, they evade static rule-based detection.
The financial risk is mounting. Deloitte’s Center for Financial Services projects that generative AI could push US fraud losses to $40 billion by 2027, growing at 32% annually.
Yet nearly half of US organisations still rely heavily on manual reviews, a method ill-suited to the scale and speed of AI-driven attacks.
Maritz notes that fraud reporting has also become more complex, as some breaches surface instantly while others remain dormant for months.
Although banks have invested significantly in advanced detection tools, fragmented data across institutions and systems limits visibility.
He argues that fraud prevention must become more collaborative and adaptive.
Sharing intelligence, strengthening behavioural analytics and deploying AI-driven, dynamic defences are now essential.
Static rules alone can no longer keep pace in what has become a high-stakes machine-versus-machine arms race.
– CAJ News
