Talk to a fraud fighter
Baltics Under Pressure

The Baltics Under Pressure: RTP, Scams, and Smarter Fraud Defense

April 15, 2025

The Baltic states—Estonia, Latvia, and Lithuania—are rising players in digital banking. But this growing digital maturity comes with a challenge: an increase in fraud.

How can banks prepare for the specific threats emerging across the region?

The Baltic financial landscape is shaped by high digital maturity, strong fintech adoption, and rapid innovation. Estonia, Latvia, and Lithuania rank among Europe’s most tech-savvy countries, with consumers widely embracing online and mobile banking. This progress has enabled fast, seamless financial services—but it also brings new vulnerabilities. As banks modernize, fraudsters evolve alongside them.

What’s Shaping Fraud in the Baltics

Several regional characteristics shape the fraud landscape in the Baltics:

  • Language diversity: Fraudsters adapt their scripts and phishing messages to Estonian, Latvian, Lithuanian, and Russian—making scams appear more credible. A significant share of the population is fluent in Russian, which increases exposure to fraud campaigns conducted in the language.
  • Cross-border exposure: As small, open economies, the Baltic states are closely integrated with the wider European financial system. While this connectivity brings many advantages, it also opens the door to cross-border fraud—particularly scams originating from neighboring countries or further afield. The growing internationalization and industrialization of fraud makes it increasingly difficult to detect and disrupt.
  • Real-time payments infrastructure: As EU member states, the Baltics support SEPA Instant transfers—and real-time payments are gaining ground. Lithuania leads with near-universal adoption via CENTROlink, while almost all banks in Latvia and major banks in Estonia offer SEPA Instant. While convenient for users, this speed makes fraud recovery difficult, as scammers often exploit it to move stolen funds across borders before they can be stopped.
  • High digital maturity: Baltic consumers are highly tech-savvy—an advantage that also makes them prime targets for cybercriminals. Fraudsters increasingly rely on sophisticated phishing, vishing, and impersonation scams aimed at individuals.
  • Rising social engineering attacks: Scammers are increasingly impersonating banks or authorities to deceive victims in real time. By exploiting trust—and now using AI to sound more convincing—they trick users into authorizing payments themselves, leaving banks with limited room to intervene.

Baltic Fraud Trends: What the Stats Are Telling Us

When looking at fraud in the Baltic region, it’s important to remember that it’s not a single market. Each country has its own dynamics and specifics that shape how fraud plays out locally.

One such difference is language. In Estonia and Latvia, around a quarter of the population speaks Russian, either as a native language or at a conversational level. In contrast, Russian speakers make up only about 5% of the population in Lithuania.

This linguistic landscape directly affects fraud patterns. In the Baltics, phone scams (vishing) are predominantly carried out in Russian. As a result, vishing ranks as the most common fraud type in Estonia and accounts for nearly two-thirds of total fraud losses in Latvia. Lithuania—where the Russian-speaking population is much smaller—reports the lowest losses from phone fraud.

Alongside vishing and phishing, investment scams are a growing concern across the Baltics—and often result in the highest average losses. While Lithuania is less affected by Russian-language vishing, it faces investment fraud at scale. These scams account for nearly 40% of the country’s total fraud losses, amounting to €4.8 million in 2023. Estonians lost the same amount—€4.8 million—to investment scams in 2024. In Latvia, 3,671 cases of investment fraud were reported, leading to losses exceeding €5.6 million in 2023.

The Crypto Loophole and Regulatory Gaps

The Baltics—particularly Estonia and Lithuania—have become attractive targets for investment fraud and crypto-related financial crime. This is largely due to a combination of high digital adoption and previously lenient regulatory environments.

Estonia’s liberal crypto licensing regime once attracted thousands of companies. By mid-2021, nearly 55% of all virtual currency service providers worldwide were registered in Estonia. However, some of these firms were later linked to illicit actors—often with ties to Russia—involved in fraud, money laundering, and sanctions evasion, according to VSquare.

As oversight in Estonia tightened, many firms shifted their operations to Lithuania—highlighting gaps in regulatory coordination across the region. For banks in the Baltics, this underscores the need for stronger due diligence, closer cross-border collaboration, and more robust fraud defenses to counter increasingly complex and organized schemes.

Making Fraud Visible with Behavioral Intelligence

In regions like the Baltics, where high digital adoption and linguistic diversity create unique risks, behavioral intelligence offers a crucial layer of protection. Unlike rule-based systems that rely on predefined patterns, behavioral intelligence analyzes how users interact with digital services in real time—making it easier to detect signs of coercion, social engineering, or unusual activity, even when the transaction itself appears legitimate. Behavior doesn’t lie.

Behavioral intelligence systems—like ThreatMark’s Behavioral Intelligence Platform, powered by AI and machine learning—analyze how users typically interact with digital banking environments. This includes everything from login habits and transaction patterns to navigation behavior and keystroke dynamics. By building a unique behavioral profile for each user, the ThreatMark Platform continuously monitors for deviations that may indicate fraud, such as unexpected login locations or unusual activity. When something doesn’t fit the norm, it enables banks to respond in real time—before damage is done.

Behavioral intelligence is especially effective against today’s fast-moving, cross-border fraud. Unlike language or location, behavior cuts across borders—and that matters in regions like the Baltics, where instant payments leave little time to react. In this environment, real-time detection isn’t a nice-to-have—it’s essential.

Fighting Back Against Modern-Day Scams

With social engineering scams on the rise, understanding what’s normal for each user becomes critical. Behavioral intelligence helps spot subtle deviations that suggest something’s off—even when the transaction technically appears authorized.

In investment scams—a common tactic in the Baltics—behavioral intelligence can detect the use of remote access tools (RAT fraud), as well as unusual transaction patterns and risky device signals, such as an active phone call during a transaction. These capabilities make behavioral intelligence especially well-suited for banks increasingly concerned about all forms of authorized push payment (APP) scams.

Adopting advanced fraud prevention is not only helping banks protect their customers and reputations, but with the upcoming PSD3 liability changes, it will also shield them from rising costs tied to fraud reimbursements. Relying on outdated rule-based detection may prove costly—especially in a region where fraud is fast-moving, multilingual, and increasingly difficult to spot with traditional tools alone.

Learn more about behavioral intelligence