Banking Threat Bulletin: January 2026

January 30, 2026 by ThreatMark

The start of the new year brings a wave of fresh data, reports, and year-in-review findings on fraud, offering a moment to take stock as the numbers from 2025 come into focus. One message is already clear: fraud isn’t going anywhere.

1. ThreatMark Challenges Detection-First Fraud Models with Fraud Disruption Ecosystem

Modern fraud has evolved into coordinated, industrial scale operations that combine AI automation, behavioural manipulation, and multi channel infrastructure. These operations shape victim behaviour gradually, creating journeys that appear legitimate until the final stages. ThreatMark’s Disrupting Fraud At Scale outlines how this shift requires banks to move beyond detection approaches that react late in the lifecycle. The priority is to identify intent, context, and behavioural signals earlier, giving banks the ability to disrupt fraud long before a payment is initiated.

2. Cyber-Enabled Fraud as the Top Global Cyber Risk

The World Economic Forum warns that cyber-enabled fraud has become a pervasive threat, reaching record highs across industry and society. In its Global Cybersecurity Outlook 2026, 77% of surveyed business leaders report an increase in cyber-enabled fraud, with phishing (across email, SMS, and voice) the most commonly cited attack vector.

One signal stands out. AI is rapidly amplifying fraud risk, accelerating cyber-enabled harm at unprecedented speed. As the report notes, this increased scale and sophistication requires “stronger verification standards, cross-platform coordination, safeguards for vulnerable groups and tools that help users navigate an increasingly challenging information environment.”

3. EBA Report: 3 Stats That Should Make Banks Rethink Fraud Prevention

According to the European Banking Authority 2025 Report on Payment Fraud, fraudulent credit transfers remain the single largest driver of payment fraud losses in the EU/EEA. In 2024, their total value reached €2.5 billion, up 24% year over year, with an average loss of €2,155 per transaction. In practical terms, the reported volume translates to roughly one fraudulent credit transfer every half minute.

What should strike banks:

Fraud rates are higher for SCA-authenticated credit transfers than for those exempted from SCA, reflecting fraudsters’ focus on higher-value, higher-risk transactions
A growing share of losses (74% by value in credit transfers) results from manipulation-based scams
Around 85% of credit-transfer losses are now borne by the victims

With credit transfers and APP scams driving the bulk of fraud impact, the upcoming PSD3-driven liability shift for bank impersonation scams will fundamentally change the economics of fraud for banks. Institutions operating in the EU will need to prepare for this new reality. Sooner rather than later.

4. US Banks Expect Fraud Pressure to Escalate in 2026 and Look to AI

New findings from American Banker suggest fraud will remain one of the most persistent challenges for US banks in 2026. Surveying 174 banking professionals across banks, credit unions, neobanks, and payments firms, the report points to another year of elevated fraud pressure, driven in part by the AI tools that have empowered bad actors to scale and refine attacks.

Part of AI’s appeal for bankers is its potential to strengthen counter-fraud measures, particularly as payments become faster. Rather than viewing AI as a silver bullet, the findings reflect a pragmatic shift: banks see advanced analytics and machine learning as necessary tools to keep fraud risk manageable in an increasingly real-time environment.

5. Crypto Scam Losses Surge as Tactics Converge

New data from Chainalysis shows that cryptocurrency scams received at least $14 billion on-chain in 2025, with losses projected to exceed $17 billion as more illicit wallets are identified. The economics of scams are shifting fast: the average scam payment jumped 253% year over year (YoY), from $782 in 2024 to $2,764 in 2025, while impersonation-based scams surged by an astonishing 1,400% YoY.

Two trends are becoming increasingly clear, Chainalysis argues. First, we are moving toward a future where virtually every scam incorporates AI in some form. This, in turn, is accelerating the breakdown of traditional scam categories. Fraudsters increasingly blend impersonation, phishing, investment fraud, and even technical-focused scams into single, coordinated operations.

6. Pig Butchering Fraud Goes Industrial

Cybersecurity researchers have uncovered a growing pig butchering-as-a-service (PBaaS) economy, where specialized service providers supply criminal networks with everything needed to run large-scale investment and impersonation scams. According to findings from Infoblox, scam operations increasingly rely on off-the-shelf platforms offering stolen identities, pre-registered accounts, scam websites, mobile apps, payment processing, and even CRM systems that manage victims and agents at scale, dramatically lowering the barrier to entry.

For banks, this matters because pig butchering scams (up nearly 40% between 2023 and 2024) have become highly organized payment fraud pipelines. They unfold gradually: victims are slowly guided toward legitimate-looking investment platforms, emotionally groomed, and only later pushed into authorized transfers. Traditional controls struggle because the fraud rarely looks suspicious in isolation—only when behavior, timeline, and fund flows are viewed together.

7. Scams Rise Ahead of the Winter Olympics

With the 2026 Winter Olympics in Italy approaching, the Federal Trade Commission is warning of a predictable surge in event-related scams, targeting travel, tickets, and accommodation. Fraudsters are already exploiting demand through fake visa services, unauthorized ticket sales, and cloned vacation rental listings.

For banks, these events act as fraud multipliers. Large, time-bound events create spikes in authorized payments driven by excitement, urgency, and fear of missing out—conditions that scammers consistently exploit.

Banking Threat Bulletin highlights the stories shaping global fraud prevention and customer protection. Stay informed. Strengthen trust. Protect your customers.