Notifications

Clear all

Identity fraud in 2024-2025: what should IAM teams change now?

Last Post

RSS

NHI Mgmt Group

(@nhi-mgmt-group)

Member Moderator

Joined: 1 year ago

Posts: 6713

Topic starter 23/06/2026 8:25 pm

TL;DR: Identity fraud is becoming easier to execute at scale, with the report pointing to rising tactics, vulnerable industries, forged documents, deepfakes, and the growing regulatory response, according to SumSub. The practical challenge is that trust, verification, and fraud controls now have to keep pace with rapidly changing attack methods.

NHIMG editorial — based on content published by Sumsub: Identity Fraud Report 2024-2025

Questions worth separating out

Q: How should security teams reduce identity fraud without blocking legitimate users?

A: Use layered decisioning instead of single-step checks.

Q: Why do identity fraud controls fail when they rely on one strong signal?

A: Because attackers adapt to the strongest visible control and then reuse the same trusted identity across recovery, login, and support flows.

Q: What do security teams get wrong about deepfake-enabled fraud?

A: They often treat deepfakes as a novelty problem instead of a verification economics problem.

Practitioner guidance

Layer verification signals across the identity journey Combine document checks, device intelligence, velocity controls, and recovery risk scoring so no single signal determines trust on its own.
Review manual escalation thresholds for fraud operations Set trigger points for human review based on repeated exceptions, unusual recovery patterns, and high-risk jurisdictions so queues do not become the bottleneck.
Harden recovery flows as primary fraud targets Treat password reset, account recovery, and support-assisted changes as high-risk identity events and apply stronger verification than standard login flows.

What's in the full analysis

Sumsub's full report covers the operational detail this post intentionally leaves for the source:

Identity fraud rates by region and the underlying breakdown behind the report’s regional comparison
The top five identity fraud types and how each category is trending in practice
Industry-specific vulnerability patterns that help fraud and IAM teams prioritise controls
Deepfake, regulation, and protection strategy sections that go deeper than this editorial summary

👉 Read Sumsub's Identity Fraud Report 2024-2025 →

Identity fraud in 2024-2025: what should IAM teams change now?

Explore further

View Full Forum → | NHI Foundation Course →

Quote

Topic Tags

Forum Statistics

9 Forums

8,056 Topics

13.7 K Posts

25 Online

135 Members

Latest Post: June 2025 Patch Tuesday: are your IAM controls keeping up? Our newest member: Alex Recent Posts Unread Posts Tags

Forum Icons: Forum contains no unread posts Forum contains unread posts

Topic Icons: Not Replied Replied Active Hot Sticky Unapproved Solved Private Closed

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

FAQ

NHI 101 Articles

Legal & Policies