Notifications
Clear all
Topic starter
10/06/2026 10:39 pm
TL;DR: Fraud attempts are dropping while success rates are rising because AI, deepfakes, and poor data sharing make impersonation easier and detection harder, according to SumSub episode with counter fraud expert Alex Wood. The identity lesson is that trust signals, collaboration, and verification controls now matter as much as user behaviour.
NHIMG editorial — based on content published by SumSub: an episode on AI-driven fraud, deepfakes, and collaboration gaps
Questions worth separating out
Q: How should security teams reduce fraud risk in account recovery workflows?
A: Security teams should require multiple independent proofs for recovery actions, especially when the action can move money, change credentials, or restore access.
Q: Why do AI deepfakes make identity verification less reliable?
A: AI deepfakes make verification less reliable because they can imitate a person well enough to satisfy a single channel of proof.
Q: What do fraud teams get wrong about shared threat intelligence?
A: They often treat intelligence sharing as a back-office task rather than a live control.
Practitioner guidance
- Harden high-risk recovery journeys Require at least two independent verification methods before password resets, payout changes, or account recovery actions are approved.
- Add fraud intelligence to identity workflows Feed confirmed scam patterns into help desk, payment, and access workflows so repeated narratives and reused indicators can be flagged quickly.
- Review legacy trust assumptions Audit every workflow that still assumes a real person will always present consistent proof in real time.
What's in the full article
SumSub's full conversation covers the practitioner detail this post intentionally leaves for the source:
- Alex Wood’s insider account of how organised fraud networks recruit callers and scale operations.
- The discussion of why some fraud schemes persist for months when organisations refuse to share signals quickly.
- The segment on how AI changes the cost, speed, and targeting precision of fraud attempts.
- The forward-looking discussion of quantum computing and what it could mean for encrypted trust assumptions.
👉 Read SumSub's conversation on AI-driven fraud, deepfakes, and trust gaps →
AI fraud, deepfakes, and the identity trust gap teams are missing?
Explore further
11/06/2026 2:47 am
Fraud has become an identity assurance problem, not just a user-awareness problem. The episode shows how modern scams exploit the gap between what a person can convincingly present and what a verifier can reliably prove. Once AI can generate believable context on demand, the control question shifts from 'is the user suspicious?' to 'can the workflow still establish trust under synthetic pressure?' Practitioners should treat fraud operations and IAM as overlapping assurance disciplines.
A few things that frame the scale:
- 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to the Ultimate Guide to NHIs.
- Only 5.7% of organisations have full visibility into their service accounts, which shows how often defenders are operating without a complete identity picture.
A question worth separating out:
Q: What should organisations do about quantum risk in identity and secrets management?
A: Organisations should inventory secrets and cryptographic dependencies that must remain trustworthy for years, then prioritise the systems with the longest confidentiality horizon. The goal is not panic planning. It is reducing exposure where today’s encryption assumptions would create future identity and data loss if they weaken.
👉 Read our full editorial: AI-driven fraud is exploiting trust gaps in identity and data sharing
