The stakes are significant: In 2025, global cybercrime damages reached an estimated $10.5 trillion, effectively making cybercrime the world’s third-largest economy by GDP.1,2 For financial institutions (FIs), the average cost of a data breach now exceeds $4.4 million, with long-term consequences that often extend well beyond immediate financial losses.³
This growing impact reflects a fundamental shift in how cyber fraud and scams operate. As the digital economy expands, cybercriminals are leveraging artificial intelligence, real-time data sources and increasingly sophisticated tactics that exploit human trust, allowing them to bypass traditional, static controls and place mounting pressure on FIs, merchants and consumers.
In response, real-time fraud intelligence is emerging as a more proactive approach to fraud prevention. By continuously analyzing behavior across transactions, channels and relevant external threat signals, institutions can detect suspicious activity earlier, reinforce trust and build greater operational resilience in an increasingly dynamic threat environment.
How modern threats are outpacing traditional controls
Today’s threat landscape is becoming more complex in both speed and adaptability, challenging static, rule-based controls. One example is QR-based phishing, or “quishing,” a process by which attackers use fragmented QR images to make it more difficult for security tools to automatically detect malicious links.
In relation to AI-enabled workflows, hackers are now partaking in “prompt injecting,” which refers to the practice of embedding invisible text in emails that gets by the recipient but could potentially be picked up and interpreted by AI-enabled automated systems trained to respond to prompts. Here is an example of a prompt injection:
The strategic imperative: Build proactive, unified and multi-functional defenses
The business implication is clear: Defenses can no longer be reactive, fragmented or confined to a single function. FIs should think more broadly about the threats they face and identify opportunities to bring their traditionally separate cybersecurity and fraud-prevention capabilities together. They should also adopt real‑time, intelligence‑driven cyber fraud strategies capable of continuously analyzing behavior across transactions, channels, users and emerging threat vectors.
Those that do this will not only reduce losses but also strengthen operational resilience, meet rising regulatory expectations and reinforce customer trust in an increasingly challenging digital ecosystem.
A growing number of FIs are shifting toward more integrated approaches to cyber fraud risk by aligning cybersecurity and fraud prevention capabilities. Real-time, intelligence-driven systems that analyze behavior across transactions, channels, users and emerging threat vectors enable institutions to connect signals, respond faster and make more confident decisions at scale. When effectively aligned, these capabilities can play a critical role in reducing losses while supporting safer, more resilient digital growth.
Building cyber resilience in a converging threat landscape
Building cyber resilience requires a shift from traditional, function-based operating models to ones designed for continuous, real-time risk management. Rather than relying on periodic reviews and siloed controls, FIs are moving toward coordinated models that integrate people, processes and technology to deliver real-time visibility, faster decision-making and sustained protection across the enterprise.
A five-pillar strategy to modern cyber resilience
See more VCA featured insights
Get the latest perspectives from our team of experts on trends affecting the future of payments.
- David Braue, “Cybercrime To Cost the World $12.2 Trillion Annually by 2031,” Cybercrime Magazine, May 28, 2025.
- Neven Matas, “The Cost of Cyberattack in 2025,” Infinum, September 17, 2025.
- IBM, “Cost of a Data Breach Report 2025,” IBM Reports.