Security and Trust The New Fraud Risk Hiding in Plain Sight

David Capezza, Chief Risk Officer, Visa Europe
07/01/2026
  •  

    the-new-fraud-risk-hiding-in-plain-sight-1920x720 the-new-fraud-risk-hiding-in-plain-sight-800x450

 

 

As millions of people book holidays, buy tickets and make plans for the summer, payments are more digital and convenient than ever. But even as payment security improves, fraud is getting harder to spot. 

The biggest shift in fraud today is not just that attacks are increasing. It’s that they increasingly resemble legitimate activity. Rather than targeting systems, criminals are focusing on manipulating people. 

One recent case identified and blocked by Visa shows just how hard to see this has become. Attackers compromised a hospitality platform by disguising malicious code as a simple image file. Once embedded, it allowed payment details entered on a normal-looking booking or payment page to be silently captured in the background.¹ From the user’s perspective, the page would still appear to be working normally, and the transaction would still go through – but the criminals now had their payment details, which were then exploited further. 

Visa is also seeing scams where fraudsters use real reservation details to impersonate hotels or booking platforms and request additional payments. These messages can look highly convincing because they are linked to genuine travel plans. Victims can be tricked into authorising charges of over €1,000 with transactions often appearing legitimate and passing security checks.²

Travel agency and tour operator scams accounted for over €256 million in scam-related fraud in the second half of  2025 and were also the most targeted category for digital skimming, with 55 incidents recorded in the latest reporting period.³

But this type of fraud is not confined to travel. Visa has seen a rise in scams involving malicious ads offering discounted tickets and services, such as high-demand sporting events and concerts, designed to lure people into fraudulent payments.  

The good news is that fraud rates are declining. Visa’s Spring 2026 Biannual Threats Report hows that fraud involving tokenised digital payments declined 9.6% year on year in the second half of 2025, reflecting stronger authentication, tokenisation and network-level controls.Over the same period, we identified nearly €857 million in scam-related activity and blocked a 13% increase in large-scale card-testing attacks at the network level.Overall, in the last three years, we have reduced fraud across Europe by 24% in the last three years.⁶ 

But given the overall level and sophistication of threat, what does an effective response look like? 

First, it requires recognising that fraud cannot be addressed at a single point in the transaction. When a user behaves “legitimately,” prevention becomes a challenge of identifying manipulation, not just stopping unauthorised activity. This calls for a coordinated, system-level approach across banks, merchants, platforms and partners. 

Second, customer communications must be treated as a security control in their own right. If scams increasingly originate in search, ads, social channels or follow-up messages, then trusted channels, verified identities and clear guardrails around customer interactions become just as important as the underlying payment technology. 

Third, speed matters. Fraudsters are using AI to scale deception and adapt tactics faster. Defenders must respond in real time, with stronger intelligence sharing and closer coordination across the ecosystem. 

At Visa, our role is to support that effort across the network through advanced analytics, real-time risk detection, AI-driven tools and intelligence sharing that help organisations respond faster to emerging threats. 

The broader point is simple: as fraud shifts from stolen credentials to manipulated behaviour, the response must move beyond detecting bad transactions and toward disrupting deception across the entire customer journey. 

 

This content was developed for a European audience and relates to Visa’s offerings in Europe

Get Visa Perspectives in your inbox

Stay informed with curated, timely payments insights from around the globe, delivered straight to your inbox.

Sources

¹ Visa Payment Ecosystem Risk & Control (PERC), Security Alert: Hospitality Platform Digital Skimming Incident, 2026
²Visa Payment Ecosystem Risk & Control (PERC), Security Alert: Travel Booking Impersonation Scam, 2026
³Visa Payment Ecosystem Risk & Control (PERC), Spring Biannual Threats Report, 2026
⁴Visa, Spring 2026 Biannual Threats Report, 2026
⁵Visa, Spring 2026 Biannual Threats Report, 2026
⁶Issuer‑reported fraud reduction observed on VisaNet (TC40 reporting), Europe Region, 2025 vs 2024.March 2026