Sydney – May 13, 2025 – LexisNexis® Risk Solutions releases its annual Cybercrime Report, an analysis of over 104 billion global transactions in the LexisNexis® Digital Identity Network® platform during 2024. The report, The Calm Before the Storm?, shows a significant swing in the composition of global fraud attacks, with first-party fraud now the leading type globally, representing a third (36%) of all reported fraud in 2024, up from 15% the year before.
First-party fraud includes misrepresenting or giving false personal or account information for financial gain, such as when applying for a loan, claiming a credit or debit card purchase is fraudulent in order to get a refund (known as friendly fraud), or claiming ordered goods were not delivered. Buy Now, Pay Later (BNPL) providers and financial institutions are among the organizations reporting an uplift in first-party fraud, which is known to be exacerbated by periods of inflation and the rising cost of living. Increased institutional liability for scams, driven by regulation, is also likely having an impact.
Key Vulnerabilities
Account takeover (ATO) fraud – fueled by phishing and smishing activity – represents a further 27% of global reported fraud (down by ~2% year on year), while scams, including authorized push payment (APP) fraud, represent 11% of cases (down from 16% of cases in 2023). The report also found one in nine (11%) password reset attempts in 2024 was a fraud attack, rising to over one in four (27%) reset attempts initiated on a desktop computer.
“These findings represent a notable shift in global fraud patterns, with consumers now emerging as the single largest source of human-initiated fraud,” said Stephen Topliss, vice president of fraud and identity, LexisNexis Risk Solutions. “The change in composition of attacks presents a significant challenge for fraud prevention since detecting first party fraud requires a subtly different approach from detecting scams or account takeovers. Organizations can’t afford to be complacent, however – there were more than three billion brute-force automated account takeover attacks detected last year alone and scams remain a global problem. It is vital for organizations to have models tuned to detect these varied forms of fraud.”
Sector-specific and Regional Trends
After two years of substantial increases in overall global1 attacks, the latest Cybercrime Report finds that rates began stabilizing in 2024, with only a marginal (1%) increase in the human attack rate and a 15% decrease in global bot attacks – algorithms designed to break into customer accounts using stolen credentials. However, LexisNexis Risk Solutions believes this relatively calm global picture may obscure underlying signs of a coming storm powered by AI.
The attack rate on Communication, Mobile and Media (CMM) companies increased by 15% year on year and global Financial Services firms saw an 18% uplift in automated bot attacks.
Attack rates also vary at a regional level:
- EMEA continues to see the lowest regional attack rate globally at 0.6% of transactions, according to the LexisNexis® Identity Abuse Index, which records daily attack rates.
- LATAM has also seen a sustained decrease in its attack rate (1.6%) since the end of 2023, now putting it lower than North America at 2.2%.
- In contrast, APAC’s attack rate grew significantly by 37% through 2024, now standing at 1.5% of all transactions in the region.
Topliss continued, “We are at a potential tipping point. While many organizations have improved their defenses over the past few years, we also know that cybercriminals are embracing new innovative, AI-enhanced capabilities and we will likely see these extensively tested and executed over the coming months. Our analysis of attacks over a longer multi-year period shows that significant attacks often come in waves and this latest set of figures could indicate the imminent arrival of the next, AI-enabled wave of global attacks.”
Download a copy of The Calm Before the Storm? LexisNexis® Risk Solutions Cybercrime Report now.
Methodology
The LexisNexis Risk Solutions Cybercrime Report analyzes over 104 billion transactions through its LexisNexis Digital Identity Network between January and December 2024. It identifies fraud attempts during near real-time analysis of consumer interactions across the online journey, from new account creations, logins and payments to non-core transactions such as password resets and transfers.
About LexisNexis® Risk Solutions
LexisNexis® Risk Solutions harnesses the power of data, sophisticated analytics platforms and technology solutions to provide insights that help businesses across multiple industries and governmental entities reduce risk and improve decisions to benefit people around the globe. Headquartered in metro Atlanta, Georgia, we have offices throughout the world and are part of RELX (LSE: REL/NSE: RELX), a global provider of information-based analytics and decision tools for professional and business customers. For more information, please visit risk.lexisnexis.com and www.relx.com.
