Introduction
Fraud is everywhere. From phishing emails to fake investment schemes, scams have become an unfortunate part of our digital lives. However, one type of fraud that strikes fear across the board, affecting both individuals and businesses, is card and payment fraud. Unlike other scams, this one hit directly where it hurts: your money.
Payment fraud is when perpetrators steal or scam victims to gain access to payment information, such as credit cards or online credentials, to illicitly receive money, gift cards, cryptocurrency, or purchased goods. This issue isn’t just limited to individuals. 80% of organisations experienced payment fraud attacks or attempts in 2023.
As cybercriminal tactics grow more advanced, knowing the different types of payment fraud and putting the right systems and strategies in place to stop them has become essential. In this blog, we explore the rise of card and payment fraud in the U.S., why it’s growing, and how organisations can stay ahead.
Alarming Numbers Behind the Surge in US Payment Fraud
Payment fraud is growing at an alarming rate worldwide, particularly in the United States, and the numbers paint a troubling picture. Today, credit and debit card transactions are far more common than cash, providing digital criminals with a perfect opportunity to exploit vulnerabilities in online and card-based payment systems. 62 million Americans reported fraudulent charges on their credit or debit cards in just the past year, with total unauthorised purchases exceeding $6.2 billion annually.
The rise in fraud is not just about stolen cards. Only 8% of fraudulent charges stemmed from lost or stolen physical cards. The vast majority involved criminals remotely accessing personal data and account information. This shift indicates a growing reliance on digital fraud techniques such as phishing, credential stuffing, and malware attacks targeting online payment platforms.
It’s also clear that consumer behaviour plays a major role. A staggering 8 in 10 cardholders admitted to engaging in at least one risky credit card habit, such as using weak passwords, storing card details in browsers, or ignoring suspicious activity alerts. These habits create an ideal environment for fraudsters. Notably, 63% of US credit card holders have been victims of fraud, with 51% experiencing it more than once.
Key Reasons Fraud Is Escalating in the Digital Age
- Card-not-present (CNP) transactions are increasing
CNP transactions now make up one-third of all debit transactions in the US. These are primarily used for online purchases and mandatory use of SCA like in the EU, and optional 3DS, that has been in place in the EU for over a decade, making them more vulnerable to fraud.
- E-commerce growth is accelerating the risk
The global e-commerce market surpassed USD 21.62 trillion in 2025 and is projected to surpass around USD 75.12 trillion by 2034. Online shopping is convenient but often lacks strong security protocols, leaving payment data exposed.
- The US lacks unified fraud-prevention regulations
Unlike Europe’s PSD2 and Strong Customer Authentication (SCA), the US has no equivalent nationwide framework. Existing US regulations (e.g. GLBA, CCPA) are fragmented, creating security gaps for cybercriminals to exploit.
- Fraudsters are becoming more sophisticated
Modern scams involve social engineering, phishing, and data breaches, allowing criminals to bypass traditional defences and target consumers remotely.
Strategies for Prevention and Detection
Combating payment fraud requires a combination of strong security measures and timely detection. Key strategies include implementing multi-factor authentication, using real-time fraud monitoring tools, training employees to recognise phishing and social engineering attacks, and keeping software and systems up to date. Tokenisation and encryption also play vital roles in protecting sensitive payment data.
In the world of card fraud, speed matters, but timing alone isn’t enough. You need the right intelligence, delivered at the right moment, to drive effective action. That’s where CYJAX excels.
Our dedicated team of analysts gathers real-time intelligence from a wide range of threat actor environments, including underground forums, dark web marketplaces, social media, encrypted messaging platforms, and emerging channels like TikTok, MeWe, and Discord. CYJAX doesn’t just monitor these platforms; we’ve built long-standing access in hidden, high-risk areas others can’t reach, using advanced techniques and human intelligence to track fraud as it unfolds.
We provide tailored, analyst backed operational threat intelligence that helps your fraud prevention teams identify and mitigate fraud campaigns before they escalate. From cloned card data and compromised BINs to personally identifiable information (PII) such as full names, dates of birth, postcodes, and more, we deliver the details that matter. Every alert includes actionable data points like discovery date, source, market, price, and even screenshots when relevant.
CYJAX doesn’t just detect fraud; we give you a head start.
By continuously monitoring and mapping where threat actors operate and migrate, CYJAX keeps you informed of both current and emerging risks, giving your team early warning, context, and confidence to act quickly.
Speed is essential when protecting consumers from account or card fraud, as threat actors become more complex time from compromise to fraud event has decreased often occurring within 48 hours, ensuring accurate and timely reporting of this compromised data helps CYJAX identify over 90% of instances within a timeframe to prevent such fraud occurring, delivering value for customers and peace of mind for cardholders
Coupled with broader industry foresight CYJAX also helps banks, issuers and providers stay ahead of the fraud curve, sharing intimate details of how and when compromises across the industry businesses can learn and protect before they are targeted.
To learn how CYJAX can help your organisation stay ahead of payment fraud, book a demo today.
Receive our latest cyber intelligence insights delivered directly to your inbox
Simply complete the form to subscribe to our newsletter, ensuring you stay informed about the latest cyber intelligence insights and news.