AI-powered fraud is exploding: it peaks in a very specific two-hour window

Published: 20 November 2025
Last updated: 21 November 2025
Image by Cybernews

The deepfake fraud wave has arrived, and its most dangerous hour might surprise you…

If you think criminals work nine-to-five, think again. New data reveals that the global fraud economy now peaks between 2:00 am and 4:00 am UTC, when defences in many regions are quietest and attackers take advantage of the lull.

It’s a detail that highlights the changing nature of fraud: always-on, increasingly automated, and now heavily augmented by AI.

ADVERTISEMENT

According to Entrust’s 2026 Identity Fraud Report, fraud attacks are rising in both scale and sophistication, fuelled by leaps in deepfake technology and a surge in injection attacks (where an attacker inserts malicious code or commands into a camera), which are up 40% year-over-year.

Fraudsters often use deepfakes combined with an injection attack to simulate a legitimate user.

Deepfakes alone now make up one in five biometric fraud attempts, with deepfaked selfies soaring by 58% in 2025.

According to Entrust’s senior digital fraud specialist, Simon Horswell, we’ve crossed a threshold where humans simply can’t rely on their senses anymore.

He told Cybernews on a video call: “Visually, you can't rely on what you see or hear online… we’re now at a point where a human being can’t tell the difference easily.

Deepfake apps

Just a couple of years ago, video calls offered at least a small sense of security. Ask the person on the other end to cover their mouth, tilt their head, or shift in their seat, and you’d often expose a fake. That era is over, Horswell claims.

“Now there are apps that can get around this,” he says.

ADVERTISEMENT

Deepfake tools can create eerily accurate facial movements from a single JPEG. With the right lab setup, he says, a fraudster could impersonate you convincingly in real time – without ever having video footage.

man on street, green bitcoin, pile of cash
Sectors offering sign-up bonuses – such as cryptocurrency – now see 67% of fraud attempts at onboarding

According to the fraud expert, today’s models don’t just mimic your face – they predict expressions such as your natural smile, even if the only source image shows you unsmiling.

This means that many victims don’t even consider the possibility they’re being deceived, making them ideal targets. Awareness as much as technology that is the best defence for this type of fraud, he adds.

“It’s the people that are completely unaware that are more likely to get caught off guard… if everyone goes into a call thinking ‘could this be a deepfake?’ then they’ll start spotting things like unnatural movements, glitches, features appearing and disappearing.”

Remote onboarding

The shift to remote account onboarding during and after the pandemic created a huge opportunity for fraudsters. Challenger banks, gig-economy platforms, and fintechs have normalized opening accounts online, without ever stepping into a branch.

However, Horswell argues that this convenience has become a playground for attackers.

He describes how fraudster workflows are now remarkably efficient. With just your stolen credentials and a quick online search for photos, an attacker can generate a video deepfake that passes basic biometric checks.

Combine this with an altered document, and they can open accounts in your name, take out loans, obtain car rentals, or other goods, or create sleeper accounts for money laundering.

ADVERTISEMENT
AI fraud
With stolen credentials and a quick online search for photos, an attacker can generate a video deepfake

“Fraud goes where the money is,” Horswell says. “I can’t physically turn up at 100 banks in a day – but I can sit online and try 300 attempts to open fake accounts.”

To illustrate this, sectors offering sign-up bonuses – such as cryptocurrency – now see 67% of fraud attempts at onboarding.

Meanwhile, industries with valuable, long-standing accounts, such as payments and digital-first banks, face high volumes of account takeover (ATO) fraud, with 82% and 55% of authentication-stage fraud attempts, respectively.

Fraud-as-a-service

It’s not only faces or voices being faked. Digital forgeries made up 35% of document fraud in 2025, up from a 30% average in prior years.

Physical counterfeits still dominate at 47%, but digital manipulations are growing rapidly – driven by AI tools that are easily accessible and require minimal skill.

jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Google News Follow us

Sometimes these documents are entirely synthetic, built from templates acquired via fraud-as-a-service (FaaS) platforms on the dark web. At other times, says Horswell, they’re genuine documents that have been harvested and digitally altered.

“You can get templates, type in the data you want, or press ‘random’ and the tool fills it with a correct-looking font… even the photo can be provided,” Horswell explains.

ADVERTISEMENT

National ID cards are the most frequently exploited documents globally, accounting for 46% of fraudulent submissions – particularly in regions where they’re the default form of identification.

Social engineering

According to the report, social engineering remains the easiest route into a victim’s life, and AI is also scaling these scams.

“Investment fraud, romance scams, and catfishing all now leverage generative AI to produce realistic voices, polished scripts, or conceivably – the live-call impersonations of celebrities,” Horswell warns.

example of catfishing image
Catfishers can now leverage generative AI to produce realistic voices, polished scripts, or conceivably live-call impersonations of celebrities

Despite the advancing technology, Horswell says the fundamentals of self-protection haven’t changed.

“People need to ask themselves: Why am I receiving this call? Is it unsolicited? Is there urgency? Is this the usual channel? Scams always come down to: ‘you need to trust me, and you need to trust me now.’”

Professionalization of fraud

What’s striking about the report's results is the scale at which attacks are occurring. Horswell is keen to emphasize that fraud rings are no longer lone operators in basements, but organized, global, commercially driven groups that share tactics, automate processes, and specialize in specific areas.

Even lone operators have been given a leg up with AI, as marketplaces offer plug-and-play toolkits that have lowered the barrier to entry.

ADVERTISEMENT

“Businesses need to take a layered, identity-centric defence capable not just of spotting technical anomalies but also recognizing behavioural red flags and detecting synthetic media.

“But it’s also about awareness. If we are all on the lookout for deepfakes, we’re less likely to be caught off guard.”

Unlock more exclusive Cybernews content on YouTube

Share
Post
Share
Share
Share
More from Cybernews
Companies using Fable 5 beware: it’s collecting your data, and there are no exceptions
World’s leading mathematicians ridicule AI hype in high-IQ declaration
Democrats are far more worried than Republicans that AI will take jobs, new poll finds
Europe’s tech revolution feels like Soviet déjà vu
New York demands advertisers use “synthetic performer” label or else
The surprising way Elon Musk is powering your next holiday flight
ADVERTISEMENT