Visa Warns of Emerging Threats Ahead of the Holiday Season as Ransomware Incidents Rise 41%
In recognition of Global Fraud Awareness Week, Visa has released its Fall 2025 Semiannual Threat Report, revealing five powerful forces reshaping the global payments security landscape. The report, issued by Visa’s Payment Ecosystem Risk and Controls (PERC) team, draws on intelligence from the company’s global network to highlight how criminal operations are evolving with unprecedented speed, scale, and sophistication.
Paul Fabara, Chief Risk and Customer Service Officer at Visa, said: “The payments system is undergoing a paradigm shift in how fraud operates. Criminals are no longer opportunistic individuals; they are functioning like tech startups—building reusable infrastructure and deploying systematic, industrial-scale operations that challenge traditional defenses. Understanding these evolving forces is critical for the entire ecosystem to stay ahead of emerging threats.”
According to Visa’s analysis, the current threat landscape is being shaped by five core dynamics:
1. The Industrialization of Fraud:
Fraud has transformed from opportunistic schemes into large-scale, structured operations. Criminal groups are now building reusable infrastructure—such as botnets, synthetic identities, standardized scam scripts, and AI tools—allowing them to launch multiple attack types simultaneously with the efficiency and scalability of a technology enterprise.
2. The Profit-Driven Playbook:
Cybercriminals are adopting dual-speed strategies: moving slowly and deliberately when stockpiling stolen credentials to maximize long-term access while avoiding detection.
3. The Authenticity Crisis:
The rise of advanced impersonation tools and synthetic content is creating unprecedented challenges in verifying legitimate transactions and communications across the payment ecosystem.
4. The Control-Erosion Problem:
Traditional security controls are being systematically tested and bypassed as criminals probe and exploit weaknesses in legacy defense mechanisms.
5. The Third-Party Vulnerability Gap:
The interconnected nature of the payments ecosystem increases exposure to cascading risks, with third-party service providers emerging as critical points of vulnerability.
Visa PERC reported a 41% surge in ransomware incidents targeting payments-related entities between January and June 2025 compared to the previous six months. The analysis also identified a 173% increase in the distribution of compromised Account Management System (CAMS) accounts compared to the same period in 2024.
Michael Jabbara, Senior Vice President of Payment System Risk and Controls at Visa, warned: “The truth is that anyone with internet access can be a fraudster. While advances such as delegated commerce are exciting, they also pose real risks to consumers. Education around these trends is one of the most effective ways to protect yourself in this evolving threat landscape.”
Visa continues to work closely with partners across the global payments ecosystem to counteract these emerging forces through enhanced intelligence sharing, advanced analytics, and collaborative defense strategies. With more than $13 billion invested over the past five years in technology and infrastructure—including security and trust—Visa is advancing next-generation security technologies and risk management capabilities to safeguard consumers, merchants, and financial institutions worldwide.