Driven by AI, customers now rival criminals for ecommerce fraud, say merchants

Posted on by Africa Business

  • Global ecommerce fraud enters a new phase as losses continue to climb: merchants lose $11.4m (£8.4m) on average – up 7.5% on 2025

  • Merchants now view criminals and their own customers as presenting a comparable risk – and 43% saw customer fraud increase in the past year

  • AI gap emerging: 64% of merchants experienced AI-enabled fraud or abuse in the past year, but one in three lack AI anti-fraud tools

Ecommerce fraud is accelerating, driven by a surge in customer abuse and the rapid adoption of AI. This is a key finding of new research from ecommerce fraud prevention platform Ravelin.

Ravelin’s Global Fraud Trends 2026 report estimates that fraud has cost the average ecommerce enterprise $11.4m (£8.4m) over the past year – an increase of 7.5% compared with 2025. The report is based on a survey of over 1,500 merchants spanning Europe (UK), North and South America, and Australia.

Covering 10 countries, the report finds 66% of merchants have seen an increase in fraud. Some 15% of UK merchants report seeing “significant” increases in fraud, compared with just 7% of merchants in France and 10% in Germany.

The report reveals that merchants view first parties (customers) and third parties (criminals) as posing the same degree of risk for their business. Moreover, two thirds (64%) have experienced AI-enabled fraud or abuse in the past year.

Customer fraud rises in frequency and cost 

Merchants experience the greatest losses from the criminal use of stolen payment cards. However, 43% of the merchants polled by Ravelin said that customer fraud has increased over the past year.

Merchants now rank chargeback fraud and refund abuse #2 and #3 for losses, behind payment fraud (see chart). The actual extent of customer fraud may be far higher. Merchants agree it is difficult to detect, with six in 10 unable to confidently tell legitimate refund requests from fraudulent ones.

Fraudsters outpace merchants in AI adoption 

Ravelin’s study finds merchants may be lagging behind fraudsters’ embrace of new technologies, including AI. Three respondents in 10 say they do not use AI to defend against fraud. Overall, almost seven in 10 merchants (66%) agree they should be doing more to combat fraud.

AI-powered fraud attacks are impacting merchants’ bottom lines, too, the study finds. Two thirds of the merchants polled (66%) attribute at least 5% of their fraud losses to AI attacks. However, for one in five, AI fraud accounts for over 15% of losses.

Examples of AI fraud include card testing (also called enumeration attacks), falsified refund claims, deploying AI agents to commit fraud at scale, and targeted probes of merchants’ fraud-protection systems.

Martin Sweeney, CEO at Ravelin, said: “The line between professional syndicates and abusive customers is blurring. At the same time, AI is turning up the heat, enabling criminals and consumers to automate and commit fraud at scale. This is a new phase of ecommerce fraud. As it evolves, merchants should ensure they understand, quantify and prevent the full range of threats.”

Dynamic fraud checks 

The reputational impact of fraud divides the merchants polled. 64% report experiencing a drop in their share price following media coverage linking their brand to fraud. But reputational concerns also hold them back from tightening their controls. One in three (29%) cite their public image, and impacts on the customer experience, as obstacles to improving fraud detection.

Ravelin’s study finds that half of merchants polled (49%) prefer to tailor their fraud approaches dynamically to individual customers and transactions. Meanwhile, 43% prefer to block as many suspicious transactions as possible, even at the risk of affecting legitimate customers. Only 8% prefer to allow as many shoppers as possible, despite the increased fraud risk.

Sweeney concludes: “Our findings lay bare the shortcomings of traditional approaches to fraud detection in the face of changing fraud. Instead of focusing narrowly on payments, fraud teams need to understand customer behavior more holistically. By taking into account disparate data like past purchases, returns, and customer lifetime value (CLV), AI-based tools can help merchants gain this holistic view.

“Such an approach can help merchants better manage their risks, by ensuring more good customers get the frictionless experience they deserve, while stopping bad actors.”

In practice, this dynamic approach to friction allows merchants to block criminals, give good customers uninterrupted shopping experiences, and allow those who fall in the grey areas to prove their legitimacy through additional checks. Ravelin’s solutions are designed to help merchants manage this complexity at scale, balancing fraud detection with a frictionless customer experience to unlock secure growth.

Ravelin has published the Global Fraud Trends report annually since 2020. Access the full report.

Costliest forms of fraud (percentage of merchants selecting each type as one of their two answers)

2025

2026

Payment fraud

Criminal use of stolen payment card details

61%

56%

Fraudulent chargebacks

A customer files a false claim disputing a transaction with their bank to recover the payment

41%

37%

Refund abuse

People exploiting a merchant’s returns or refund policy to obtain money or goods dishonestly

21%

28%

Account takeover

Gaining unauthorised access to a customer’s account to steal data or commit fraud

30%

24%

Promo abuse

Customers or criminals abusing promotions such as sign-up offers and vouchers, breaching merchant policies

19%

21%

Supplier fraud

Partners or suppliers who defraud online marketplaces

14%

17%

Research methodology 

In January 2026, Ravelin commissioned research provider Qualtrics to carry out an online survey of 1504 fraud and payments professionals from around the world, with a focus on the UK, USA, Canada, France, Germany, Italy, Spain, Australia, Brazil, and Mexico. Participants belonged to the C-suite or Fraud/Risk, Finance/Payments, Compliance/Operations or Product teams of enterprises in the following industries: Retail, Travel & Hospitality, Digital Goods, Marketplaces.

Survey participants all worked for companies with more than $50 million in annual revenue and/or over 450 employees, which sell their products either online or both online and offline.

They were asked questions around their observations, attitudes and predictions related to fraud, payments and ecommerce in the past 12 months, at present, as well as in the future.

About Ravelin 

AI-native fraud prevention company Ravelin provides technology and support that helps 340+ online companies prevent evolving fraud threats and accept payments with confidence. Combining machine learning, graph networks, behavioral analysis, consortium data, and expert rules, Ravelin has been empowering businesses to draw deeper insights from their data to detect ecommerce fraud and abuse, and increase payment acceptance for 12 years. Find out more at www.ravelin.com

Share

Related Posts

Sumsub Launches Adaptive Deepfake Detection for Real-Time Fraud Prevention

Sumsub has launched its Adaptive Deepfake Detector, a real-time AI fraud prevention system that uses continuous online learning to identify emerging deepfake attacks instantly. The solution improves identity verification accuracy across fintech, crypto, and other high-risk digital sectors by combining multi-layered fraud signals and adaptive machine learning.

DID:UNCONF AFRICA: Reshaping Digital Identity in the SADC

Cape Town will host an important gathering on digital identity initiatives and innovation in the SADC region at the end of September. Local digital identity start-up, DIDx is proud to announce that they, together with the renowned Internet Identity Workshop (IIW), will host DID:UNCONF AFRICA, a groundbreaking event set to revolutionise the digital identity landscape in the SADC region. This two-day open space ‘unconference’ will take place on 25 to 26 September at the Hasso Plattner Design School at UCT, following in the footsteps of its inspiration, the Internet Identity Workshop (IIW), held twice a year in Silicon Valley since 2005.