March 2026 – Fraud Prevention Month: The evolution of the threat landscape and Mastercard’s future look at cybersecurity in the payments sector

Globally, cybercrime is projected to evolve into the third largest ‘economy’ by 2029, with annual costs estimated to reach $15.6 trillion by 2030.[1]

Rapid digitisation and widespread use of technologies such as AI are accelerating the scale and sophistication of fraud and cybercrime. Europe is already experiencing the impact: the number of reported fraud cases is increasing year on year,[2] highlighting the urgent need for robust defences to protect individuals, businesses and financial institutions.

As Michele Centemero, EVP Services, Mastercard Europe, notes: “Fraud and cybercrime are escalating at unprecedented scale, eroding consumer trust and threatening the health of businesses globally. But the payments sector is fighting back. By working collaboratively across borders and applying the might of AI, we are building a fraud prevention ecosystem that offers end-to-end protection for merchants and consumers, enabling people to transact with confidence, speed and choice, however they choose to pay.”

KEY STATS

• $1 trillion is lost globally to scams each year, with 96% of victims never recovering funds.[3]
• One in four (25%) small business owners in Europe have been targeted by fraudsters with the same proportion fearing that a cyberattack could force them to close.
• 67% of European SMEs believe they need more education to protect their business from cyberattacks, while 20% say they would benefit from more confidence using digital tools.[4]
• 72% of organisations report an increase in cyber risk, with one third of internet traffic now made up of malicious bots.[5]
• Mastercard’s protective SafetyNet solution has declined 70 billion fraudulent transactions in the last 10 years.[6]
• Mastercard has invested over $11 billion in cybersecurity in the past five years and constantly monitors 19 million entities for risk and vulnerabilities.[7]

THE MOST COMMON TYPES OF FRAUD

Equipped with progressively sophisticated technology, today’s fraudsters exploit both people and organisations. Defence begins with awareness. Key scams to watch out for include:

• Social engineering: Scams that target individuals, relying on deception and emotional manipulation to create false trust, urgency, and prompt victims to share sensitive information or take financially harmful actions. Caution around any unsolicited requests, verifying identities before sharing personal information, and avoiding suspicious links or attachments can help protect individuals from harm.
• Cyber fraud: Cybercriminals target businesses or individuals using techniques like ransomware or malware to compromise systems or harvest fraudulent payments. Educating employees and outwardly demonstrating visible protection signals like AI-enabled cybersecurity monitoring better positions businesses to prevent these kinds of fraud.
• Identity fraud: The most common fraud tactic in the UK[8], impacting individuals and financial institutions, identity fraud involves the theft or misuse of personal information for financial gain. Organisations must be proactive in educating their employees about potential applications of identity fraud, including AI-generated fake identities and the impersonation of victims in sectors like insurance.

LOOKING TO THE FUTURE

As we look ahead, there are clear themes emerging that are set to shape the future of fraud prevention – both for merchants and the payments industry more broadly:

• Security-by-design will become a growth strategy for retailers, who will increasingly rely on payment partners to embed robust cybersecurity measures across every layer of commerce.
• The next phase of defence must be AI vs AI, leveraging systems that learn, predict and act in real time. As autonomous agents begin to transact on behalf of humans, authentication and defence will shift to verifying identity and intent in real time.
• Trust will become the new differentiator for brands and banks. As consumer trust drops, brand reputation, investor confidence and customer loyalty will come to the forefront. Consumer confidence will drive conversion more than pricing or offers.
• Global regulations have potential to fragment, creating new risk silos – a shared intelligence is essential to closing gaps and combating fraud at scale.

MASTERCARD’S CYBERSECURITY STRATEGIC PRIORITIES

• Global coordination: Cybercriminals operate across borders and fraud prevention networks must do the same. Cooperation and intelligence sharing between nations and territories, law enforcement, government, policy and academic institutions as well as financial organisations is imperative to strengthen defence against a borderless enemy.
• Predict and prevent: Organisations must understand the status of their defences, utilising AI-insights to gain actionable intelligence that can help mitigate cyberattacks, and identify and counteract malicious internet traffic.

Protect: Monitoring over 19 million entities every ten days, Mastercard combines its global view with AI-powered analytics to assess and prevent risk in real-time ensuring consumers are able to enjoy security without sacrificing convenience.

[1] Mastercard Signals, Securing trust: Insights from the frontlines of cybercrime

[2] European Anti-Fraud Office, PIF Report, July 2025

[3] Mastercard Signals, Securing trust: Insights from the frontlines of cybercrime

[4] Cyber Fraud Threatens Small Businesses in Europe – One in Four Small Businesses in Europe at Risk of Closure Due to Cyber Fraud, May 2025

[5] Mastercard Signals, Securing trust: Insights from the frontlines of cybercrime

[6] Mastercard Proprietary Data, 2025

[7] Mastercard Proprietary Data, 2025

[8] Cifas Fraudscape 2025: Reported fraud hits record levels, April 2025