21ьз╕ Cweather-icon

Fraud Now Arrives "Pre-Approved, " Trustmi Report Finds

News Provided by ACCESS Newswire2026-03-19
25 Views

AI-powered tactics are accelerating the scale, realism, and success of payment fraud attacks designed to bypass financial and security controls

NEW YORK CITY, NY / ACCESS Newswire / March 19, 2026 /Trustmi, a leader in behavioral AI payment security, today released The Trustmi Payment Security & Risk Benchmark Report 2026,revealing that modern payment fraud increasingly arrives "pre-approved"with documentation, email context, and operational signals designed to pass financial and security workflows before anyone questions the request. Research reveals that modern attacks are no longer breaking into organizations-they are being welcomed in.

According to the World Economic Forum 's Global Cybersecurity Outlook 2026, cyber-enabled fraud has emerged as a top concern for CEOs, reflecting a broader shift in how organizations define cyber risk - not just as a technical threat, but as a direct threat to financial integrity, business continuity, and trust. At the same time, the scale of the threat is accelerating: 93% of businesses now expect to face daily AI-driven cyberattacks, as generative AI enables attackers to produce highly convincing, scalable, and operationally complete fraud campaigns.

The report analyzed 260 real-world enterprise payment fraud attempts observed across 2024-2025, providing a forensic view of how modern attacks are constructed and how fraud attacks have evolved in the age of generative AI. The result: fraud attempts that arrive looking administratively complete before they are ever reviewed.

"Cyber risk is no longer defined by the techniques attackers use, rather it 's defined by the outcomes they enable," said Shai Gabay, CEO and Co-Founder of Trustmi. "Once you look at fraud through that lens, it becomes clear why it 's rising to the top of the business agenda. Today 's attacks aren 't designed to break systems. They 're designed to pass workflows. They arrive looking operationally complete, with invoices, documentation, and context that appear legitimate. By the time finance reviews the request, the fraud already looks approved."

The report findings include:

  • 85% of analyzed fraud attempts entered organizations through email, often bypassing traditional email security tools because the messages were not technically malicious.

  • 92% of incidents began with impersonating a trusted financial authority, such as vendors or executives already embedded in payment workflows.

  • 90% of fraudulent transactions were approved by banks as legitimate. Bank accounts no longer acted as a signal of risk. The receiving account was active, legitimate, and verifiable in real time.

  • 59% of attacks used two or more coordinated tactics, combining impersonation, fake documentation, and infrastructure spoofing.

  • 39% of attacks included fraudulent financial artifacts, such as fake invoices, W-9 forms, or bank documentation designed to justify payment changes.

AI Is Accelerating the Scale and Realism of Fraud

The report highlights how generative AI is transforming fraud operations by dramatically lowering the effort required to produce convincing attacks. What once required manual drafting, research, and coordination can now be generated instantly and repeated across organizations at scale.

"AI is accelerating fraud not just by improving message quality, but by increasing the velocity of attacks," said Eli Ben nun, CTO and Co-Founder of Trustmi. "Attackers can now generate invoices, emails, and supporting documentation in seconds, creating payment requests that appear operationally complete before anyone questions them."

Attack Playbook Dominates Modern Fraud

The research identifies three primary fraud "playbooks":

  • The Simple Playbook (41% of attacks)- reflects the traditional fraud model most organizations already recognize. These attacks rely on a single tactic: impersonating a trusted sender using look-alike domains or compromised email accounts.

  • The Layered Invoice Playbook (35% of attacks) - introduces documentation to reinforce legitimacy. Attackers combine fake invoices with fabricated email conversations so the payment request appears to follow an established business exchange.

  • The Administrative Playbook (24% of attacks) - mimics routine vendor validation processes, introducing documentation such as W-9 forms or bank confirmation letters to make payment changes appear compliant with internal procedures.

"Modern fraud campaigns are increasingly constructed like approval packages," said Eli Ben Nun, CTO and Co-Founder of Trustmi."We 're seeing more and more attacks using documentation, email context, and infrastructure designed to satisfy the very controls organizations rely on to prevent fraud."

Fraud Is Becoming a Workflow Risk

The findings conclude that modern fraud is no longer simply an email or cybersecurity problem. Instead, it increasingly targets the intersection of communication systems, vendor relationships, and financial approval workflows.

Because these attacks arrive with documentation, context, and operational signals that appear legitimate, traditional controls often fail to detect them.

According to Trustmi, organizations should take the following steps to protect themselves from fraud:

  • Treat financial documents such as invoices and tax forms as potential attack vectors

  • Detect patterns across multiple signals rather than relying on single-point controls

  • Extend visibility beyond email into finance systems and payment workflows

Read the complete The Trustmi Payment Fraud Benchmark Report 2026here and join Trustmi 's Co-founder and CTO, Eli Ben Nun for a live webinar discussing the modern cyber fraud playbook taking place on April 14, 2026.

About Trustmi
Trustmi is the leader in B2B social engineering fraud prevention. Trustmi 's behavioral AI solution provides the only end-to-end payment security platform that helps businesses protect their bottom line by eliminating losses from cyberattacks, fraud, internal collusion, and human error. Trustmi 's flexible and modular solution offers businesses complete control over using only the tools they need to secure their payment processes and manage their vendors. Founded in 2021 by Shai Gabay and Eli Ben Nun, Trustmi is headquartered in New York City. For more information, visit https://www.trustmi.ai/.

Contact

PAN Communications for Trustmi
Trustmi@pancomm.com

SOURCE: Trustmi



View the original press release on ACCESS Newswire



© 2026 ACCESS Newswire. All Rights Reserved.

The news, reports, views and opinions of authors (or source) expressed are their own and do not necessarily represent the views of CRWE World.




/assets/img/cw-stocks.png

/assets/img/crweworld-podcast.jpg
Sponsored
Also read

U.S. National Debt Clock