How AI fraud rings are taking on retail

Retail fraud used to be relatively straightforward.

A stolen card, a fake account, or a suspicious transaction pattern that could be flagged and blocked before serious damage was done.

That version of fraud is still present, but it is no longer the main problem.

Senior Director of Risk at Forter.

What’s appearing now is something more coordinated, automated, and harder to detect in real time: AI-powered fraud rings that behave less like individual bad actors and more like distributed systems.

They test, adapt, and scale in more sophisticated ways that increasingly mirror the technologies retailers themselves are adopting.

Fraud is no longer just responding to ecommerce; it’s evolving alongside it.

From isolated fraud to coordinated systems

For years, fraud prevention has largely focused on individual events: a suspicious login, a stolen card attempt, a bot probing checkout flows. But that model is breaking down.

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

What is now emerging is coordinated fraud activity that behaves more like a network than a series of isolated incidents. These groups combine automation, synthetic identities, and increasingly realistic AI-generated content to simulate genuine customer behavior at scale. The result is not only more fraud, but fraud that blends into normal digital traffic.

At the same time, fraud rings are executing high-velocity attacks that look more like engineered systems than opportunistic crime. One recent example involved an estimated $4.2 million in fraudulent activity over 48 hours, driven by synthetic identities, spoofed devices, and rapid transaction flows reaching around 180 per minute.

What is notable is not only the scale, but the structure. These are not isolated attempts. They are coordinated operations designed for speed, repetition, and adaptation.

AI is lowering the barrier to fraud

The most important shift is accessibility, as well as scale. Generative AI has significantly lowered the barrier to entry for fraud. Tasks that once required technical expertise or coordinated effort can now be executed using widely available AI tools.

Fraudsters can generate synthetic identities, fabricate supporting documents, and create convincing digital artefacts that simulate legitimate customer behavior in a matter of minutes. This includes everything from account creation to behavioral patterns across browsing, purchasing, and post-purchase interactions.

One of the clearest examples is the rise in returns abuse, which has increased by 15% in the past six months, largely driven by the ease and scalability of AI-doctored images.

In practice, this means fraudsters can submit highly realistic images of cracked, damaged, even moldy, or malfunctioning goods. These images are often convincing enough to pass initial review processes, particularly when combined with legitimate order histories or stolen account credentials.

In several documented cases, fraud rings have used newly created accounts to purchase low-cost goods, then submitted AI-generated images to claim refunds without returning the product. In some instances, empty boxes are shipped back instead, all while refunds are still processed.

Another coordinated operation targeting home goods and fashion retailers used a similar approach at scale, generating approximately $800,000 in fraudulent refunds through repeated low-value claims designed to avoid detection thresholds.

Individually, these cases may appear manageable. But collectively, they show a clear trend: fraud is increasing in sophistication and scale.

The shift toward agent-driven commerce

The next phase of this evolution is already on its way, and it’s closely linked to the rise of autonomous digital agents.

Over the second half of 2025, agentic activity surged by over 2000%. While much of this growth is tied to legitimate use cases such as shopping assistants and automated customer workflows, it also introduces a new layer of complexity for fraud detection. The same systems that allow agents to complete purchases on behalf of consumers can also be manipulated to automate fraud on a larger scale.

Instead of manually creating accounts or placing orders, fraudsters can now orchestrate entire attack chains using agent-based automation. This changes the nature of fraud from individual actions to continuous, self-executing systems. This matters because it shifts the detection problem. When fraud resembles legitimate automation, the distinction between genuine and malicious activity becomes harder to define using traditional rules.

At the same time, retailers are already seeing fraud patterns adapt to this environment. Attackers are increasingly mimicking normal customer journeys, spreading activity across devices, accounts, and timeframes to avoid detection. The result is a system where fraud does not look like fraud until after the fact.

Why traditional fraud tools are falling behind

Most existing fraud detection infrastructure was not designed for the current conditions as they stand. They rely heavily on static rules, historical patterns, and known indicators of malicious activity. But AI-led fraud doesn’t necessarily follow predictable patterns. It adapts in real time, varies its behavior based on changes in the attack surface, and can scale in ways that overwhelm rule-based systems.

Even machine learning models trained on historical fraud data struggle when faced with synthetic behavior that has no direct precedent. This creates a widening gap between how fraud actually operates and how it is detected.

Consequently, many retailers are forced into reactive positions, identifying fraud after fraudulent transactions have already been completed rather than preventing it in real time. This is particularly challenging in areas like returns and refunds, where fraud is often indistinguishable from legitimate customer claims at the point of interaction. The core issue lies in timing alongside detection accuracy.

What comes next for digital trust

The trajectory of fraud is closely tied to the progression of ecommerce itself. As AI agents take on a larger role in how consumers find, compare, and buy products, retailers face a more complex question than simply whether a transaction is legitimate.

They need to determine who, or what, is actually behind the transaction. Is it a real customer? A legitimate AI assistant acting on their behalf? Or a synthetic system designed to imitate both?

The challenge now is no longer just detection, but judgment in real time. Because in an environment shaped by AI on both sides of the transaction, risk and verification can no longer sit at a single point in the process. They must be continuously reassessed throughout the customer journey.

Manage customers for a new business more effectively with the best CRM for startups.

This article was produced as part of TechRadar Pro Perspectives, our channel to feature the best and brightest minds in the technology industry today.

The views expressed here are those of the author and are not necessarily those of TechRadarPro or Future plc. If you are interested in contributing find out more here: https://www.techradar.com/pro/perspectives-how-to-submit

Senior Director of Risk at Forter.