Artificial intelligence (AI) is making it increasingly easy for criminals to deceive employees and trick them into transferring funds, according to a report released Tuesday by credit insurer Allianz Trade. "It's a cat-and-mouse game: criminals are perfecting their scams using AI, while companies are struggling to keep up with their security measures," said Marie-Christine Kragh, an expert at Allianz Trade. On average, reported losses currently fall within the single-digit million euro range, while major losses in some cases have soared well into the double-digit millions.
Losses from so-called "fake president" fraud — in which criminals pose as company executives — tripled in 2024 and rose by another 81 percent in 2025, despite a decline in the number of cases. The most common scam is now "order fraud," which has surpassed payment fraud. In this scheme, criminals impersonate an existing, often well-known company to order goods on credit from its suppliers. These damages more than doubled in 2025, with the number of cases rising by 61 percent. Overall, losses from all so-called social engineering fraud schemes increased by 60 percent in 2025. In these attacks, hackers use psychological manipulation and false identities to trick employees into divulging sensitive information or transferring company funds.
According to experts, fraudsters are leveraging AI tools to craft flawless emails or to create highly convincing deepfake voices and images. Specialist knowledge is often no longer necessary, said IT law expert Dirk Koch. "Such tools are readily available on the dark web, practically off the shelf." This lends a high degree of credibility to attacks and significantly increases their chances of success.
However, a frequently underestimated threat comes from within the company itself. These so-called "insiders" are responsible for 60 percent of cases and, at 65 percent, also account for the largest share of losses. "Humans remain the weak link here," Kragh said. Fraudsters deliberately exploit emotions such as appreciation or time pressure. In addition to technical measures like multi-factor authentication, the insurer recommends organizational safeguards such as the four-eyes principle for payment approvals.
(Report by Klaus Lauer, edited by Myria Mildenberger; For inquiries, please contact our editorial team at berlin.newsroom@thomsonreuters.com (for politics and economy) or frankfurt.newsroom@thomsonreuters.com (for companies and markets).)
