Social Engineering And Psychological Manipulation Drive A New Wave Of Fraud

While AI-powered deception is accelerating across identity systems, the Entrust 2026 Identity Fraud Report reveals a second, equally troubling trend: fraud that targets people rather than technology. Social engineering and psychological manipulation continue to increase, enabling fraudsters to bypass even strong technical controls by convincing victims to hand over the keys themselves.

Entrust’s analysis shows that modern fraudsters increasingly use phishing, impersonation, coercion, and psychological pressure to make individuals submit their genuine identity or transfer sensitive data. In many cases, victims unknowingly authenticate fraud attempts using their own documents, biometrics, or credentials—making these incidents exceptionally difficult to detect.

This behavioural manipulation is amplified by the “rinse and repeat” nature of fraud operations. Identity crime rings recycle fake profiles, document numbers and personal details across hundreds of attempts. Common placeholders—such as “Jon Doe” or document number “A12345678”—appear repeatedly, reflecting the industrial scale of these attacks.

Fraud patterns also differ dramatically across industries. Sectors offering sign-up incentives, such as cryptocurrency platforms, saw 67% of fraud attempts occur during onboarding. Meanwhile, organisations with long-standing or financially valuable accounts—particularly payments providers and digital-first banks—experienced extremely high levels of account takeover (ATO) fraud, making up 82% and 55% of authentication-stage attacks, respectively. ATO schemes thrive on stolen credentials, phishing campaigns, and social engineering, enabling attackers to hijack existing accounts and drain funds or harvest data.

Entrust notes that these patterns are reinforced by the global, always-on nature of today’s fraud economy. Fraud attempts peak between 2:00 am and 4:00 am UTC, when many regions’ defences are less active, providing openings for automated and coordinated attack campaigns.

The report’s findings reinforce that security strategies must address not just technology, but the human element. With fraudsters targeting both systems and psychology, organisations need layered protections, real-time monitoring, and customer education to slow the rising tide of identity deception.

© Scoop Media