Agents of Risk

Artificial intelligence has had a year to gestate. Now, as the critical fourth quarter beckons, both good and bad uses of AI are ready to take control of the checkout.

As the fourth quarter gets under way, retailers are eager to boost their online sales as much as possible. The risk is that criminals look at the last three months of the year as a bounty, theirs to unlock with all sorts of tools developed to extract the highest yield for themselves.

This year is no different, except that criminals have had a year to refine their use of artificial intelligence tools to help extract that ill-gotten yield. It won’t be a free-for-all, however. Merchants, payments companies, and fraud-prevention firms also have had a year to improve their AI tools and clarify how they might use them.

Indeed, preventing online fraud this year will be different. More criminals are using AI, but so too are more merchants and their vendors. Consumers have had another year of exposure to the utility of AI, but may not have caught up to criminal use of it.

And 2025 may mark the first holiday shopping season where AI agents will have a meaningful impact on e-commerce. And that is a complication, though these agents are not automatically obliged to deliver only bad news.

It’s no longer a binary decision between a trusted user or one that is a bot or human fraudster. “That’s no longer sufficient,” says Alisdair Faulkner, chief executive and founder of Darwinium Holdings Inc., a fraud intelligence and analytics firm. “These new AI agents may actually turn out to be your best customers. It’s no longer enough to block automated traffic at the front door. The real challenge now is understanding traffic intent.”

Faster Fraud

Agentic commerce, according to the consultancy Edgar, Dunn & Co., occurs when consumers enable an autonomous AI agent to browse, select, and purchase products or services on their behalf.

There’s no known tally of how many agentic-commerce agents exist, but prominent ones include Perplexity AI Inc.’s Buy Pro. ChatGPT launched its agent in July, and PayPal Holdings Inc. has released developer tools to make it easier to incorporate PayPal payments into agentic-commerce utilities.

AI agents tailored for commerce can operate independently. They can interpret data, understand their shopping environment, and don’t need constant guidance, as defined by commerce platform Shopify Inc. Agentic commerce matters for fraud prevention because its automated nature could make it difficult for some detection tools to distinguish when it’s being used legitimately and when it’s not.

While agentic commerce is set to change how consumers conduct online commerce, so too are criminals ready to employ AI to their benefit.

“The growing accessibility of AI tools has changed the game for fraudsters,” says Eyal Elazar, head of market intelligence at Riskified Ltd., a New York City-based fraud-prevention platform.

“On one hand,” Elazar continues, “fraudsters are becoming more sophisticated, using advanced techniques like synthetic identities, impersonation scams, including vishing and voice cloning, and emerging tools such as WormGPT to automate attacks. On the other hand, we’re also seeing many legitimate buyers referred to our merchants’ sites by AI-powered systems like GPT or Gemini.”

“Heading into this holiday season,” he adds, “the pace of change is speeding up. Agentic AI, which is autonomous AI systems that act independently on behalf of fraudsters, is making fraud faster and harder to detect, requiring fraud teams to adopt more adaptive, real-time detection tools that can analyze multiple identity and behavioral signals simultaneously.”

Malicious AI agents mean more sophisticated attacks, says Kristen Kelly, senior vice president of product at Loop Returns, a Columbus, Ohio-based developer of returns-management services.

“We’re seeing increasingly sophisticated tactics, with fraudsters using generative AI to mask identities and scale—spinning up new ‘customers’ with throwaway emails, slightly altered names, and manipulated shipping addresses (e.g., “797 abc N Wall St” vs. “797 N Wall St”). We’re already seeing signs of this behavior in the ecosystem,” Kelly says by email.

Unhappy Returns

In fact, returns abuse may be one of the more significant ways AI could alter fraud this holiday-shopping season.

“Returns fraud isn’t going away, and heading into this next quarter, economic pressures are only mounting,” Kelly says. “Because of this, some bad actors are pushing to find more creative ways to exploit return policies. Online shopping has only made this easier, with common schemes including sending back empty boxes, falsely reporting undelivered packages, returning used items, and various forms of social engineering. At the same time, we’re seeing more calculated forms of abuse with sophisticated fraud rings leveraging AI to scale operations.”

Usually, retailers’ reactions to returns abuse is to change policies, says Maanas Godugunur, senior director market strategy at LexisNexis Risk Solutions. That usually leads to an indirect increase in chargeback fraud. More chargeback fraud means more complications for merchants, he says.

AI can have a role in helping merchants counter this, Godugunur says. “The best way we’ve seen is to always push your customer to a digital channel, even if they came from a call center,” he adds. That creates a digital avenue to get a good look at the customer’s digital-identity attributes. AI can be injected then to analyze the data and help the retailer make an informed decision, he says.

For example, a look at the digital ID may reveal how many shipping addresses this customer has used. “There’s a good-looking digital ID, which usually has one email and maybe one to three devices, usually the [Internet Protocol address] is pretty static,” Godugunur says. IP addresses can vary by geography. Maybe there’s two shipping addresses. A bad actor will have three or more email addresses associated with it, five shipping addresses, and its IP address keeps changing, he says.

The age of an email also can be an indicator or good or bad intent. “If the age of the email in our global network is less than one week it will lead to a fraud rate of 71% most likely,” Godugunur says. Three or more accounts per email could mean an 81% fraud rate.

‘Outdated Playbooks’

Another change this year is that criminals continue to innovate. “Cybercriminal organizations are businesses, too, and they care about product-market fit, just like legitimate e-commerce companies. These criminal organizations/businesses are innovating without the bureaucracy that legitimate enterprises navigate,” says Frank Teruel, chief operating officer at Arkose Labs, a San Mateo, Calif.-based fraud-prevention firm.

Referring to a known instance when bad actors lost out, Teruel says, “When Microsoft disrupted Storm-1152 in late 2023, it took 30 days to reconstitute and it came back even more powerful, using AI to set up fake accounts. Now these attack-automation services are back up in hours, not days, armed with AI. As soon as agentic AI becomes open source, and we believe that will happen in the Q4 or Q1 time period, the fraud floodgates will open.”

Storm-1152 was a cybercriminal group that, Microsoft alleged, created approximately 750 million fraudulent Microsoft accounts for sale.

Tactics like these may put more emphasis on the need for nimbleness among merchants and their vendors.

“The traditional method of manually writing rules and waiting weeks to deploy updates simply can’t keep pace with AI-enabled fraud that evolves in real time. Companies that haven’t embraced machine learning are essentially playing defense with outdated playbooks against opponents using cutting-edge offense,” says Alexander Hall, trust and safety architect at San Francisco-based Sift Science Inc.

To get a better sense of their fraud activity, many merchants turn to benchmarking tools, Hall says. That can help understand if fraud spikes are isolated incidents or part of a broader attack. “This contextual awareness wasn’t widely available even a year ago.”

‘The Human Reality is Brutal’

While the fourth quarter always brings an increase in fraud activity, uncertainty about the economy may be a factor, too. “Economic uncertainty is a driving force for fraud, because when consumers are hunting for deals, they become more susceptible to scam Web sites offering ‘too good to be true’ pricing on popular items,” Hall says. “The rise of AI-generated fake storefronts makes these scams increasingly convincing.”

He expects account-takeover attacks, a longstanding threat, could surge this year because the combination of high transaction volumes and time-pressured consumers creates ideal conditions for account-takeover campaigns.

Elazar also suggests nimbleness in fraud prevention will become more important in the last three months of 2025.

Indeed, the fourth quarter remains the busiest and riskiest season for e-commerce fraud, and this year is no exception. “Fraudsters are increasingly leveraging AI tools and organized networks, from Dark Web forums to social media, to automate attacks and scale abuse rapidly,” Elazar says.

“AI enables bad actors to scale operations with minimal effort, creating more convincing fake users and automating fraudulent claims,” he adds. “We’re also seeing many new fraudsters, fresh to the game, who rely purely on AI tools they’ve learned from AI itself, using pre-made AI solutions readily available on Dark Web forums.”

As always, a big part of fraud prevention is education, for merchants and consumers. “Consumer education has become a critical industry focus. Research shows that while most consumers believe they can identify AI-generated scams, nearly 20% still fall for them,” Hall says.

“Merchant education is equally important,” he adds. “Many smaller retailers don’t understand current fraud trends and may unknowingly enable fraud by agreeing to manual payment processing when customers claim online checkout ‘isn’t working.’”

There’s no denying, too, that merchant fraud-prevention teams are tasked with ever more work. “The human reality is brutal. Most security teams are already buried, and now their job is essentially doubling because they need to start monitoring for agent-based attacks,” Teruel says.

One tool to help may be dynamic risk scoring that can distinguish between AI agent behavior and suspicious automated behavior, he says. “The key is understanding the intent and authorization behind the AI agent, not just flagging fast or unusual patterns. Consumers are going to deploy AI agents they trust, and those agents will gravitate toward platforms that authenticate them quickly, not platforms that treat them like threats.”

‘A Huge Wall of Friction’

However intent merchants may be to address online fraud in the fourth quarter, it appears a reactive stance may not be the primary method. “This year, we’re seeing a shift from passive fraud monitoring toward proactive, real-time threat intervention,” says Jay Lawrence, chief executive at Equus Compute Solutions, a retailer-focused systems provider.

“Retailers are increasingly deploying edge-based fraud-detection systems that can act instantly, before a transaction clears, rather than after the fact,” Lawrence says. “This is especially critical for Q4’s high-volume retail season, where even a few minutes of downtime or unchecked fraudulent activity can cost millions.”

“Compared to 2024, there’s a stronger emphasis on distributed intelligence—placing detection and response capabilities closer to the edge, where transactions and customer interactions actually happen,” Lawrence adds.

The 2025 fourth-quarter shopping season may be an indicator of how the consumer experience is changing.

“This Q4, merchants need to shift from rigid rule sets and black-and-white logic to more nuanced, real-time risk assessments based on behavioral signals and journey context,” says Darwinium’s Faulkner.

“Otherwise,” he adds, “they risk either letting in sophisticated fraud or alienating legitimate customers who are simply adopting new ways to shop. We don’t want consumers to be faced with a huge wall of friction just because they’re using the latest tools to buy and sell online. The fraud fight has evolved, and so must the customer experience.”