“Please send me electronic money - I am on a spaceship and running out of oxygen." The “astronaut” who texted this plea to an 80-year-old woman in Hokkaido, Japan, from “orbit” got the money. She sent him the equivalent of USD $6,700. The request didn’t come out of nowhere – over the course of the few months prior, they had developed a romance on social media. This scam is unfortunately just one of many reflecting a broader wave of consumer risks targeting digital financial services (DFS) users.
Stories like this are not rare anymore. Since our 2021 global research on the scale and nature of DFS risks, consumer risks have become more complex, more interconnected, and harder to detect.
The six DFS consumer risk types—now more intertwined than ever
In 2021, we identified six major DFS consumer risk types: fraud, data misuse, network downtime, inadequate recourse, lack of transparency, and agent-related risks. The first three—fraud, data misuse, and downtime—are deeply connected with cybersecurity, related to protecting the confidentiality, integrity, and availability (the classic “CIA triad”) of information and/or information systems.
Through our recent review of over 200 reports and consultations with global experts, one thing is clear — the interconnectedness of the DFS ecosystem is making these risks more complex and tangled than ever.
For example, fraud increasingly stems from social engineering, weak passwords, customer information lists bought on the dark web, or corporate data breaches. Criminals often obtain customer data from DFS users, financial service providers (FSPs), third-party providers (TPPs), or other entities through tactics such as phishing, impersonation, and artificial intelligence (AI)-generated content. They then use the customer data to steal funds or launch new attacks. When cyber incidents occur, consumers may face network downtime, lose money, and/or data. But if systems are down, many FSPs and agents can’t verify claims or reimburse customers, leaving them stuck with unresolved complaints.
Some attacks, such as phishing, ransomware, and malware, stretch across multiple risk categories. The European Union Agency for Cybersecurity’s January 2023 to June 2024 financial sector threat landscape found that ransomware incidents in the European financial sector resulted in financial losses (38%), data exposure (35%), and operational disruptions (20%), which all impact consumers.
Forces driving existing and new risks
Several powerful forces are reshaping the DFS risk landscape. Such forces include:
- The explosive growth in AI - particularly generative AI (GenAI)
- Heavy social media use, with 5.66 billion people globally (93.8% internet users) on social platforms
- Organized crime groups expanding into cyber fraud
- A massive increase in consumer data, with global data generated projected to triple between 2025 and 2029
In open finance regimes, consumer data is accessed by TPPs through Application Programming Interfaces (APIs).
The accelerated use of AI is reshaping risks
AI and deepfake technology are not new, but with GenAI tools and fraud-as-a-service, even inexperienced scammers can now create convincing impersonation videos and voice clones, fake bank or government messages, hyper-personalized phishing attacks, and fraudulent investment schemes. Deepfakes, which quadrupled globally from 2023-24, are driving more convincing scam messages, fake personas, and impersonation sites that evade FSP detection.
In 2021, we saw crypto-themed scams mimicking community-based mutual aid systems—structures familiar in low-income communities. Today, those scams have evolved into “AI-powered trading platforms” promising guaranteed returns. For example, Crypto Bridge Exchange (CBEX), which “brandjacked” the acronym of the China Beijing Equity Exchange to appear legitimate, collapsed in 2025, leaving social-media-recruited victims in Nigeria and Kenya with heavy losses. Harvard Business School warns that such scams may soon become so personalized and psychologically precise that past frauds will look almost trivial.
AI is also amplifying synthetic identity fraud—flagged in 2022 as an increasingly sophisticated threat. Using GenAI and automation, fraudsters create fake identities and use them to open accounts with FSPs that have lighter Know-Your-Customer (KYC) requirements, build credible-looking transaction histories, take out credit that victims are stuck repaying, or move illicit funds from accounts (often student-run for a fee) to the fraudulent accounts. In markets with fast payments, this is even harder to stop. Money moves quickly, accounts are closed swiftly, and FSPs often detect the fraud only after the funds disappear.
Additionally, AI combined with Distributed Denial of Service (DDoS) ‘booter’ platforms now allows even unsophisticated attackers to launch massive one-click DDoS attacks, causing severe downtime. Many incidents share overlapping attack patterns, hinting at coordinated criminal groups or shared infrastructure. Attackers today are also launching DDoS attacks through cloud configurations, shadow AI systems, unsecured open-source AI tools, and Software-as-a-Service platforms, all key components in DFS ecosystems.
Fraud is becoming more organized and violent
Fraud is no longer the work of isolated criminals. It’s increasingly a coordinated business fueled by co-offender networks and a growing fraud-as-a-service market where criminals use cryptocurrencies to trade synthetic identities, mule accounts, and data from breached systems. Even traditionally violent organized crime groups have moved into the cybercrime economy, trafficking over 220,000 people to run online fraud operations in scam farms across Southeast Asia. Some hackers are even targeting wealthy crypto holders by staging home break-ins to steal hardware wallets.
Data sharing is adding new risk layers
As open finance spreads, with regulations emerging in over 50 jurisdictions, FSPs’ dependence on TPPs to access customer data adds risks, with criminals exploiting APIs as easy cyberattack entry points. In 2025, we saw several TPP attacks, such as the exposure of sensitive data for 1.4 million Allianz Life customers through a cloud-based customer relationship management system, and a major Brazilian payments provider was forced offline by a cyberattack.
Open finance regimes represent a great opportunity to expand financial inclusion, but they are also increasing the complexity of risks related to transparency, consent, and liability allocation. Some consumers often have no idea how much of their data is being shared—or with whom due to the increasingly complex consent mechanisms.
Digital illiteracy is amplifying vulnerability
As we have documented, the risks in our typology can lead to over-indebtedness and deteriorating financial health, especially in contexts with fragmented consumer protection frameworks and low digital capability. The OECD reports low digital literacy among DFS users globally — only a minority of digital borrowers understand basic credit concepts, many digital payment users cannot demonstrate basic digital financial skills, and digital financial literacy remains insufficient for informed use of crypto-assets. Low literacy and limited financial resilience increase individuals’ vulnerability, causing many to underestimate the risks of digital products—particularly crypto assets. These issues often lead to negative outcomes compounded by behavioral biases, some of which fuel gambling disorders, already affecting 1.2% of adults globally.
The speed and convenience of DFS bring enormous benefits. But the rising complexity of consumer risks poses real threats to financial inclusion and well-being. Among other things, we need ecosystem-wide approaches to collaboratively address new risks and make DFS more responsible, including stronger market monitoring to quickly detect, understand, and respond to new threats.
Our next blog will explore how the scale of risks has evolved to help pinpoint the most urgent issues.
Add new comment