Digital fraud on the rise: by 2026 identity becomes the main target of AI and Web3 attacks

The new 2026 report by Entrust reveals an alarming global landscape: digital identity fraud has increased by up to 3.1% worldwide. Fueled by generative AI, deepfake, and social engineering, these threats are revolutionizing the very concept of digital trust, impacting even the Web3 world.

Key Points of the Article

• Deepfakes account for 1 in 5 biometric fraud attempts
• 67% of fraud in the crypto sector occurs during the onboarding phase
• National identity documents are the most counterfeited (46%)
• Fraud techniques are becoming more professional thanks to Fraud-as-a-Service
• AI has become a powerful weapon for attacking, but also for defense

The Evolution of Digital Fraud: From Identity to Web3

By 2026, fraud is no longer a sporadic activity. It has become a true global industry, fueled by generative AI (GenAI), organized criminal networks, and automated tools. Digital fraud no longer targets only banks: today, every platform that manages identities — including those in the Web3 space — is vulnerable.

According to the Entrust report, based on over 1 billion identity verifications in 195 countries, frauds develop along three main lines:

1. Targeting identity: document forgery, identity theft, use of deepfake or synthetic identities.
2. Bypassing prevention systems: injection attacks, device emulation, automated bots.
3. Manipulating people: phishing scams, coercion, and social engineering.

Deepfake and Generative AI: The New Frontier of Fraud

One of the most alarming statistics is that 20% of biometric fraud analyzed by Entrust was facilitated by deepfake, meaning digitally manipulated faces used to bypass facial recognition systems.

With the spread of generative AI, creating a fictitious identity has become simple and accessible even to non-expert users.

“Fraud-as-a-Service” platforms now allow anyone to rent tools to create fake documents, synthetic avatars, or targeted attacks against crypto exchanges, wallets, and DeFi platforms.

The Most Counterfeited Documents: National, Non-Biometric, and Obsolete

46% of the counterfeit documents intercepted in 2025 were represented by national identity cards, followed by driver’s licenses (25%) and passports (19%). The phenomenon is particularly pronounced in:

• Asia-Pacific (APAC): where 60% of fraudulent documents are comprised of national IDs.
• Europe, Middle East, and Africa (EMEA): with 45% of counterfeit IDs.
• America (AMER): most affected by fake licenses (37%).

Bangladesh, Pakistan, and Nigeria are among the countries with the most counterfeited cards, often because less secure paper versions or those lacking biometric standards are still in circulation.

Impacts on the Web3 and crypto sector

Crypto and Web3 projects are not exempt. In fact, according to Entrust:

• 67% of fraud occurs already during the onboarding phase of users on crypto platforms.
• These attacks exploit registration bonuses, referral mechanisms, or weak KYC.
• In digital banks, however, 55% of fraud occurs post-registration, involving account takeovers and fund theft.

The typical anonymity of Web3 doesn’t help: while it protects privacy on one hand, on the other, it increases exposure to fraud if not paired with robust verification systems.

The New Face of Crime: Professionalization and Automation

The report highlights a strong “professionalization of digital crime”:

• Attacks are often automated, with scripts testing hundreds of fake identities.
• The use of device emulation is spreading: emulating a trusted device to bypass defenses.
• Platforms for Fraud-as-a-Service are emerging, where tools for document, biometric, and behavioral fraud are rented on a subscription basis.

The risk is that even inexperienced operators could orchestrate complex scams, with significant impacts particularly on crypto startups and dApps with limited resources.

Strategies for Defense: AI vs AI

The good news is that AI can also be the best ally in the fight against fraud. Today’s artificial intelligence models are capable of:

• Analyze micro-facial expressions to expose deepfakes.
• Identify behavioral inconsistencies in the use of Web3 apps.
• Identify large-scale document fraud schemes.
• Apply advanced filters during KYC/onboarding to identify synthetic identities.

Entrust offers a multi-layer approach to identity security: from biometric verification to identity lifecycle management, up to continuous user education against phishing.

The Future of Digital Identity is a Trust Challenge

Identity is the new attack surface. In the digital world — from banking to Web3 — the line between real and synthetic is blurring. As fraud becomes more intelligent and widespread, only a mix of advanced technology, user awareness, and resilient systems can keep the security threshold high.

In 2026 and beyond, the challenge will be rethinking digital trust in a world where even a face can deceive.