Are businesses overly assured about their defenses against identity fraud? Recent insights indicate they might be overly confident.

Per a

Signicat and Red Goat Cyber Security survey titled “The Battle in the Dark 2025”
, only 5% of participants expressed doubts about their identity fraud management. Despite this, three-quarters believe they are effectively combating the issue—while 47% do not consistently monitor the impact.

“A critical challenge with fraud is recognizing what you might be missing or not actively searching for,” noted

Jennifer Pitt, Senior Analyst at Javelin Strategy & Research
. “Without consumers reporting incidents for various reasons, organizations can develop a false sense of security regarding the effectiveness of their fraud prevention strategies.”

A Growing Concern

The gap between confidence and reality is amplified by the fact that European businesses estimate one in five transactions to be fraudulent. Identity theft and its associated costs could affect up to 22% of annual revenue.

According to Signicat, identity fraud attempts have surged by 69% over the last four years, with overall fraud incidents increasing by 88%.

Challenges in Detection

Identity theft remains the most prevalent type of fraud in Europe, accounting for 9.3% of all reported cases so far this year. Account takeover and social engineering tactics follow closely as second and third most common methods.

In the banking sector, identity fraud is particularly rampant, whereas payment processors are more likely to face account takeover strategies.

“Fraudsters employ increasingly sophisticated techniques that some organizations may not be equipped to detect,” said Pitt. “Some companies might rely on a single detection method rather than adopting a layered approach necessary to combat complex fraud.”

The research also revealed that 80% of businesses think pushing back against criminals only propels them to devise new tactics, underlining the ongoing challenge in combating evolving threats.

“Fraud evolves faster than current detection systems can keep pace,” Pitt added. “Organizations that depend on outdated and static methods may fail to recognize newer types of fraud, thus creating a false sense of security where fraud goes undetected.”