A great deal has been written over the past year about the different types of digital identity fraud emerging in 2026. Industry experts and specialist organisations consistently highlight the growing availability of increasingly sophisticated tools, with artificial intelligence taking centre stage in much of the discussion.
And rightly so. AI-powered attacks are evolving rapidly and becoming more prevalent by the day. Deepfakes, AI-generated documents and prompt injection attacks are no longer theoretical threats; they are now part of the fraud landscape.
However, there is one important fact that should not be overlooked: fraud remains, to a large extent, a physical and manual activity.
The evidence we see every day is clear. While highly sophisticated attacks are on the rise, the vast majority of fraud attempts currently targeting businesses and public sector organisations still rely on more traditional and relatively unsophisticated methods. These presentation attacks include the reuse of stolen credentials, basic impersonation attempts, genuine identity documents used by unauthorised third parties, and social engineering tactics.
The purpose of this article is not to revisit statistics from industry reports or summarise findings from various forums and research studies on the current state of fraud. Instead, I want to share insights drawn from our own data. These findings come from real-world production environments across a diverse range of clients, where we have identified and analysed a wide variety of attacks and fraud attempts firsthand.
While advanced fraud techniques continue to evolve, it remains crucial to deploy technology that can also identify the more conventional forms of fraud, which still account for the overwhelming majority of fraud attempts.
The most common types of fraud
When it comes to verifying a person’s age or identity using an official document—whether a national ID card or a passport—the process appears straightforward: simply present the document to a smartphone camera and capture it as a photo or video. However, behind this seemingly simple action lies a significant challenge: determining whether the document is genuine and has not been physically tampered with.
The most common fraud attempt involves presenting a photocopy of a document to the camera or, more commonly, displaying the document on another screen, such as a smartphone or tablet. In these cases, readily available image-editing software can be used to alter the document’s details or even create an entirely new image from scratch.
This type of presentation attack is particularly prevalent in sectors as diverse as online gambling and betting, financial services—including banks, fintechs and insurance providers—and telecommunications.
Identity fraud in the online gambling and betting industry
In fact, one of the sectors where we see this reality most clearly is online gambling and betting.
Within this industry, one of the most common fraud attempts we have identified throughout 2026—and one that we have actually been observing for several years—is children attempting to impersonate their parents.
This is particularly relevant because, when verifying the identity of new users registering on these platforms, the primary objective is to confirm that they meet the legal age requirement. Minors are not permitted to register or access these services.
The pattern is often the same: there is a clear physical resemblance between parent and child, and a completely genuine identity document—typically belonging to the mother or father—is submitted during the onboarding process in an attempt to pass the identity verification checks.
This leads to an important conclusion: verifying the authenticity of the identity document alone is no longer sufficient. An additional layer of facial recognition is essential to confirm that the individual completing the verification process is genuinely the same person depicted in the document.
In other words, organisations must not only establish that the document is authentic, but also that it is being presented by its rightful owner.
This type of fraud remains fully prevalent today.
Identity Theft in Banking
Another particularly relevant form of fraud that continues to persist is credential theft (phishing). Even today, this remains one of the most common attack vectors: obtaining a person’s login details in order to access their private accounts and, from there, attempt to impersonate their identity.
It is precisely at this stage that biometrics play a decisive role in preventing more serious consequences.
A clear example of this has been observed in one of our banking sector clients.
Following a phishing campaign, attackers managed to obtain the login credentials of several users to a digital banking application. At that point, they had already completed the first stage of the fraud: gaining access to the accounts.
What remained was the second step: bypassing the identity verification required to authorise a transaction.
In this case, the attempt was particularly revealing in its simplicity. Once access credentials had been obtained, the attackers turned to genuine photographs of the victims taken from their public social media profiles, as the second authentication factor relied on facial recognition.
This was not a traditional presentation attack—simply showing an image in front of a camera—but rather an injection attack.
The goal was to inject a real selfie image of the user directly into the authentication flow, tricking the system into accepting it as valid and approving the transaction.
Fortunately, when biometric technology is properly integrated into the authentication flow and an end-to-end process control is in place, these types of attacks can be detected and blocked, as was the case here.
A well-designed injection attack detection (IAD) module makes it possible to identify when someone is attempting to bypass the live camera feed by introducing an image or video from an external source, such as a social network or a previously obtained file.
This highlights one of the key trends in digital identity fraud in 2026: the rise of logical attacks leveraging artificial intelligence to generate deepfakes or orchestrate injection-based techniques.
However, while this emerging trend is increasingly visible in production environments, the public debate remains overly focused on artificial intelligence and high-profile deepfakes. The reality seen day to day is much broader: fraud combines advanced attacks with basic techniques, blends automation with social engineering, and exploits the weakest link in the security chain—which, as is well known, is human nature.
For this reason, addressing a single layer of the problem is no longer sufficient.
Robust, mature systems are required to defend against both presentation attacks and injection attacks, combining multiple analytical layers—document verification, biometrics, liveness detection and channel integrity analysis—to accurately detect each attempt at fraud.
Digital identity today requires a multi-layered defence.
Because fraud is constantly evolving.
And digital trust depends on being prepared to detect both the most sophisticated attack and the most seemingly simple one.
Please get in touch if you’d like to find out how our technology can help you prevent identity fraud.
I’m a Software Engineer with a passion for Marketing, Communication, and helping companies expand internationally—areas I’m currently focused on as CMO at Mobbeel. I’m a mix of many things, some good, some not so much… perfectly imperfect.
MOBBEEL EXPERIENCES
Digitising registration for mutual insurance companies
Mutua Universal has digitised identity verification for user registration, enabling 100% remote, user-friendly, and secure access to its digital services.
