Only 3% of retailers feel well prepared to address AI-enabled fraud risks. Are you among the prepared or the other 97%?

Key takeaways:

• As more retailers adopt agentic AI, fraudsters continue to exploit it for more complex and scalable attacks.
• AI-enabled fraud can result in significant financial losses to retailers, as well as large-scale waste in infrastructure, and disrupted operations.
• Retailers can prevent AI-enabled fraud by upskilling their employees, leveraging new data sources for detection, and prioritizing high-impact use cases.  

The retail sector has jumped headfirst into agentic commerce. AI agents search, compare, and make purchases for customers, while large language models (LLMs) contextualize data and assist in decision-making to enable frictionless payments for retailers.

Indeed, 95% of retailers have implemented or plan to implement agentic AI, while 70% of customers are comfortable using agentic AI to make purchases on their behalf.¹

But while AI brings retail innovation, fraudsters can use it to exploit the ecosystem and conduct faster, more scalable attacks.

Deloitte's retail and fraud leaders are closely monitoring these evolving fraud risks. Unfortunately, we observed that retailers with a significant volume of LLM-referred orders saw a 37% increase in fraudulent traffic between Q2 and Q3 2025. Additionally, 69% of retailers experienced AI-enabled fraud in the past year, and 87% expect fraud to keep rising.²

In addition to financial losses, AI-enabled fraud can also lead to large-scale waste in infrastructure and disrupted operations. Above all, retailers who fail to address these risks will struggle to capitalize on the tremendous customer value unlocked by the rapid growth of agentic commerce.

Here, we explore how AI is reshaping fraud in retail—and what you can do to stay ahead.

How AI is accelerating fraud in retail

AI has opened the door not only to new risks but also to more sophisticated forms of known fraud risk:

• Automated synthetic identity creation: AI can generate convincing fake identities and bypass traditional identity verification.
• Automated stolen credit card purchases: Bots can rapidly test and use stolen card data undetected.
• Loyalty promotion loophole abuse: AI agents can exploit promotional offers or loyalty programs at scale.
• Deepfake social engineering: Fraudsters use AI to mimic voices or create fake videos, tricking employees or customers into revealing sensitive information.
• Scaled spear phishing campaigns: LLMs can craft highly personalized phishing messages that grow increasingly convincing.

The very features that drive AI innovation (autonomous systems and minimal oversight) now empower fraudsters to bypass traditional controls and escalate attacks in both scale and sophistication.

As adoption of AI accelerates, retailers must recognize that the risk landscape is evolving—and their existing, legacy fraud prevention approach is no longer enough. Deloitte’s survey finds that only 3% of the respondents feel well prepared to address AI-enabled fraud.³

Here are some elements of the traditional fraud mitigation, and how fraudsters are exploiting them:

❌ Static authentication: Fraudsters can use agentic AI to automate credential stuffing, mine personal data, and intercept basic multi-factor authentication methods.

❌ Session information monitoring and analytics: Advanced AI can mimic human navigation, touchscreen, keyboard, and mouse behaviours to make detection increasingly difficult.

❌ Rule-based monitoring: AI can help fraudsters learn and adapt behavioural patterns to avoid triggering static rules.

❌ Device/IP blocking: Fraudsters can automate spoofs and change devices and IP frequently to bypass device and IP blocking.

❌ Manual review: Fraudsters can overwhelm fraud operations teams with speed and volume, and take advantage of delays in fraud detection and response caused by siloed operations.

What do retailers need to do to address AI-enabled fraud?

Over 80% of your retail peers agree that detection tools will most effectively mitigate AI-enabled fraud.⁴ While Deloitte’s retail and fraud leaders see that as step one, our research shows that it’s paramount for retailers to expand maturity across domains from strategy to technology infrastructure, including preventative tools:

✅ Strategy and governance: Review risk tolerance & ownership for the evolving AI-enabled risks.

✅ Know your agent (KYA): Detect, classify, and govern all AI agents to prevent AI-enabled fraud and maintain customer trust.

✅ Adaptive authentication: Evaluate risk with real-time signals to tighten verification steps. Ensure only legitimate users or agents can complete transactions.

✅ Dynamic fraud detection: Deploy detection tools and upgrade analytical models to analyze user behaviour and transaction patterns in real-time to block fraudulent AI attacks.

✅ Response and dispute: Ensure effective investigation practices, timely analysis and intervention, and efficient resource usage to minimize operational and financial impact from AI-enabled fraud.

✅ Infrastructure and security: Utilize layered security protocols, including access controls and audit trails, as well as advanced data management capabilities.

The biggest challenge to bring these innovations will be securing funding, as 52% of retailers shared with us. They also cited limited skills and availability (38%), and outdated technology (34%) as barriers.⁵

Steps to overcome barriers while improving fraud risk management maturity

Here’s our framework to address these common barriers fraud leaders in retail face:

1. Balance AI-driven fraud risks while supporting e-commerce growth objectives

Fraud prevention strategies need to evolve beyond termination of digital interactions or payments that don’t follow typical human patterns. Retailers need to adopt a dynamic, data-driven approach. This way, they can maintain robust fraud controls while facilitating agent-driven transactions, enabling business growth, and enhancing customer experience and trust.

2. Harness data for fraud modernization

Fraud teams need to expand beyond existing indicators like device fingerprints and other human patterns. They now need to leverage new network, peer, or cross-industry data points, along with enhanced models, to distinguish legitimate AI activities from malicious ones.

3. Expand knowledge and expertise through external partners or in-house upskilling

Retailers must prepare their teams with the right skills and knowledge to adequately address AI-enabled fraud. This might look like:

• Leveraging external industry experts and advisory partners to introduce payment and fraud system optimization
• Peer and industry benchmarking relating to best practices and lessons learned to help retailers appropriately assess and prioritize fraud initiatives
• Upskilling resources to improve understanding of agentic and GenAI systems, payment ecosystems, emerging protocols, and fraud liability implications

4. Prioritize high-impact use cases

With limited resources, focus on high-impact use cases. Balance quick wins with longer-term transformation, ensuring fraud management initiatives are aligned with e-commerce growth objectives.

Build your retail fraud strategy today

As retailers continue to use AI to drive efficiency and growth, so will fraudsters to perpetuate AI-enabled fraud. The scalability and speed of AI-enabled fraud will overwhelm traditional fraud controls.

To stay ahead, retailers need a proactive fraud strategy designed with this AI evolution in mind. Our retail and fraud leaders are here to help you protect your business and join the 3% of retail leaders who are well-prepared for emerging AI-enabled fraud risks.

Connect with our leaders below to discuss your strategy.