AI Supercharges Corporate Fraud as Finance and Security Teams Struggle to Unite

Fraud is no longer an occasional business disruption—it’s becoming a routine operational hazard. A new report from cybersecurity firm Trustmi finds that 83.6% of enterprises were targeted by social engineering fraud in the past year, with losses often running into the millions. The research underscores an unsettling reality: the biggest vulnerability isn’t just weak technology, but fractured collaboration between finance and security teams.

“GenAI has weaponized fraud into a coordinated business attack,” said Shai Gabay, CEO and co-founder of Trustmi. “Attacks now cross multiple systems, exploiting every gap between teams and tools. Without unified visibility and coordination, enterprises will continue to face threats no single control can stop.”

Big Losses, Growing Frequency

The financial fallout from these attacks is staggering. Nearly half of enterprises reporting losses said they lost at least $500,000 in a single incident, while more than a quarter took hits exceeding $1 million. For some organizations, these events aren’t rare shocks—15.7% of respondents reported facing fraud attempts weekly or more.

Unlike classic phishing scams, today’s fraud campaigns resemble multi-stage business operations. They move laterally across email, vendor platforms, and financial systems, exploiting process blind spots and human error along the way.

Finance vs. Security: The Collaboration Chasm

Trustmi’s survey of 525 finance and cybersecurity leaders at billion-dollar enterprises revealed a structural flaw that attackers are quick to exploit: fraud prevention ownership is split down the middle. Just 27% of organizations said it was a shared responsibility, while most assigned it to one silo or the other.

That misalignment comes at a cost. Over a third (34.5%) of respondents admitted that poor coordination between finance and security was a direct factor in a recent fraud incident or near miss.

Legacy Defenses, Modern Failures

The report also highlights how traditional safeguards crumble under AI-driven attacks. In 88% of major incidents, at least one critical control failed. Email and messaging security topped the failure list (44.6%), followed by security awareness training (32.2%), and compromised third-party vendors (31.6%).

Even when controls technically “worked,” attackers often slipped through anyway. Nearly half of incidents involved human error, while 40% of fraudulent messages looked convincing enough to bypass scrutiny. In some cases, validations and approvals were followed correctly—yet still proved ineffective.

Closing the Fraud Gap

Trustmi outlines four urgent priorities for enterprises:

1. Unify ownership of fraud prevention across finance and security.

   
   

2. Deploy cross-platform detection systems that can trace fraud across multiple tools.

   
   

3. Invest in defenses resilient to AI-generated attacks.

   
   

4. Track the full operational and compliance impact, not just direct financial losses.

   
   

With attacks now scaling at the speed of automation, enterprises that fail to bridge the collaboration gap risk facing not only bigger losses but reputational and regulatory fallout.

The message is clear: fraud is no longer a finance problem or a security problem—it’s a business survival problem.