As conversations around fraud increasingly fixate on advancing AI threats and the rise of ‘deepfakes,’ Entrust’s annual identity fraud report has revealed a far more grounded and alarming insight. According to the security company, a significant share of global fraud activity now peaks between 2am and 4am UTC, a window when many financial institutions’ defences are at their weakest. Bluntly put, the only time all major fraud geographies are active is whilst all major victim geographies are asleep.
This two-hour window is the perfect overlap between the world’s most active fraud hubs, operations in Asia are in full daylight, Eastern Europe is wrapping up, Africa is online, and Western financial institutions, the primary targets, are running on reduced overnight teams. Fraudsters are capitalising on this predictable vulnerability, forming a coordinated global night shift of attacks meeting a sleeping defence line.
Entrust’s Senior Fraud Specialist Manager, Simon Horswell, warns that “as detection improves, fraud rings evolve, becoming faster, more organised and commercially driven.” But the report also shows that the threats receiving the most hype are not necessarily the most common. Deepfakes may be rising, yet they account for just one in five biometric fraud attempts. In reality, many successful attacks remain decidedly low-tech, for example, a photo of a screen, photo of a printout, 2D and 3D masks, video of a video on screen, or video of a photo on screen.
ERIS SAYS: As an industry, it seems we should be less concerned with the sci-fi allure of hyper-advanced AI attacks, which remain comparatively rare, and focus more on the operational weaknesses exposed by the fraud night shift. Advanced tools matter, but so does 24/7 monitoring, global threat synchronisation, and an acceptance that fraudsters keep regular hours. The riskiest moment for identity systems is not when technology evolves: it is when no-one is watching. Fraud has become a circadian threat, calibrated to exploit both machine-learning blind spots and human downtime.
Share this
