The Evolution Blog

How AI Agents Are Transforming Fraud Prevention in 2025

8 December 2025|
By Natalie Lewkowicz

AI Agents Are Transforming Fraud Prevention in 2025: What Businesses Must Do Now

This blog is based on insights shared during a recent live Darwinium webinar, “The AI Holidays Are Here: From Agentic Commerce to Adversarial Attacks.” The session brought together leading experts from high-growth digital businesses facing some of the toughest fraud and abuse challenges today, including Jon Ferrari (Head of Fraud Prevention, Apollo), Conor O’Kelly (Trust & Safety Engineering, Udemy), Anbu Ilangovane (VP Engineering, Discogs), and Ben Davey (Co-Founder & VP of Product, Darwinium).

Their combined perspectives from SaaS to marketplaces to global education revealed how AI-driven automation is reshaping user behavior, expanding attack surfaces, and forcing fraud strategies to evolve at unprecedented speed. What follows distils those discussions into a single, comprehensive guide for fraud, security, and product leaders preparing for the new era of AI-enabled digital traffic.

AI Agents Are Transforming Fraud Prevention in 2025

The rise of agentic AI, autonomous digital agents that browse, compare, authenticate, and transact on behalf of users, is reshaping every online industry. Tools like Comet, Atlas, and custom-built LLM-driven agents are no longer fringe experiments. They are rapidly becoming part of mainstream digital traffic.

This shift brings extraordinary convenience for users, but also a dramatic expansion of the fraud and automation attack surface. The challenge for businesses in 2025 is clear:

How do you allow good AI agents while stopping bad automation?

Leading organizations across SaaS, marketplaces, and ecommerce are already answering this question, and their insights reveal where fraud prevention must evolve next.

Why AI Agents and Bots Look Identical Now

In previous generations of bot detection, attackers were relatively easy to fingerprint. Bots used:

  • Headless browsers
  • Suspicious IPs
  • Predictable timing
  • Repetitive navigation patterns

Today, these signals don’t necessarily identify an attacker.

Modern AI-powered agents:

  • Render pages like real browsers
  • Randomize timing using LLMs
  • Follow natural journey flows
  • Operate from residential IPs
  • Adjust behavior in real time when blocked

This makes legacy defenses like CAPTCHAs, IP blocking, device lists, effectively obsolete.

As Anbu Ilangovane, VP Engineering at Discogs, explains:

“IP addresses have become the least valuable commodity. Block one and another appears in seconds.”

And CAPTCHAs? Those are long gone.

Jon Ferrari, Head of Fraud Prevention at Apollo, puts it bluntly:

“Challenges are super dead. CAPTCHA-defeaters are everywhere.”

Fraud teams can no longer rely on surface-level signals. They must understand intent across the entire user journey.

Deep Signal Analysis Is Now Essential

To distinguish legitimate agents from malicious automation, businesses must combine multiple layers of intelligence. The most effective organizations now use:

1. Behavioral Biometrics

This includes:

  • Mouse movement signatures
  • Scroll velocity
  • Input cadence
  • Touchscreen interaction patterns

These are extremely difficult to replicate at scale.

Jon explains their impact:

“By using behavioral biometrics at multiple steps, we can mathematically calculate the likelihood of non-human activity, even when it looks like a browser.”

2. Timing and Sequence Analysis

Agents with real user intent display non-linear, varied timing.

Bots, even AI-enhanced ones, still fall into detectable rhythm patterns.

3. Journey-Level Context

Instead of evaluating events in isolation, businesses must evaluate:

  • Browsing behavior
  • Navigation flow
  • Mid-journey deviations
  • Post-login risk changes
  • Patterns across multiple sessions or accounts

Discogs relies heavily on this approach:

“Darwinium lets us zoom out and see what a user does across the entire journey. We can now spot abnormal patterns instantly.” — Anbu

4. Device and Network Intelligence

Not just the device fingerprint, but how it evolves over time.

Account farms, fake shoppers, and scraping networks often share:

  • Overlapping device signatures
  • Reused infrastructure
  • Slightly modified browser patterns

Udemy uncovered one of the most striking examples:

“Those 5,000 IP addresses all traced back to a single device signature… so we just banned them.” —Conor O’Kelly, Udemy

This type of insight is impossible with traditional bot tools.

Adaptive Policies: The Only Sustainable Fraud Strategy

The most successful businesses in 2025 are not blocking automation outright. They are categorizing it and responding dynamically.

Modern fraud strategies operate across three adaptive modes:

1. Permit (Low-Risk)

Allow safe browsing, even if automated, such as:

  • Price comparison
  • Content discovery
  • Shopping agent research

This prevents unnecessary friction and protects conversion.

2. Verify (Medium-Risk)

When behavior deviates, escalate friction intelligently:

  • Step-up authentication
  • Identity checks
  • Payment confirmation
  • Behavioral challenges

This ensures high-risk flows (login, checkout, payout changes) stay secure.

3. Prevent (High-Risk)

Block when automation is clearly malicious:

  • Scraping
  • Credential stuffing
  • Checkout abuse
  • Account generation farms
  • API exploitation

This approach dramatically reduces fraud while preserving legitimate automation.

At Apollo, this shift has been transformative:

“We’ve massively reduced scraping. Attackers now need more accounts and more infrastructure;it’s becoming too expensive to bother.” — Jon Ferrari

When you increase attacker cost while reducing friction for real users, you win on every front.

Why This Matters for Every Digital Business

Attackers are now using:

  • LLM-driven multi-step automation
  • AI-guided evasion
  • Human-like mouse and scroll simulation
  • Intelligent proxy rotation
  • Agent-style reasoning

Businesses must evolve just as quickly.

Organizations that adopt multi-signal, journey-based, adaptive detection will:

  • Approve more legitimate traffic
  • Reduce friction for trusted users and agents
  • Block advanced bots earlier
  • Lower fraud and abuse costs
  • Increase revenue and conversion

As Conor from Udemy shared:

“We block more fraudulent accounts in a single day than we used to identify in a month.”

That is the difference between traditional bot defenses, and modern, AI-ready fraud prevention.

Final Takeaway

AI agents are already reshaping user behavior, digital commerce, and fraud patterns. Businesses that treat automation as a monolith will lose. Those who distinguish good agents from bad bots, using deep behavioral and journey-level signals, will create the safest, smoothest, highest-converting digital experiences of 2025.

Fraud prevention is no longer about blocking bots.
It’s about understanding intent and enabling the future of automated user journeys safely.