JOSEPH GABRIEL LAGONSIN

News Editor

Dojo has warned that fraudsters are using AI-generated receipts to secure refunds from retailers, with online searches for such tools rising sharply.

Data cited by the payments company showed global Google searches for “AI-generated receipts” rose by 2753% over the past year. It also referenced findings from Cifas showing that AI-manipulated documents now account for more than 20% of falsified evidence used in UK refund and chargeback disputes, where total fraud cases exceeded 444,000 last year.

The issue centres on fake proof-of-purchase documents created with generative AI tools. These can mimic real receipts with retailer logos, item lists, timestamps and transaction numbers, making them hard for frontline staff to distinguish from genuine records during refund checks.

According to the figures cited, about one in 10 UK returns is already estimated to be fraudulent. AI-generated imagery is adding pressure to return, refund and replacement processes, particularly where staff rely on uploaded documents rather than direct checks against payment records.

A Dojo spokesperson said AI receipt generators are making it easier for fraudsters to create convincing fake proof of purchase.

“With just a few clicks, they can produce receipts that mirror real store formats, complete with logos, item lists, timestamps and transaction IDs. As many return systems rely on documentation rather than transaction-level checks, these AI-generated receipts often go unnoticed, allowing fraudulent refunds to slip through even well-established defences.”

Risk areas

Several sectors appear more exposed than others. Dojo identified eCommerce and digital-only retail, fast-food and quick-service restaurants, consumer technology, ride-share and on-demand travel, food-delivery platforms, luxury goods, telecoms and financial services as industries where interest in receipt generators suggests higher fraud risk.

The assessment was based on Google search patterns for brand-specific receipt generator terms. Separate Experian data for 2025, cited by Dojo, indicated that 62% of digital-only retailers, 48% of retail banks and 44% of telecom providers reported AI-related fraud attempts.

Those sectors share several features that can make them targets for document fraud. High transaction volumes, automated customer service systems and digital templates that are relatively easy to imitate can create openings for false refund, return or reimbursement claims.

Checks advised

To limit exposure, Dojo urged businesses to verify submitted receipts against actual transaction records. Checks on timestamps, payment amounts and transaction IDs remain the most reliable way to identify fabricated documents.

It also recommended adding QR codes, barcodes or other unique markers to receipts so staff can trace a claim back to a live record in the merchant’s system. For higher-risk categories such as expensive electronics, digital-only purchases and goods commonly resold online, retailers should apply stricter refund rules and require further verification before approving a claim.

Another step is staff training. Frontline workers can be taught to spot repeated textures, irregular spacing, mismatched metadata, incorrect store formats and impossible timestamps, all of which may indicate that a receipt or supporting image has been artificially generated or altered.

Behavioural monitoring is also part of the advice. Repeated refund requests from the same device or location, multiple claims in a short period, or unusual patterns in customer activity can help investigators identify serial abuse even when the documents appear plausible.

Dojo also advised businesses to consider AI-based fraud detection systems that examine images and documents for signs of manipulation, including synthetic text, altered pixels and inconsistencies that may not be visible to staff reviewing claims manually.

The warning reflects a broader shift in fraud methods as generative AI tools become easier to access. For merchants, the challenge is no longer limited to spotting obvious forgeries, but to checking whether documents submitted in routine customer service interactions match real transaction data held in their own systems.

JOSEPH GABRIEL LAGONSIN

News Editor

Atos has launched Digital Workplace as a Service for mid-size companies, targeting businesses with 5,000 to 15,000 employees.

The offer is aimed at organisations that have often fallen between large outsourcing contracts and smaller managed services arrangements, particularly in sectors such as manufacturing, logistics and retail, where many staff are not office-based.

Digital Workplace as a Service is structured as a modular subscription service. Customers begin with a discovery phase to identify workforce requirements, select relevant service components and generate a pre-calculated price.

The service includes AI-led automation from the outset, including chatbots built on a general knowledge base that can cover about 85% of common frequently asked questions before customer-specific information is added during a 90-day onboarding phase.

Atos expects the service to shift more employee support interactions away from voice channels. It estimates that 60% of tickets could be resolved through automation by the third year, with live chat handling the remaining interactions, while fully optimised environments could reach 80% to 85% automation.

The service is priced at a level comparable with internal IT support. A value-sharing model would reduce the cost per user as automation expands and demand for support falls.

Mid-market focus

The launch reflects a push to address a segment that major IT service providers have often served unevenly. Mid-sized businesses have typically faced a choice between basic support services and more complex outsourcing models designed for much larger organisations.

For companies with frontline, shift-based or distributed workforces, workplace technology support can differ sharply from the needs of office-led businesses. Retailers, manufacturers and logistics groups often need support models that account for shared devices, variable working patterns and staff with limited access to conventional desktop-based systems.

Atos said its service uses persona-driven analytics as part of its design, with the aim of shaping support around different workforce profiles rather than treating all employees the same.

Automation plans

Atos positioned automation as a core part of the operating model rather than an add-on introduced later. In practice, clients are expected to begin with standard chatbot support and then extend automation as internal knowledge is integrated during onboarding.

The service is intended to prevent some issues before tickets are raised and to handle submitted requests more efficiently. Atos said this approach can improve employee productivity and user experience while lowering support costs over time.

Lewis Herbert, Head of Digital Workplace, Smart Platforms and Technology Services at Atos UK&I, outlined the rationale for the launch.

“Digital Workplace as a Service fills the gap that mid-size companies face when having to choose between basic IT support and complex, costly solutions designed for large enterprises. It’s designed to be fast, flexible and outcome-focused from day one, helping mid-size companies thrive in today’s AI-powered digital era by proactively enhancing employee productivity and experience,” Herbert said.

Atos operates in 54 countries and employs about 56,000 people. The group reported annual revenue of about €7.2 billion at its go-forward perimeter.

The latest Cyber Security Breaches Survey makes for uncomfortable reading for UK businesses. According to the Government’s 2025/2026 report, 43% experienced a breach or attack in the last 12 months – that’s around 612,000 organisations. The findings also estimate approximately 5.19 million cybercrimes over the same period, while the proportion of breaches or attacks resulting in lost revenue or share value has more than doubled, rising from 2% to 5%.

On a surface level, the story is familiar – cyber attacks remain widespread, phishing continues to dominate and businesses are once again being urged to improve resilience. Experts have already described the findings as depressingly familiar, and it’s not difficult to see why. The numbers move slightly from year to year, but the underlying pattern remains largely unchanged, which is the real concern here.

After years of major incidents, boardroom briefings, regulatory warnings and national awareness campaigns, the UK is still stuck in a cycle where risk is recognised, but not consistently governed. Businesses know threat exists, but many still lack the ability to demonstrate, in a structured and reliable way, how that threat is being managed before something goes wrong.

Breach numbers only tell us what has already happened

A breach shows the visible outcome of decisions, controls, gaps and assumptions that existed long before the incident itself. By the time a breach appears in a survey, the more important questions have already been missed: Were the right controls in place and were they being reviewed? Was there clear ownership? The answers to these determine whether an organisation is genuinely resilient or simply fortunate.

The survey tells us a great deal about the scale of cybercrime and reveals too many companies are still measuring risk at the point of failure rather than at the point of control.

The governance gap is hiding in plain sight

Only 31% of businesses have board-level responsibility for cyber security, just 15% review the risks posed by their immediate suppliers and only 6% look at the wider supply chain. The survey also points to small businesses going backwards in some areas of basic preparedness.

Cyber security is still too often treated as a technical function, owned somewhere inside IT and discussed seriously only when an incident takes place. Yet most of the weaknesses exposed by modern incidents are structural, with no clear accountability, no consistent control framework, no live view of risk and no board-level visibility until they are already under pressure.

Small businesses face risk differently from large enterprises

Smaller businesses are often told to adopt better cyber hygiene. Whilst this advice is valid, it can also oversimplify the challenge. SMEs typically operate with less internal capacity, fewer dedicated roles, more informal processes and greater dependence on external suppliers, creating a very different kind risk profile from larger enterprises.

For many, cyber risk is managed through individual knowledge rather than institutional structure. One person knows where the policies are stored, one external provider understands the systems and one senior leader owns the customer assurance process, but that kind of system becomes fragile quickly.

The business needs clear visibility over the data it holds, the systems affected, the suppliers involved, the controls in place, what evidence exists and who is authorised to make decisions. If that information has not been organised in advance, incident response becomes slower and more expensive. This is where governance needs to become more practical.

Smaller organisations don’t need the same level of bureaucracy as global enterprises, but they do need a clear way to map risks, assign ownership, manage controls, maintain evidence and show progress over time. Without that, cyber resilience remains dependent on goodwill, memory and last-minute effort.

Supply chain risk is becoming the unanswered question

Modern companies rely on software providers, outsourced IT partners, consultants, payment systems, logistics platforms, cloud environments and data processors, which means cyber risk rarely sits neatly within the four walls of their organisation. A weakness in one supplier can quickly become a weakness in the business itself.

But as the survey shows, only a small minority of organisations are reviewing immediate supplier risk and even fewer are looking at the wider supply chain. Customers are already asking more detailed questions about security controls, investors are looking more closely at operational resilience, regulators are moving towards stronger expectations around supply chain accountability and insurers are becoming more interested in evidence. In that environment, “we trust the supplier” is not enough.

The Cyber Security and Resilience Bill will raise the evidence bar

The UK is moving away from a model where cyber security is largely treated as voluntary good practice and towards one where resilience must be demonstrated. The Bill is part of that shift.

Demonstrating that the right controls, oversight and processes were in place before a breach happened relies on evidence, ownership and current information. It requires cyber risk to be connected to compliance, operations, procurement and leadership.

This is where many organisations will feel the gap most sharply. They may be doing some of the right things, but if those activities are fragmented, undocumented or disconnected from recognised frameworks, they will struggle to prove it.

The real lesson is not more awareness, but more proof

The UK doesn’t have a cyber awareness problem in the traditional sense. Most business leaders understand that attacks can disrupt operations, damage trust and create financial loss.

But, businesses need to better understand which frameworks apply, which controls are in place, who owns them, when they were last reviewed and where the evidence sits. That means treating compliance as a live management discipline rather than a project that begins shortly before an audit or customer request. Frameworks such as ISO 27001, SOC 2 and Cyber Essentials are becoming more important because they give organisations a common structure for turning cyber intent into demonstrable control. They also help in moving away from reactive reassurance and towards evidence-led governance.

Why the numbers keep looking the same

The real value in the Cyber Security Breaches Survey is in showing why progress remains slow. Too many businesses are using an approach that creates the appearance of activity without the discipline of governance and, until that changes, the annual numbers will continue to look familiar.

To move ahead, businesses need to build the evidence first, connect controls to risk, bring suppliers into scope and give leadership a clear view of resilience before pressure hits. Compliance isn’t a report, it’s a posture – that’s what the latest survey is really telling us.