Every few years our industry rediscovers the same debate: should fraud and cybersecurity teams actually sit together?

And honestly, usually both sides hate the idea immediately.

Not because they dislike each other. Mostly because both teams are already overwhelmed and nobody wants another meeting.

But over the last couple of years, something changed.

The signals started converging.

Credential stuffing became account takeover. Account takeover became fraud. Fraud became phishing. Phishing became invoice fraud and ACH fraud. And suddenly the same security telemetry that detects compromised infrastructure also helps identify fraudulent users before they ever reach checkout.

That is where things start getting weird.

In this episode, I sat down with Cy Khormaee, who helped build Recaptcha at Google and now runs Aegis AI, to talk about why AI phishing detection is forcing fraud and cybersecurity teams closer together whether they like it or not.

And honestly, once you realize the same behavioral signals can stop both account takeover and payment fraud detection, the organizational separation starts feeling a little artificial.

We get into AI email security, AI-powered fraud, fraudster ROI, upstream fraud detection, and why modern attackers are moving faster than most enterprise security stacks were designed for.

Also, I learned that Google literally tracked the market price of breaking CAPTCHA systems like a stock ticker.

Which honestly feels extremely fraud-brained.

• A practical look at why fraud and cybersecurity teams are starting to share the same signals
• How credential stuffing and account takeover pushed security tools into fraud prevention use cases
• Why AI phishing detection depends on more than static email rules or reputation checks
• How AI email security is changing as attackers use AI to generate more targeted phishing attacks
• Where invoice fraud, ACH fraud, and accounts payable fraud sit between security and fraud operations
• Why security telemetry and fraud telemetry become more useful when teams connect the full user journey
• How Recaptcha evolved from image puzzles into behavioral detection and fraud prevention infrastructure
• Why “good people leave tracks” still applies across both fraud and security signals
• How upstream fraud detection helps stop problems before money leaves the platform
• Why fraudster ROI is one of the most useful ways to think about modern defense
• What teams should ask vendors before buying AI-powered fraud or AI security tools

Expect a conversation about tools, signals, attacker economics, and the awkward reality that fraud and security may already be converging, whether the org chart admits it or not.

• Fraud leaders and fraud analysts
• Cybersecurity professionals
• Trust and safety teams
• FinTech fraud prevention teams
• Email security teams
• Accounts payable and payment risk teams
• Teams evaluating AI phishing detection or AI email security vendors
• Anyone working on credential stuffing, account takeover, invoice fraud, ACH fraud, or upstream fraud detection

Basically, if your fraud team and cybersecurity team only meet during incident review, this one may be worth playing in both rooms.