AI is a tool that has accelerated significantly over the last couple of years, finding applications in nearly every sector of life—from mundane tasks to groundbreaking technological advancements. Given this widespread integration, it was only a matter of time before the usage of AI infiltrated one of the most basic human endeavors, i.e. scamming.
Understanding the AI Scamming Landscape.
Scammers throughout history have always adapted to the latest technologies, and AI is no exception. By leveraging machine learning, natural language processing, and data analytics, fraudsters can craft more convincing scams that target individuals and organizations alike.
A research conducted by F. Heiding, B. Schneier, A. Vishwanath, J. Bernstein and P. S. Park established that more than half of the participants fell victim to AI-automated phishing. The success rate was more or less equivalent to that of expert produced ones, and with the use of LLMs the quantity and quality of phishing attempts have drastically improved. That goes to show that the threat of being taken advantage of by criminals is only going to rise with technological advancements and breakthroughs.
Phishing, of course, is not the only way that AI can be used to take advantage of people, perpetrators might use deepfakes, voice cloning, fake customer service chatbots to extract information out of you, or ask you to perform certain tasks, like wiring money to some foreign account, so you should always be on the lookout for potential impersonations of your family, friends or your workplace staff.
For example, earlier this year a finance worker at a multinational firm in Hong Kong was tricked by scamers using deepfake technology into transferring $25 million. The scammers posed as the company’s chief financial officer during a video conference, with all participants being deepfake recreations.
But what can we do to protect ourselves from these scams, you may ask? Well, there are plenty of options to consider. Granted, some of them are better than others, but nevertheless, I shall try to give you some perspective so that you can choose what works best for you.
Combatting AI-Driven Scams
- Code/Safe words. The concept behind this idea is that when an AI-infused phone call or message asks you for a favor, like sending money or providing certain information, you should ask for a passcode that you previously set up with that person to verify their identity. I find this solution to be quite dubious due to the lengths you would have to go through to set up a passcode with everyone you know. Moreover, to avoid this whole ordeal, you could simply ask a very specific question that only you and that person know the answer to, like the name of the bar you two always go to.
- Be Cautious with Links and Attachments. Hover over links to see where they lead before clicking. Avoid opening attachments from unknown or suspicious sources.
- Use Multi-Factor Authentication (MFA). Add Layers of Security: Enable MFA on your accounts to add an extra layer of protection. This makes it harder for scammers to gain access even if they have your password.
- Limit Personal Information Online. Be cautious with sharing. Reduce the amount of personal information you share on social media. Scammers often use this information to craft convincing messages.
References:
- AI Will Increase the Quantity — and Quality — of Phishing Scams – HBR
- Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’ – CNN
- Defend Yourself against AI Impostor Scams with a Safe Word – Scientific American
- AI-powered scams and what you can do about them – TechCrunch
- Tips on Artificial Intelligence Scams – DCWP
AI engine used: Chat GPT-4o