How Ai-driven Identify Fraud Is Causing Havoc

Scams

Deepfake fraud, synthetic identities, and AI-powered scams make personality theft harder to observe and forestall – here's really to conflict back

11 Feb 2025  •  , 4 min. read

Artificial intelligence (AI) is transforming our world successful ways some expected and unforeseen. For consumers, nan exertion intends much accurately personalized integer content, amended healthcare diagnostics, real-time connection translator to thief connected holiday, and generative AI assistants to heighten productivity astatine work. But AI is besides used to thief cybercriminals beryllium much productive, particularly erstwhile it comes to personality fraud – nan astir common fraud type today.

Over a 3rd of banking consequence and invention leaders successful nan UK, Spain and US cite their biggest situation today arsenic nan emergence of AI-generated fraud and deepfakes, making it nan number 1 answer. So really does AI-powered fraud activity and what tin you do to enactment safe?

How does AI-driven personality fraud work?

Identity fraud refers to nan usage of your personally identifiable accusation (PII) to perpetrate a crime, specified arsenic moving up in installments paper indebtedness successful your name, aliases accessing a slope aliases different account. According to one estimate, AI-driven fraud now accounts for complete two-fifths (43%) of each fraud attempts recorded by nan financial and payments sector. Nearly a 3rd (29%) of those attempts are thought to beryllium successful. So really is AI helping nan cybercriminals?

There are respective different strategies we tin highlight:

• Deepfake relationship takeovers (ATOs) and relationship creation: Scammers are utilizing deepfake audio and video likenesses of morganatic users to bypass nan Know Your Customer (KYC) checks utilized by financial services companies to verify customers are who they opportunity they are. An image aliases video of you is scraped from nan web and fed into a deepfake instrumentality aliases generative AI. It’s past inserted into nan information watercourse betwixt personification and work supplier successful alleged injection attacks designed to fool nan authentication systems. One study claims that deepfakes now relationship for a 4th (24%) of fraudulent attempts to walk motion-based biometrics checks and 5% of fixed selfie-based checks.
• Document forgeries: There was a clip erstwhile fraudsters utilized beingness archive forgeries, specified arsenic faked passport pages, to unfastened caller accounts successful nan names of unassuming victims. However, they’re much apt coming to do truthful digitally. According to this report, integer forgeries relationship for complete 57% of each archive fraud – a 244% yearly increase. Scammers will typically entree archive templates online aliases download archive images stolen successful information breaches and past change nan specifications successful Photoshop. Generative AI (GenAI) devices are helping them to do this astatine velocity and scale.
• Synthetic fraud: This is wherever scammers either create caller identities by combining existent (stolen) and made-up PII to shape a wholly caller (synthetic) identity, aliases create a caller personality utilizing conscionable fabricated data. This is past utilized to unfastened caller accounts pinch banks and in installments paper firms, for example. Document forgeries and deepfakes tin beryllium mixed pinch these identities to summation nan fraudsters’ chances of success. According to 1 report, 76% of US fraud and consequence professionals deliberation their statement has synthetic customers. They estimate that this type of fraud has surged 17% annually.
• Deepfakes that instrumentality friends and family: Sometimes, clone video aliases audio tin beryllium utilized successful scams that instrumentality moreover loved ones. One maneuver is virtual kidnapping, wherever relatives person a telephone telephone from a threat character claiming to person kidnapped you. They play a deepfake audio of your sound for impervious and past request a ransom. GenAI tin besides utilized successful these efforts to thief nan scammers root a apt victim. ESET Global Security Advisor Jake Moore gave a sensation of what is presently imaginable here and here.
• Credential stuffing (for ATO): Credential stuffing involves nan usage of stolen log-ins successful automated attempts to entree different accounts for which you whitethorn person utilized nan aforesaid username and password. AI-powered devices could quickly make these credential lists from aggregate sources of data, helping to standard attacks. And they could besides beryllium utilized to accurately mimic quality behaviour while logging in, successful bid to instrumentality protect filters.

What’s nan effect of AI-based fraud?

Fraud is acold from a victimless crime. In fact, AI-powered fraud can:

• Cause awesome affectional distress for nan individual that’s defrauded. One report claims that 16% of victims contemplated termination arsenic a consequence of an personality crime
• Make scams much apt to succeed, eating into profits, which forces companies to put their prices up for everyone
• Impact nan nationalist economy. Lower profits mean little taxation receipts, which successful move mean little rate to walk connected nationalist services
• Undermine nationalist assurance successful nan norm of rule and moreover democracy
• Undermine business confidence, perchance starring to little levels of finance into nan country

How to support your personality safe from AI-driven fraud

To combat nan violative usage of AI against them, organizations are progressively turning to protect AI devices to spot nan tell-tale signs of fraud. But what tin you do? Perhaps nan astir effective strategy is to minimize opportunities for threat actors to get your PII and audio/video information successful nan first place. That means:

• Don’t overshare accusation connected societal media and restrict your privateness settings
• Be phishing aware: cheque sender domains, look for typos and grammatical mistakes, and ne'er click connected links aliases unfastened attachments successful unsolicited emails
• Turn connected multifactor-authentication (MFA) connected each accounts
• Always usage strong, unsocial passwords stored successful a password manager
• Keep package up to day connected each laptops and mobile devices
• Keeping a adjacent oculus connected slope and paper accounts, regularly checking for suspicious activity and freezing accounts instantly if thing doesn’t look right
• Install multi-layered information package from a reputable vendor connected each devices

Also see staying alert of nan latest AI-powered fraud strategies and educating friends and family astir deepfakes and AI fraud.

AI-driven fraud attacks will only proceed to turn arsenic nan exertion gets cheaper and much effective. As this caller cyber-arms title plays retired betwixt firm web defenders and their adversaries, it’s consumers that will beryllium caught successful nan middle. Make judge you’re not next.