AI in cybersecurity is like a double-edged sword. While it aids in fraud detection and analysis, it also arms criminals with sophisticated tools for scams, making investigations increasingly complex.
The open accessibility of AI, including technologies like ChatGPT, has fueled a concerning surge in cybercrime, highlighted by a 427% increase in account takeover attacks early in 2023. This rise, driven by AI-enhanced social engineering, deepfakes, and malware, marks a significant shift in fraud trends, showcasing the democratization of fraud. Now, people with even a little tech know-how can easily conduct scams.
To tackle AI-driven crime effectively, it’s crucial to understand how criminals are using AI to commit crimes. Engaging in knowledge-sharing at prominent fraud conferences can be a powerful strategy, providing insights and techniques to stay ahead.
“To outsmart criminals, anti-fraud professionals must remain vigilant and innovative, leveraging continuous learning and the latest technologies.“
Top 3 Ways Criminals Use AI to Commit Fraud
Criminals are leveraging AI to enhance their operations with tools like WormGPT. This tool is very similar to ChatGPT but without ethical boundaries and is specifically utilized for phishing and generating malicious code.
This not only lowers the barrier for newcomers but also boosts the abilities of seasoned criminals, altering the digital crime landscape. Here are the ways criminals commit fraud using AI:
Creating Deepfakes for Impersonation and Public Manipulation
Criminals are increasingly using AI to create deepfakes, impersonating trusted figures through video or audio to launch sophisticated social engineering attacks. For example, an elderly couple almost fell for a scam when AI technology was employed to imitate their grandson’s voice, falsely claiming he needed bail money.
Beyond targeting individuals, deepfakes can manipulate social media narratives, potentially swaying public opinion. In a significant case, the New Hampshire Department of Justice investigated AI-generated robocalls that imitated President Biden’s voice to discourage voter participation in a primary election. This incident highlights deepfake technology’s potential to undermine democratic processes.
AI-driven Phishing Operations at Scale
In 2022, phishing emerged as the top-reported cybercrime, with AI technologies like wormGPT (similar to chatGPT but without ethical boundaries and limitations) or fraudGPT (open source model sold for malicious purposes) enhancing the sophistication and scale of these attacks.
FraudGPT is readily available and accessible on the dark web or Telegram for a relatively cheap price – a subscription fee of $200 per month or $1700 per year. This enables crafting more polished, personalized, and legitimate-looking phishing message copies easily, posing a significant threat across multiple sectors.
A fundamental flaw in some phishing attempts used to be poor spelling and grammar, which is now rectified by these AI chatbots. They can correct errors that trigger spam filters or alert human readers.
As per The Guardian’s expert report, Corey Thomas, chief executive of the US cybersecurity firm Rapid7, addressed this issue, stating:
“Every hacker can now use AI to deal with all misspellings and poor grammar.”
Spear-phishing, the term for emails that attempt to coax a specific target into divulging passwords or other sensitive information, is now easy to craft with these GPT models.
Must Read: The Ultimate Guide to Investigating Synthetic Identity Fraud: Decoding the Frankenstein IDs
Automated Password Cracking and Network Intrusions
By leveraging AI, cybercriminals can enhance their capabilities to guess passwords and crack security protocols. AI algorithms can rapidly generate and test password combinations or analyze leaked data for patterns, significantly reducing the time needed to breach accounts or networks.
An example includes the PassGAN system, which analyzes leaked passwords to generate high-quality guesses, significantly outperforming traditional tools like HashCat. PassGAN has the capability to decipher 51% of frequently utilized passwords in less than a minute, 65% within an hour, 71% within a day, and 81% over the course of a month.
This development indicates that AI-supported tools for cybercrime, such as sophisticated password cracking, are not only conceptual but already in use, demonstrating a notable advancement in malicious AI applications.
So, these are some of the highly observed AI applications to commit serious crimes. But as technology evolves, so do the tactics of fraudsters, making it crucial to stay abreast of both the latest criminal applications of AI and innovative countermeasures.
Outsmart AI Fraud: Start at the 2024 AI Training Summit
Heading for a massive $57.1 billion by 2033, the AI fraud management field is growing fast. It’s all about using AI to stop fraudsters. But, as Sun Tzu famously said:
“Know your enemy and know yourself, and you can fight a hundred battles without disaster.”
Understanding how these frauds happen is key to fighting them effectively. That’s where the 2024 AI Training Summit comes in.
This AI Training Summit is a must-attend for diving deep into the AI-enabled fraud landscape. You’ll get to know about the latest AI tools to detect fraud, how to use technology to check financial records, how to analyze data to spot fraud, and practical ways to use AI to prevent fraud. It’s a valuable opportunity to gain proficiency in deploying AI for advanced fraud detection with compliance.
Take advantage of the chance to connect with industry leaders and enhance your expertise. Spaces are filling up quickly, so register now to reserve your spot!