- Generative AI has fundamentally changed cybercrime. It is no longer just about technical exploits but has shifted to hyper-personalized, scalable, and psychologically manipulative fraud.
- The scale of financial losses is unprecedented. The 2024 Internet Crime Report from the FBI documented over $18.8 billion in losses in the U.S., a 33% increase from the prior year.
- AI makes cybercrime more powerful. Generative AI is not a simple improvement for malicious actors; it represents a new security paradigm that enables them to orchestrate attacks at a significantly higher level.
- Traditional defences are becoming obsolete. Old-school defence mechanisms are no longer effective against AI-generated threats, which require a new, proactive, and multi-layered defence strategy.
- Purely technological defence is insufficient. To combat AI-driven threats, technology must be paired with human vigilance and robust verification protocols to counter the psychological manipulation that AI enables.
- Cybercrime has become a significant economic force. Financial and human costs are significant, with losses in 2024 projected to hit $9.5 trillion. This figure would rank as the world’s third-largest economy, behind only the U.S. and China.
- AI is also used defensively to combat scams: Cybersecurity firms deploy AI for faster detection and prevention, while dating sites utilize AI moderators to identify fake profiles. Reporting cyber threats helps protect others and enhances collective security.
Defensive measures can help protect your financial security.
If you do not take protective measures, you are taking a huge risk of being defrauded. Most financial institutions will not compensate you for fraud losses. It is becoming increasingly important for everyone to set aside time to strengthen their financial security, given the misuse of Artificial Intelligence (AI) by criminals. How to do this:
- Change your password regularly, at least quarterly. Avoid using short codes such as strings of numbers. Consider using a line from a poem, a movie, or a book – then insert with special characters, using 15-20 characters, for example: To@BeorNoto1tobe!
- Consider using a password manager, such as LastPass, to store passphrases, as viruses can intercept keystrokes to track our typing, which a password manager circumvents.
- Enable two-factor authentication (2FA). This adds a second layer of security, typically by sending a code to your device. This needs to be received on a separate platform, such as on your phone, when using your desktop computer. Alternatively, an authentication app may be used if offered by your financial institution.
- Bank fraud doesn’t necessarily happen through hacking. Scammers often manipulate people into handing over information, using emails, phone calls, or deepfake advertising (an example is a Facebook advertisement where AI mimics Oprah talking about a weight loss herb that sells 6 bottles for $300 US). If you realize that you have been defrauded, quickly call your financial institution.
- Fraudsters use what is called Spoofing: They make it appear as though they’re calling from your bank, then ask you to confirm details like your login credentials or account number to “prevent fraud.” They might also ask you to share a “one-time passcode” sent to your phone. Many of these scammers call you at dinnertime, assuming you’re busy doing something else, or when your bank branch is closed. They play with your emotions and your instincts. If a scammer obtains your account information, they can transfer thousands of dollars from your account.
- Avoid using public wi-fi for banking. Hackers use a man-in-the-middle attack to intercept your connection, then copy your login credentials.
Sources: RBC, CBC, Malwarebytes, MS Defender