Next-level scammers move into the AI realm
William Ton |
Australia’s organised criminals are harnessing increasingly powerful artificial intelligence tools to create elaborate scams.
Whether it’s a fake phone call using audio grabs of Queensland Premier Steven Miles to persuade someone to invest in cryptocurrency or a video meeting where everyone on the call is a deepfake demanding the transfer of millions of dollars, scams are increasingly hard to spot.
Bad actors are taking things to the next level, stitching together digital sound bites and online video to give their ploys additional credibility, according to forensics expert Stan Gallo from accounting firm BDO.
“Gone are the days of questionable emails with broken English that are really poorly put together,” he says.
“Now they’re much more refined, they make much more sense and they’re far more convincing.”
As in the Miles ruse, where crooks can replicate speech in a seconds-short call urging the victim back to text messaging, Mr Gallo says a familiar voice is more effective in catching people out.
“It’s not advanced enough to have a long ongoing conversation, hence the voice is used to try and give it credibility and then direct the person back to text because that’s a much easier proposition,” he explains.
Criminals are embracing AI, exchanging information on how to leverage it and sharing tips to dodge safety and ethical boundaries to create their own models, according to BDO’s latest Scam Culture Report.
While industry and governments grapple with regulating the technology, Mr Gallo believes they’re always going to be one step behind the crims.
“We’re seeing a rise in the use of AI in scams,” he says.
“It’s not yet prolific but I think that will come.”
Investment scams led way in the March quarter despite a decline in total losses but an increase in job and employment cons demonstrates the responsiveness by criminals to conditions, according to the report.
Older Australians with access to money but who are less than tech savvy are the prime target but younger people lacking awareness of scams are also at risk.
Scamwatch has received fewer than five reports nationally since 2022 involving AI cloning voice and video.
But it continues to see growing sophistication in scam approaches with the emergence of new technologies, a National Anti-Scam Centre spokesman says.
“We have received reports of scammers employing AI in the form of chatbots on social media,” he says.
“This is primarily occurring in relation to job scams and investment scams.
“The bots are used to give the impression many other real people are interested in the product and are receiving financial benefit from the scam.”
AI presents risks allowing malicious actors to produce low effort, high quality material for phishing attacks but also opportunities to help defend against cyber attacks, says an Australian Signals Directorates spokesman.
Australians lost over $77 million from more than 67,000 reported scams in the March quarter, down from the $80 million lost in the previous quarter, the report found.
“Australia has been pushing very hard to raise awareness and the amount of funds lost came down, so people may be starting to respond to that,” Mr Gallo says.
“Text messaging is still the widest reach for scammers so in terms of targeting, it’s still a scattergun approach because they can hit a rut of people.”
About nine in 10 Australians believe scams are becoming more sophisticated and anyone can become a victim no matter how careful they are, according to Consumer Action Law Centre polling.
Three in four people expect banks to keep their money safe from criminal scammers but if they fail to, to also be liable to return losses to their accounts.
The centre has demanded the government change the law to require banks to reimburse victims.
“People are more likely to directly authorise payments to scams and when you authorise something, it is much easier for your financial institution to say they have no liability for your loss,” says policy officer Rose Bruce-Smith.
“It’s the only way to incentivise banks to prevent scams occurring on their platforms.”
The Australian Banking Association argues others in the scam chain, including telcos, should bear some brunt.
In August, they launched a $100 million system to allow people to confirm who they are transferring money to as part of a suite of safeguards.
AAP