Skip to Main Content
Online Access

Online Access

BankSouth offers immediate and easy access to your mobile and online banking. You can also apply for and review your ReadyLoan mortgage application.

Learn More

Banking Resources

Banking Resources

Every financial situation is unique. Explore our many resources available to you to make wise decisions when it comes to managing your money.

Be Smart With Money

Mortgage

Mortgage

For over ten years, BankSouth has helped thousands of families finance their homes.  We know how daunting this may be, but we take the worry and hassle out of the process.

Learn MoreStart Your Application

Cracking the Code: Understanding AI-Powered Fraud and How to Stay Vigilant

May 2, 2023 Personal
how artificial intelligence is affecting fraud

As technology continues to advance, so do the methods that scammers use to commit fraud. With the rise of artificial intelligence (AI), fraudsters are now leveraging AI and machine learning to perpetrate new types of scams, characterized by their sophistication, speed, and scalability. AI-powered fraud is a rising threat that has the potential to cause significant financial loss, reputational damage and privacy breaches. Read on as we explore AI-powered fraud including the various types of fraud, the dangers as well as the best practices for staying vigilant against it.

AI-powered fraud refers to scams facilitated by the use of artificial intelligence (AI) and machine learning. Scammers are leveraging AI to automate various aspects of their scams, such as generating fake identities, impersonating individuals and crafting targeted phishing emails. AI-powered fraud is a growing trend and has become a critical concern for individuals and businesses. Staying aware and informed about this type of fraud is crucial to protecting oneself and combating this rising threat.

Understanding AI-Powered Fraud

Fraudsters are using AI and machine learning to perform various tasks related to fraud, such as automating phishing scams and crafting fake news articles. AI-powered fraud encompasses several different types of scams such as deepfakes, social engineering, phone scams and phishing attacks.

Deepfakes

what are deepfakes and their riseA deepfake, or media scam, is a highly realistic manipulated video, audio or image that depicts a person or event that never occurred. Deepfakes use a combination of artificial intelligence and machine learning techniques to generate convincing impersonations of individuals and make fictional events appear real. Deepfakes are created by training algorithms on large datasets of pictures of a particular individual, teaching the AI to learn and recognize the nuances of the individual’s facial expressions, voice, and mannerisms. Then, the AI can manipulate videos or audio by swapping faces or voices in a highly realistic way. This technique allows fraudsters to create convincing impersonations of individuals, making it difficult to distinguish a real video or audio clip from a fake one. The danger of deepfakes is that they can be used for identity theft, propaganda or damaging someone’s reputation, and are therefore a growing concern in the age of AI. They also present an enormous challenge to the credibility of visual and audio media as it is becoming increasingly harder to distinguish a real audio or video clip from a fake one. Deepfake examples include:

  • Political deepfakes: Deepfakes can be used to create fake videos or images of political candidates, altering their statements, and presenting them in a negative light. This manipulation can create confusion among voters and undermine the legitimacy of the election results. Deepfakes can also be used to spread false information, fabricate stories or events, and create conflicts or tensions among different groups of voters. This can lead to polarization and social unrest, fracturing the trust and cohesion of a society.
  • Celebrities and entertainment: Deepfake technology has been used to create fake celebrity videos or to insert celebrities’ faces into inappropriate or compromising situations in existing videos. For example, a deepfake video of actor Tom Cruise went viral on TikTok, showing him performing activities that he never actually did.
  • Fraudulent activities: In a classic example of deepfake fraud, criminals can create realistic videos or audio of executives or managers and use the deepfakes to request unusual financial transactions. An example of this includes a case of deepfake fraud from back in 2019 where an unnamed UK-based energy firm lost $243,000 due to fake audio of their CEO asking for a transfer.

Social Engineering

examples of social engineering fraudSocial engineering is a method of manipulating people to gain confidential information or unauthorized access to systems or data. Social engineering scammers prey on human behavior and emotions, using psychological tricks to convince individuals to take certain actions or reveal confidential information. This can include impersonating a trusted individual or organization or creating a sense of urgency to prompt individuals to take quick action without stopping to think about the consequences. These scams can be perpetrated both online and offline, and they can be highly sophisticated and targeted. Social engineering depends on the scammers ability to establish trust and gain access to sensitive information or resources. Therefore, it’s important to stay informed about the latest social engineering tactics so that you can identify and avoid them. Here is a list of social engineering scams to be on the watch for.

Phishing attacks

Phishing attacks are a type of social engineering scam where fraudsters trick people into revealing sensitive information, such as login credentials, credit card numbers or personal identification details. Phishing attacks typically involve sending fraudulent emails or text messages that appear to be from a legitimate source, such as a bank or social media platform. The emails or messages often contain urgent requests or warnings to encourage the victim to click on a malicious link or download an attachment that contains malware. The fraudster then uses the obtained information for financial gain or identity theft. There are numerous types of phishing attacks.

  • Email phishing: Email phishing is the most common type of phishing attack, where scammers send emails that appear to be from a legitimate source, such as banks or government agencies. These emails usually contain a link to a fake website that looks like the real one, where the victim is prompted to enter sensitive information.
  • Spear phishing: Spear phishing is a targeted type of phishing attack. Attackers gather information about the victim, such as their name or business, to personalize the attack. The email appears to be from someone the victim knows, such as a colleague or manager, making it more likely that the victim will respond.
  • Whaling: Whaling is a type of spear phishing that targets high-level executives or upper management. The phishing email is personalized and crafted to appear as an important message from a C-level executive, such as the CEO or CFO, urging the target to take immediate action.
  • Smishing: Smishing is a type of phishing attack that uses SMS or text messages. The message contains a link or phone number that the victim is encouraged to call or click, which leads to a fake website where sensitive information is collected.
  • Vishing: Vishing, or voice phishing, is a type of phishing attack that takes place over the phone. The attacker pretends to be someone from a trustworthy organization, such as a bank or tech support, and tries to trick the victim into revealing personal information.

Phone Scams

the different type of phone scams to be aware ofPhone scams are a type of social engineering scam that occurs over the phone. The fraudster may contact an individual and pretend to be someone they are not, such as a bank officer or a government representative, in order to gain their trust and access to their sensitive information. Phone scams can have many variations, but some of the most common types include:

  • Impersonation scams: The fraudster calls the victim and poses as an employee from a bank or a government agency. They will often provide a fake name, ID and badge number to appear trustworthy. They’ll then ask for sensitive information, such as personal identification details, bank account numbers, or Social Security numbers.
  • Tech support scams: The fraudster poses as a technical support agent from a well-known company, such as Microsoft or Apple. They claim that the victim’s computer has a virus or other issue, and they need remote access to the computer to fix the problem. In reality, the fraudster is installing malware on the victim’s computer to collect sensitive information.
  • Prize scams: The fraudster calls the victim and tells them that they have won a prize or a lottery. The victim is then asked to provide personal information or to pay fees in order to receive their prize. In reality, there is no prize, and the fraudster is trying to obtain the victim’s personal information or money.
  • Advanced Voice Recording Technology: Scammers are using advanced voice recording technology to initiate calls to gather an individual’s voice recording to use it later to call the victim’s friends and family members to scam them into sending money. The scammers pretend to be a bank or government agency representative and ask for personal information, threaten legal action for unpaid debts or pretend to be a family member or friend in distress. This is all done by a thief using a voice clone. To protect oneself from this scam, individuals must be cautious and suspicious of unsolicited calls, avoid disclosing personal information over the phone, and verify the identity and legitimacy of the caller before transferring any money.

Pretexting

Pretexting is where a person poses as a trusted source to obtain sensitive information, such as account numbers or passwords. This usually takes place over the phone, where the attacker pretends to be from a seemingly legitimate company and tries to trick the user into revealing the information.

Baiting

Baiting involves offering something desirable to lure in the victim, such as a free software or movie download. The content usually contains malware, which can be used to steal sensitive data.

AI is utilized for social engineering by enabling fraudsters to generate targeted and personalized phishing emails and messages that are more convincing to the intended victims. AI algorithms can use machine learning and natural language processing techniques to analyze vast amounts of data, such as social media profiles, online purchasing history, and other personal information, to create a detailed profile of the victim. Based on this profile, the AI can generate a tailored message designed to elicit a specific response, such as revealing sensitive information or downloading a malware-infected attachment. AI can also automate these messages, allowing fraudsters to target thousands of potential victims at once.

Furthermore, AI makes it easier to impersonate trusted sources, such as a bank or a reputable organization, by mimicking their voice or communication style. This personalized and realistic approach makes social engineering attacks more successful, making it harder to detect and prevent these types of attacks.

The Dangers of AI-Powered Fraud

​​AI-powered fraud is becoming more sophisticated and challenging to detect and prevent due to the advanced algorithms and machine learning techniques being used by fraudsters. These algorithms make it easier for the scammers to generate deepfakes and create convincing impersonations, making it hard for traditional fraud detection systems to differentiate between real and fraudulent activity. Fraudsters can also use AI to quickly adapt their scams to defend against anti-fraud measures, further complicating fraud detection and prevention. This, coupled with the ability to automate fraud activities, makes AI-powered fraud very dangerous. It continues to be a pervasive problem, and stakeholders must strive to stay ahead of emerging trends by implementing robust systems and human-led reviews to detect and prevent these scams.

Staying Vigilant Against AI-Powered Fraud

Staying vigilant against AI-powered fraud requires a combination of best practices, including education, authentication, and monitoring. Individuals must be aware of the risks and techniques used by scammers to avoid falling prey to their deception. As a simple rule of thumb, individuals should be cautious of unsolicited communications, suspicious links, and requests for personal information. Implementing robust authentication and verification processes, including two-factor authentication and biometric authentication, can help prevent account takeover and identity theft. Monitoring and analyzing data for suspicious patterns or anomalies can help organizations detect fraudulent activity in real-time.

If interested in more specific recommendations for avoiding scams, read on as we provide our top tips for avoiding each type of fraud explained above.

Identifying and Avoiding Deepfake Scams

how to identify and avoid deepfake scamsThis can be a challenging task but here are some steps that can be taken to avoid falling victim.

  1. Look for visual or audio inconsistencies: Deepfakes often contain small visual or audio inconsistencies that the human eye can detect. Look and listen for indications of abnormal blinking, slight unnatural movements or distortions, or mismatches between lip movements and spoken words.
  2. Check the source: Be sure to check the original source of any video or audio content. Always verify content that comes from unofficial or unverified sources, as these sources may be more prone to deepfakes.
  3. Monitor news and media outlets: Stay well-informed about deepfake video technology by closely monitoring news outlets and statements from politicians or influential public figures about deepfake technology.
  4. Use deepfake-detection tools: Various deepfake-detection tools like Deeptrace, Sensity, and others are available online to help detect and identify deepfake videos or images.

By following these steps, you can help identify and avoid deepfake scams. However, it is important to remember that technology is always evolving, and new techniques and tactics may be developed by fraudsters at any time. Therefore, it is important to stay informed and be vigilant to these potential threats.

Tips to Identify and Protect Yourself from Social Engineering Scams

how to stay protected from social engineering scamsBe wary of unsolicited contacts: Scrutinize all unsolicited messages, emails, or phone calls that ask for personal information or direct you to click on links.

  • Verify information sources: Verify the authenticity of information sources by reviewing official websites, calling a reputable number or by contacting customer service directly. Even if someone that sounds familiar is requesting information or money, ask to call them back using a number you have stored for them as a method for verifying their identity.
  • Avoid clicking on links: Do not click on links in emails, messages or social media from unverified sources, as these may lead to phishing sites or malware.
  • Use strong passwords: Use strong passwords, and enable two-factor authentication on sensitive accounts as an additional security measure.
  • Be cautious of sharing personal information: Avoid sharing personal information such as bank account number, social security number, and other personally identifiable information to unverified sources.
  • Stay updated: Stay updated regarding the latest phishing techniques and social engineering scams by regularly checking credible news sources or following relevant anti-fraud agencies.

By staying vigilant and following these guidelines, you can avoid becoming a victim of social engineering scams. Additionally, it’s recommended to educate family, friends, and coworkers about these types of scams, help them recognize the signs, and encourage them to be equally cautious.

AI-powered fraud is a real and growing threat that demands our attention and effort to combat. The rise of AI-powered scams has made scammers more sophisticated in their tactics and as a result, traditional countermeasures may no longer suffice to detect and prevent them. Staying informed, vigilant, and updated on emerging trends and adopting a collective effort in preventing and reporting fraud can significantly reduce the risks of falling prey to AI-powered scams. With the right education, training, and measures in place, we can protect ourselves and our organizations from financial loss, reputational damage, and privacy violations while harnessing the potential benefits of AI.

We at BankSouth encourage everyone to be proactive in staying ahead of the curve when it comes to AI-powered fraud, and together, we can work towards a safer digital future! In our help section, you can also find additional resources for avoiding scams, how to report scams, and scams that have been recently attempted against our customers.

Recent Posts

View our latest news and get the latest industry updates on our blog.

image of someone holding a phone in front of a computer
Staying Ahead of Cybersecurity Threats in 2024 As we observe Cybersecurity Awareness Month this October, it’s time to evaluate the evolving threats that individuals and businesses face daily. In the digital age, protecting sensitive data isn’t just a responsibility for...
Jim Bedsole, retired Chief Compliance and Risk Officer of BankSouth.
Honoring Jim Bedsole’s Remarkable Career in Compliance and Risk Management Jim Bedsole, recently retired Chief Compliance & Risk Officer at BankSouth, has left an indelible mark on the banking industry. With over 38 years of dedicated service, including a  decade...
david west of banksouth talks about banking cybersecurity
How Community Banks Keep Your Data Private  Banking is easier than ever these days with the convenience of online and mobile banking. With that comes the risk of your data being compromised as cybercriminals are becoming increasingly sophisticated. This is...