AI-driven scams are rapidly evolving as cybercriminals capitalize on new technologies to target unsuspecting victims, according to Microsoft’s latest Cyber Signals report. Over the past year, Microsoft claims to have thwarted $4 billion in fraud attempts, blocking around 1.6 million bot sign-up attempts each hour, highlighting the scale of this growing issue. The report, titled “AI-powered deception: Emerging fraud threats and countermeasures,” shows how artificial intelligence has significantly lowered the barriers for entry into cybercrime.
Scammers who previously required extensive technical skills can now create sophisticated scams with minimal effort, reducing the time required from days or weeks to just minutes. This democratization of fraud capabilities marks a significant change in the criminal landscape, affecting consumers and businesses globally. One of the key findings of the report is the utilization of AI tools to gather detailed information about companies, enabling cybercriminals to execute more convincing social engineering attacks.
Tactics include using AI-generated product reviews and fake storefronts complete with fabricated histories and testimonials. Kelly Bissell, Corporate Vice President of Anti-Fraud and Product Abuse at Microsoft Security, emphasizes the growing threat, indicating that cybercrime has become a trillion-dollar industry, increasing annually for the last 30 years. Particularly alarming areas of concern include e-commerce and job recruitment scams.
Fraudulent websites are easily created using AI, often mimicking legitimate businesses and employing AI-generated content to deceive consumers. Job seekers also face risks, as scammers leverage generative AI to produce fake job listings and phishing emails. Red flags like unsolicited job offers and requests for personal information should alert applicants to potential fraud.
In response to these threats, Microsoft has implemented a comprehensive strategy that includes threat protection across its services and features like website typo protection in Microsoft Edge. New fraud prevention policies ensure that Microsoft products are designed to be resistant to fraud from inception. Microsoft advises users to remain vigilant—carefully checking website legitimacy and refraining from sharing personal information with unverified sources.
Companies are encouraged to adopt multi-factor authentication and deepfake detection technologies to mitigate risk further.