Transmit Security report reveals rise in AI-driven fraud scams
A newly released report by Transmit Security sheds light on the use of generative AI (GenAI) by fraudsters to carry out sophisticated fraud campaigns. The report, titled "The GenAI-Fueled Threat Landscape: A Dark Web Report by the Transmit Security Research Lab," is the result of an in-depth investigation by the company's team of fraud analysts. The findings highlight significant changes in dark web marketplaces and fraud tools since the emergence of ChatGPT.
The report emphasises the proliferation of blackhat GenAI platforms such as FraudGPT and WormGPT, which are easily accessible and require minimal skills to use. These tools enable even novice fraudsters to execute advanced attacks with remarkable speed and scale. Richard Metcalfe, Regional Vice President for Asia Pacific and Japan at Transmit Security, stressed the necessity of a unified approach to effectively combat these emerging threats.
"The AT&T breach underscores the critical need for a unified approach to customer identity, identity verification, and fraud prevention," said Metcalfe. He added, "By removing silos and maintaining a contextual view of the customer throughout their entire journey, financial institutions can significantly reduce gaps and vulnerabilities, and increase the detection and prevention of these scams."
The report outlines various capabilities of GenAI tools that have transformed the landscape of cyber fraud. One key capability is automated penetration testing, which enables fraudsters to quickly identify and exploit vulnerabilities in enterprise systems. Another is the creation of synthetic identities; using GenAI, fraudsters can generate high-quality fake IDs that often bypass existing security checks, including AI-driven identity verification systems.
Dark web marketplaces, as noted in the report, provide a robust ecosystem for these fraudulent activities. Services ranging from Remote Desktop Protocols (RDPs) to credit card checkers are easily available, supported by high seller ratings and escrow services to guarantee product efficacy. Such platforms enhance the deception capabilities of fraudsters by providing comprehensive tools and services that aid in carrying out sophisticated fraud campaigns.
Additionally, the report highlights the increasing use of deepfake technologies for both video and voice to deceive victims and evade authentication systems. These technologies create realistic deceptions that make it even harder for organisations to detect fraudulent activities.
David Mahdi, Chief Identity Officer at Transmit Security, pointed out the collaboration among fraudsters as a significant challenge. "Fraudsters are doing a much better job working together as a community, collaborating and sharing information on GenAI tools and techniques," said Mahdi. This collaborative approach among cybercriminals makes it essential for IT leaders to stay informed and leverage advanced technologies to remain ahead of these threats.
Instances of sophisticated scams and fraud cases have been on the rise in regions like Australia and New Zealand. According to the Australian Payment Fraud Report, there was a 35.6% increase in fraud on payment cards in the 12 months leading up to June 2023, costing AUD $677.5 million. Similarly, the New Zealand banking ombudsman highlighted an increase in unauthorised payment scam cases during Fraud Awareness Week, with annual losses exceeding NZD $200 million. These fraudsters employ advanced tools to create more realistic and convincing attacks, which were previously challenging to execute.
To strengthen security measures, Transmit Security recommends that organisations implement converged fraud prevention, identity verification, and customer identity management services powered by GenAI, AI, and machine learning. A comprehensive and unified defence strategy is essential for eliminating data silos, closing security gaps, and ensuring the accurate and swift detection of today's advanced fraud schemes.
Transmit Security's report presents valuable insights into the current threat landscape and provides recommendations for mitigating these risks. For a more detailed understanding, the full report "The GenAI-Fueled Threat Landscape: A Dark Web Research Report by Transmit Security" is available for further reading.