The New Face of Banking Scams:
How Scammers Are Using AI to Target You
At some point most of us would have received a traditional banking scam,
such as phishing email, fake text or a fake website.
These scams often pose as a legitimate entity such as your bank and trick victims into divulging sensitive information, such as bank account details or login credentials (read more about these scams in some of our previous blogs).
AI has significantly enhanced the capabilities of scammers, allowing them to create more convincing and personalised scams. For example, AI is being used to process large datasets to identify those who are more likely to become potential victims and tailor scams to their specific interests and behaviours. AI-powered chatbots can also simulate human conversation without the time and effort normally required.
- Personalised Scams: AI can analyse data from social media, public records, and previous scams to create personalised messages that appear more convincing to the target. This can be as simple as referencing our name or significant dates.
- Chatbots and Voice Synthesis: Scammers can use AI-powered chatbots to interact with victims, answering questions and providing information to make the scam seem more legitimate. Voice synthesis technology can mimic the voice of a legitimate business or organisation in phone scams. Make sure you are always calling your bank directly!
- Targeted Social Engineering: AI can analyse large amounts of data to identify potential victims who are more likely to fall for a scam, allowing scammers to target their efforts more effectively.
- Fraud Detection Evasion: AI can be used to create sophisticated fraud detection evasion techniques, such as generating fake transactions or altering transaction data to avoid detection. Though banks in Australia are doing their best to react and shut down scams, this is proving more difficult thanks to AI.
- Credential Stuffing Attacks: AI can be used to automate the process of trying stolen login credentials across multiple websites and services, increasing the chances of successful account takeovers.
- Phishing Scams: AI can generate phishing emails that are tailored to the recipient’s interests, making them more likely to click on malicious links or provide personal information. It may even look like an email you have received previously from your bank!
- Social Media Manipulation: AI can be used to create fake social media accounts that appear to be legitimate, allowing scammers to gather information about potential victims or spread misinformation. You financial institution will never ask for personal details or start a personal conversation on social media.
- Stay Informed: Stay up-to-date with the latest scam tactics and educate yourself on how to recognise and avoid them.
- Use Strong, Unique Passwords: Use strong, unique passwords for your online accounts and enable two-factor authentication where possible.
- Be Wary of Unsolicited Communications: Be cautious of emails, phone calls, or messages from unknown sources asking for personal or financial information.
- Verify Requests for Information: Verify the legitimacy of requests for sensitive information by contacting the organisation directly using a trusted contact method.
- Monitor Your Accounts Regularly: Regularly check your bank statements and account activity for any unauthorised transactions.
- Keep Software Updated: Keep your devices and software up-to-date to protect against known vulnerabilities.
- Be Cautious on Social Media: Be mindful of the information you share on social media, as scammers can use this information to craft more convincing scams.
- Report Suspicious Activity: Report any suspicious emails, messages, or phone calls to Scamwatch or your directly to you bank.
For more information
For more assistance, you can refer to the Scamwatch website.
