From a cluster of call centers in Canada, a criminal network defrauded elderly victims in the US out of $21 million in total between 2021 and 2024. The fraudsters used voice over internet protocol technology to dupe victims into believing the calls came from their grandchildren in the US, customizing conversations using banks of personal data, including ages, addresses, and the estimated incomes of their victims.
The proliferation of large language models (LLMs) has also made it possible to clone a voice with nothing more than an hour of YouTube footage and an $11 subscription. And fraudsters are using such tools to create increasingly more sophisticated attacks to deceive victims with alarming success. But phone scams are just one way that bad actors are weaponizing technology to refine and scale attacks.
Synthetic identity fraud now costs banks $6 billion a year, making it the fastest-growing financial crime in the US Criminals are able to exploit personal data breaches to fabricate “Frankenstein IDs.” Cheap credential-stuffing software can be used to test thousands of stolen credentials across multiple platforms in a matter of minutes. And text-to-speech tools powered by AI can bypass voice authentication systems with ease.
“Technology is both catalyzing and transformative,” says John Pitts, head of industry relations and digital trust at Plaid. “Catalyzing in that it has accelerated and made more intense longstanding types of fraud. And transformative in that it has created windows for new, scaled-up types of fraud.”
Fraudsters can use AI tools to multiply many times over the number of attack vectors—the entry points or pathways that attackers can use to infiltrate a network or system. In advance-fee scams, for instance, where fraudsters pose as benefactors gifting large sums in exchange for an upfront fee, scammers can use AI to identify victims at a far greater rate and at a much lower cost than ever before. They can then use AI tools to carry out tens of thousands, if not millions, of simultaneous digital conversations.
This content was produced by Insights, the custom content arm of MIT Technology Review. It was not written by MIT Technology Review’s editorial staff.
This content was researched, designed, and written entirely by human writers, editors, analysts, and illustrators. This includes the writing of surveys and collection of data for surveys. AI tools that may have been used were limited to secondary production processes that passed thorough human review.
