As generative AI technology becomes more accessible, cybercriminals are finding new ways to exploit it for their own gain. The use of generative AI to create synthetic identities is on the rise, posing a serious threat to individuals and businesses alike. Current fraud detection tools are struggling to keep up with this rapidly evolving form of fraud, leading experts to warn of potential financial losses in the near future.

Synthetic identity fraud involves the creation of false identities using a mix of stolen and fabricated personal information. This information can include real details such as Social Security numbers and birth dates, as well as fake attributes like email addresses and phone numbers. With the help of generative AI technology, cybercriminals can now easily generate fake documents and information that appear to be legitimate, making it increasingly difficult for businesses to detect fraudulent activity.

Matt Miller, principal of cybersecurity services at KPMG US, explains that cybercriminals are using generative AI to create deepfake videos and voice prints of real people in order to carry out their schemes. The accessibility of large language models and other AI technology has made it easier and cheaper for criminals to create false identities and documents. This has made it challenging for existing fraud prevention measures to keep up with the ever-evolving tactics of cybercriminals.

Ari Jacoby, founder and CEO of Deduce, points out that the use of generative AI tools by cybercriminals varies based on their level of sophistication. In the past, criminals had to either write their own scripts or hire developers to create malicious software. However, with the rise of generative AI, even less sophisticated actors can quickly and inexpensively create fraudulent documents. Jacoby warns that traditional defenses against counterfeit IDs are no match for the capabilities of generative AI, making it easier than ever for criminals to commit fraud.

Nathan Richter, senior partner at Wakefield Research, highlights the availability of copycat AI tools like ChatGPT on the Dark Web, further complicating the fight against synthetic identity fraud. As more cybercriminals gain access to these advanced technologies, the threat of fraud is only expected to increase in the coming years.

The Wakefield Research survey reveals that organizations are already feeling the impact of synthetic identity fraud, with many reporting that their customers are using fake identities to open accounts. The cost of each fraud incident can be substantial, with estimates ranging from $10,000 to $100,000 depending on the severity of the fraud. Financial firms, in particular, are at risk of incurring significant losses as a result of synthetic identity fraud.

Experts warn that the problem of synthetic identity fraud is likely to worsen before it improves. The Deloitte Center for Financial Services predicts that the financial industry could face billions of dollars in losses due to synthetic identity fraud by 2030. This growing threat has prompted organizations to adopt a multi-layered approach to combating fraud, including the use of AI and behavioral analytics to detect suspicious activity.

Mark Nicholson, principal of cyber and strategic risk at Deloitte, emphasizes the importance of continuous monitoring and authentication of customer interactions to prevent fraud. Companies must also consider incorporating biometric data, third-party sources, and session monitoring tools into their fraud prevention strategies to stay ahead of cybercriminals.

In addition to technological defenses, companies must also address human risk factors associated with generative AI and synthetic identity fraud. Training employees to recognize potential risks and implementing process controls can help mitigate the threat of fraud. Furthermore, regulatory measures and industry standards are needed to protect consumers from the growing risks posed by artificial intelligence.

While the Biden administration’s executive order on AI safety is a step in the right direction, more comprehensive regulations are needed to safeguard against the misuse of generative AI. As technology continues to advance, companies and policymakers must work together to address the challenges posed by synthetic identity fraud and ensure that AI is used responsibly. Only by taking a collective approach can businesses and individuals effectively combat the evolving threat of cybercrime in the digital age.

Source link