Beware of potential threats and follow these tips to fight cybercrime
Post Date – 11:30 PM, Monday – July 24
Hyderabad: Artificial intelligence (AI) focuses on creating intelligent machines that can perform tasks that normally require human intelligence, such as understanding natural language, recognizing images, making decisions and solving complex problems.
AI-powered deepfakes could be used maliciously and criminally:
(a) harass an individual and damage their credibility
(b) Enticing people to send money/disclosing privileged information
(c) Spoofing online systems that verify customer identities by spoofing KYC
(d) Manipulation of electronic evidence for criminal justice investigations
(e) Support disinformation campaigns that incite social unrest and create political polarization
(f) using artificial intelligence tools to guess passwords
Examples of modus operandi for AI-based deepfake scams:
Fraudulent AI-based video calls can be convincing and manipulative, so consumers must remain vigilant online. Here are some ways to avoid falling victim to such scams.
* Victims are randomly selected, social profiles are completed, and then scammers start communicating with victims.
* Scammers impersonate famous people and request financial assistance by repeating false stories in order to convince victims to transfer large sums of money.
*Excuses a scammer might use to deceive include (a) I was robbed (b) I needed money for a medical emergency (c) I was in an accident
How cybercriminals are misusing artificial intelligence:
* Deepfake Attacks – AI can help create overly real-looking deepfakes that can be used to impersonate individuals, leading to misinformation and reputational damage or spreading misinformation.
* Voice Phishing – Cybercriminals can clone the human voice to carry out advanced types of voice phishing attacks.
* Social Engineering Attacks – Using artificial intelligence tools, cybercriminals can craft extremely personal and complex emails that look like they were written by a human.
* Credential Stuffing – This is a method by which an attacker uses a list of compromised user credentials to compromise a system through an AI-automated process.
* Malware development – AI can be used to create high-tech malware that can evade traditional security measures and adapt its behavior to the goals of the environment in which it operates.
* AI-powered botnets – AI-powered botnets can mimic human behavior to effectively integrate into the digital environment.
* Social Engineering Attacks – Using artificial intelligence tools, cybercriminals can draft extremely complex emails that look like they were written by a human.
Security Professionals Combat AI-Based Cybercrime:
* Behavioral Biometrics – AI helps identify untrustworthy activity by analyzing parameters such as keystrokes while typing, navigation patterns, screen pressure, typing speed, mouse or mobile device movement, lip sync and gyroscope position
* Malware detection – Artificial intelligence and machine learning can analyze large volumes of data to identify patterns and anomalies that challenge humans to detect malware threats.
* Threat detection – AI algorithms can help us process and analyze massive data sets, namely network traffic logs, system logs, user behavior and threat intelligence feeds.
* Predictive Analysis – This process uses data analysis, machine learning, artificial intelligence and statistical models to find patterns that may predict future behavior.
* Natural Language Processing (NLP) – can identify phishing emails by analyzing email text.
* Email Authentication Protocols – Implement email authentication protocols like SPF, DKIM, and DMARC to prevent email spoofing.
Some tips when dealing with AI-based crimes:
* Password – Set a verbal or digital password with your child, family member or trusted close friend and make sure only you and your significant other know it.
* Question the source – cybercriminals have tools at their disposal that can spoof a phone number and make it appear authentic; so even a voicemail or text message from a known number is advisable to stop, pause and think.
* 2FA – Implement two-factor authentication (2FA) on your social media and email accounts.
* Password – It is recommended to use a complex and strong password that is difficult to crack.
* Unsolicited emails and text messages – be careful when clicking on short links you receive.
* Imposters may be asked to turn their faces away.
* Make the imposter on the other end wave while talking.
