How to Defend Against AI-Powered Identity Fraud
Discover how deepfakes, voice cloning, and AI-powered phishing are reshaping digital deception—and learn practical strategies to strengthen identity security with real-time, AI-driven defenses.
Stay informed on the latest in information security with updates on fraud prevention, detection techniques, and cyber fraud trends.
Search across headline titles and summaries.
Background for this topic.
Fraud is intentional deception used to obtain money, access, information, or another unfair benefit. In information security, the term commonly covers digitally enabled schemes such as phishing, account takeover, payment fraud, business email compromise, and misuse of stolen identities or credentials. The defining feature is deceptive use of systems, accounts, or data—not merely a technical failure.
Security teams should treat fraud as both an identity and transaction-risk problem. Relevant controls include phishing-resistant authentication, least-privilege access, payment and account-change verification, and monitoring for unusual login or transaction patterns. Personal and financial data require appropriate privacy protections because exposed data can support impersonation even when passwords are not compromised. Investigation must preserve authentication, email, endpoint, and transaction records so organizations can contain unauthorized access, reverse or block fraudulent activity where possible, notify affected parties, and improve controls based on the attack path.
Weekly headline count for the current query.
Discover how deepfakes, voice cloning, and AI-powered phishing are reshaping digital deception—and learn practical strategies to strengthen identity security with real-time, AI-driven defenses.
Victims Increasingly Face Multiple Compromises From a Single IncidentIdentity theft scams are increasingly unfolding as coordinated, AI-assisted attack chains that begin with phishing or impersonation escalate into account takeovers, device compromise and broader fraud, according to the Identity Theft Resource Center.
Fraudsters Tokenize Stolen Cards Into Attacker WalletsGoogle Threat Intelligence Group warned that Chinese-language phishing-as-a-service platforms are using AI, encrypted messaging and real-time OTP interception to bypass multifactor authentication and provision stolen payment cards into attacker-controlled digital wallets worldwide.
New White EOs Tighten Know Your Customer Rules While Easing Fintech OversightBoth the White House's recent executive orders deal with the financial services industry and discuss the importance of integrity and innovation in combatting fraud. But read them together and another picture emerges that could confuse seasoned fraud and compliance practitioners.
Instant Payments Push Outpaces Regional Cross-Border Fraud DefensesCross-border payments across Southeast Asia are about to get significantly faster. The region is months away from launching the most ambitious cross-border payments network in its history - Project Nexus. But cross-border fraud response is still lagging.
Researchers Identify 455 Malicious Apps Tied to Global Malvertising CampaignCybercriminals used malicious Android apps to funnel unwitting users to an ad fraud scam that generated up to 659 million daily bid requests, reports Human Security. The scam has spanned 455 malicious Android apps and is linked to 183 threat actor-owned command-and-control domains.
Ransomware Payouts, AI-Driven Threats and Reshaping Payment FraudIn this week's panel, four ISMG editors discussed a ransomware case that once again raises questions about paying extortionists, why security leaders fear AI is accelerating attacks faster than humans can respond and how the rise of instant payments is reshaping fraud programs at banks.
As Regulators Tighten Liability Rules, Banks Face Pressure to Justify Fraud LossesSo far, banks have managed to strike a balance between fraud prevention and customer convenience, often accepting a certain level of loss rather than introducing controls that could slow payments, increase false declines or drive customers to competitors.
Coerced Labor in Scam Compounds Is Reshaping How Enterprises Face Fraud RisksFraud operations in Southeast Asia increasingly rely on trafficked workers forced into scams. This reality challenges assumptions about threat actor behavior, complicates attribution and negotiation, and demands that enterprises rethink fraud prevention and disruption strategies.
Also: Google’s $40B AI Bet, Insights From Google Next ConferenceIn this week's panel, four ISMG editors discussed North Korea's use of fake video meetings to fuel crypto fraud, Google's $40 billion investment in Anthropic and what it signals for the AI race, and key takeaways from Google Next in Las Vegas on enterprise AI adoption.
Also: Cartier Heir Imprisoned, Believe Founder Benjamin Pasternak ArrestedThis week, North Korea hacks, Cartier heir jailed, Believe founder arrested, Cambodia scam network sanctioned. A U.S. Army soldier's insider bet, Litecoin, sentences in laundering and romance fraud cases, France probed crypto kidnapping. Tennessee banned crypto ATMs, Kelp DAO and Alex Mashinsky.
Federal Charges Target Recruiters, Managers in Scam Centers After Global TakedownU.S. and international law enforcement agencies dismantled a network of overseas scam centers linked to cryptocurrency investment fraud schemes, officials said Wednesday, arresting at least 276 individuals in a crackdown across the Middle East and Southeast Asia.
Tyler Buchanan Pleads Guilty to Conspiracy to Commit Wire Fraud and Identity TheftA senior figure in the Scattered Spider cybercrime group pleaded guilty to one count of conspiracy to commit wire fraud and one count of aggravated identity theft on Friday in US federal district court. The plea marks the conclusion of a digital crime spree by Tyler Robert Buchanan.
Point Predictive's Frank McKenna on Detecting Hidden Signals in Synthetic IDsFraud detection is moving beyond verification toward identity intelligence. Frank McKenna, co-founder and chief fraud strategist at Point Predictive says synthetic identities leave subtle signals such as thin profiles and behavioral traits that demand deeper analysis from fraud investigators.
Also: ZachXBT Uncovers DPRK Worker Scam, Hyperbridge Hack, Coinone FineThis week, Operation Atlantic disrupts $45M phishing fraud, ZachXBT uncovers DPRK crypto worker scheme, Hyperbridge exploit, South Korea fines Coinone $3.5M, Kraken faces extortion attempt over insider data leak and American musician loses $420K in fake Ledger app.
Fraud Expert Ken Palla on Why Detection Controls Still Lag BehindFraud continues to climb even as banks invest heavily in detection tools and analytics. The gap between technology spending and fraud losses reflects a deeper issue in how financial institutions approach scam prevention, says Ken Palla, retired director at MUFG Bank.
Banks Must Prepare for the Coming DelugeInterpol added to warnings about a coming torrent of intelligence-enabled global fraud in an annual assessment assessing that victim losses reached $442 billion last year. AI-enhanced fraud is more than four times more profitable than traditional fraud methods, Interpol found.
Real-Time Payments, AI-Led Exploits Are Exposing Flaws Fraud Detection Can't CatchFor years, fraud prevention has followed a familiar script. A transaction is initiated. A model evaluates it. Fraud still gets detected as it happens or after it occurs. But this model is breaking down with the rise of instant payments and artificial intelligence tools.
Joël Winteregg of Vyntra on How AI Is Industrializing Fraud at Unprecedented ScaleGen AI has created a "paradise" for fraudsters, said Joel Winteregg, CEO of Vyntra. Just as Interpol coordinates across borders to dismantle criminal networks, Winteregg said banks must operate as a unified intelligence network, because the fraud operations targeting them already do.
Report Reveals Growing Trend of Fraudsters Intercepting SMS-Based VerificationFinancial institutions have historically relied on one-time passcodes as a primary authentication control for their accountholders. But OTP verification is less reliable as fraudsters increasingly exploit SMS-based verification weaknesses to carry out account takeover and payment fraud schemes.