Gen foresees rising AI-driven scams & identity risks by 2025

Gen has released its cybersecurity predictions for 2025, outlining significant changes anticipated in scams, digital identity risks and financial theft.

Gen's Cyber Safety Chief Technology Officer, Siggi Stefnisson, emphasised the expected transformations due to recent advancements in artificial intelligence (AI) and security breaches. "After a monumental year in AI – and a somewhat catastrophic year in breaches – we believe we'll see significant shifts in both scams and digital identity risks in 2025," Stefnisson stated. "Cybercriminals will capitalise on large breaches to either steal identities outright or utilise the information to create hyper-personalised and believable scams."

The report predicts extensive use of AI to create intricate and convincing scams, alongside concerns about AI's influence on human perception. Large Language Models (LLMs) will, according to Gen, be a key driver in this change, as they begin generating hyper-personalised experiences. With over 200 million people using ChatGPT weekly by late 2024, the technology's integration into everyday activities could shape perceptions and lead to moral debates about AI's societal impact. "It's sure to be a year of change, and it will be more important than ever for people to be protective of their digital lives," Stefnisson added.

The issue of deepfakes is also highlighted in the report. Gen foresees deepfake technology advancing to the point where even experts might struggle to distinguish real from fake. This could lead to misuse in personal situations such as distributing fake images or by governments spreading misinformation. To counter this, Gen suggests the evolution of verifiable digital credentials that can authenticate digital content and preserve online trust.

The potential shift from data theft to identity theft is another critical point in Gen's predictions. Following considerable data breaches in the past year, identity theft is expected to rise significantly. Criminals will reportedly use personal data from breaches and other sources to create detailed profiles, exacerbating the risk. This could lead to more sophisticated impersonation of trusted companies and increased extortion attempts.

Gen also anticipates a movement towards hyper-personalised scams, focusing on manipulating human behaviour rather than exploiting technical vulnerabilities. Attackers, using personal data obtained from breaches, may employ methods similar to a recent sextortion campaign in the US and Canada, which utilised Google Street View images as part of its strategy. The scams will likely be highly targeted and challenging to distinguish from legitimate communications.

Financial theft is predicted to see new forms, particularly through mobile banking threats and cryptocurrencies. Fraudsters may employ techniques such as deepfaked celebrities or voice-cloned officials to entice victims into fake investment schemes. As evidenced by the 2024 CyrptoCore campaign, such tactics can be highly lucrative and damaging.

To prepare for these predicted changes, Gen urges individuals to remain informed about current scams, use VPNs for better online data protection, maintain scepticism of too-good-to-be-true offers, verify information sources, and utilise trusted security tools like Norton 360 Deluxe and Avast Premium Security. Additionally, Dark Web Monitoring and Identity Advisor Plus are recommended for alerting and assisting in case one's identity is compromised.