International Fraud Awareness Week was established by the Association of Certified Fraud Examiners (ACFE) in 2000 to raise awareness about fraud and encourage businesses to take proactive steps to minimise its impact. This year, the week ran from 16 to 22 November.
 |
| Concept artwork about deepfakes generated by Google Gemini (Nano Banana). |
Twenty-five years on, we still live with fraud, with increasingly sophisticated attempts powered by AI.
Ian Holmes, Global Lead for Enterprise Fraud Solutions, Director at SAS, explained that fraud thrives in uncertainty, and today's mix of economic volatility, rapid digitalisation, and AI acceleration has created the perfect storm.
“Every channel, from social media to videoconferencing, can now be weaponised," he said.
“The fraud landscape has shifted from an evolution into a mutation, demanding that we both shift and move even faster to stay ahead. Thirty years on from the first AOL phishing email, fraud is less about crude digital trickery and more about AI-enabled fraud threats in a highly effective enterprise underworld. The latest frontier - deepsea phishing - fuses deepfake video and audio, created by generative AI, to deceive victims with alarming realism; the barrier to entry has never been lower, and the manipulation more precise.”
Ping Identity also commented on the link between fraud, AI and deepfakes. “Agentic AI is transforming the fraud landscape at an unprecedented pace. With autonomous decision-making and adaptive learning capabilities, fraudsters now use AI to craft context-aware phishing schemes and deepfake videos and voices that blur the line between authenticity and manipulation.
"These intelligent scams are rapidly eroding consumer trust, with 39% of consumers citing AI-driven phishing as their top modern fraud concern," said Patrick Harding, Chief Product Architect, Ping Identity.
"International Fraud Awareness Week underscores the urgent need for vigilance in this new era where defence and deception are evolving in parallel."
Holmes noted that today's workarounds have their challenges. “According to KPMG’s Global Banking Scam Survey 2025, 91% of banks rate real-time transaction pausing or blocking as effective. But how long can this customer impediment to fast money last?” he asked.
“Additionally, 79% cite access to centralised mule-account data across institutions as key to detection, which needs industry collaboration. Astoundingly, only 15% say they are currently leveraging advanced analytics and machine learning at scale - a widening gap in AI capability compared to the nimbleness of the threat actors working against them.”
“Effective fraud prevention today, then, is even more about prediction than it has ever been. No longer can reaction be accepted. Advanced analytics and AI now make real-time scoring of transactions along with synchronous decision response to act upon these insights, and detect anomalies as they emerge. The path forward lies in predictive intelligence, mapping behaviour, linking networks, and as a final stage, identifying mule networks before the money moves,” Holmes concluded.
“The next frontier is collaboration built on shared insight. As organisations connect data across departments and industries, intelligence will transform into foresight. In this new era, data itself becomes defence, the unifying frontline against fraud's relentless evolution.”
Teck Wee Lim, Area VP, ASEAN, CyberArk, said that the human factor has to be considered in any solution fighting fraud. "With fraud posing serious risks to businesses, institutions, and individuals alike, awareness isn’t just about detecting malicious links but about rewiring behaviour as well. Phishing attacks continue to be the top cause of fraud across APAC, exploiting not only human instinct but also the region’s rapid digital transformation and varied levels of cybersecurity maturity," he said.
"True resilience comes from blending robust identity controls with a culture that empowers employees to pause, question, and verify before acting. Organisations globally must invest as much in building security-aware culture as they do in deploying technical safeguards, beginning with strong commitment from board and executive level."
Lim said cybersecurity hygiene starts with identity, "ensuring every user, machine, and system has the right access privileges, and that people across all levels understand the value and responsibility of that access". "When employees understand that a single click can compromise not just their own data but their entire organisation's operations, behaviour shifts from mere compliance to genuine accountability and that’s when real resilience takes root," he observed.
"Intelligent threats demand equally intelligent defences," Harding agreed.
"Organisations must invest in systems that detect and respond to attacks in real time while continuously learning and adapting to new tactics. Effective identity and access management now requires evaluation of the full context behind each agentic AI access request, including intent and behavior. By combining adaptive authentication with AI-driven fraud detection, organisations can anticipate emerging risks, strengthen digital trust, and protect identities in an increasingly autonomous and agentic world.”
*AOL is an email provider based in the US, and APAC refers to the Asia-Pacific region. A mule account is a bank account that is used to transfer money for illegal purposes.
No comments:
Post a Comment