AI scams are everywhere, so here’s how you can outsmart them
Just how tough is it nowadays to spot AI-generated scams? Pretty tough, it turns out.
Learn more at our vodcast on AI and online scams:
At the Global Anti-Scam Summit Asia 2024 in October, a room of about 100 anti-scam experts were asked to stand. They were then shown one video at a time and asked if it was real or AI-generated. Those who got the answer wrong had to take their seats.
After just three rounds, only a handful of the experts from law enforcement, financial institutions, and tech giants were left standing.
Indeed, scams are becoming more deceptive, no thanks to the nefarious use of AI to generate ever more deceptive content to fool us.
With over 10% of scams last year generated by AI, it’s all the more important to learn how to protect ourselves. Read on to find out more about how these scams are run, what we can do to avoid falling victim, and what tools are out there to help us!
How AI scams get under our skin
AI scams often mix familiar scam methods and then use AI-generated content to add a sheen of authenticity.
For example, email users frequently get spam and other assorted scams targeting them, but AI-driven scams have taken things to the next level.
Hackers are using AI-generated voice technology to mimic Google support agents in fake calls. These are often coordinated with deceptive account recovery notifications, guiding users to fraudulent login pages.
One tech professional described how he almost fell for a scam and saw through the ruse only because he detected a subtle, robotic cadence to a phone call.
Unfortunately, our online behaviour is enabling AI-generated scams, as social media videos are being used to clone our voices. It takes just three seconds of audio to clone one’s voice. The scammers can then call or send voicemails to friends and family, asking them to send money urgently.
What Singapore is doing to keep us safe
Thankfully, the scammers aren’t the only ones using AI. GovTech, alongside the Ministry of Home Affairs and the Singapore Police Force, has developed some powerful tools to protect us from these threats.
Scam Analytics and Technical Intervention System (SATIS)
Instead of merely reacting to scams after people have fallen victim, the authorities are on the hunt for online scams through the Scam Analytics and Technical Intervention System (SATIS). A joint collaboration between the Ministry of Home Affairs and GovTech, SATIS consolidates threat intelligence from crowdsourced initiatives such as ScamShield and from partners such as SPF police reports. It also proactively hunts and automatically gathers information online.
The tool then employs Machine Learning technology to analyse these sites. Known as the Recursive Machine Learning Site Evaluator (rMSE), it works together with SATIS to analyse over a million websites a month. Once it flags a site as suspicious, it sends the info to Google Web Risk, making sure the site gets blocked worldwide on supported browsers like Chrome, Firefox, and Safari.
As of October 2024, over 59,000 harmful sites – ranging from job scams to bogus e-commerce portals – have been disrupted.
Keeping yourself safe
Although the Government is proactively fighting scams, we must also do our part by protecting ourselves.
Get the ScamShield app
If you haven’t already, download the ScamShield app. It’s a handy tool that blocks scam calls and messages to your phone.
In addition, it also lets you report scams directly and verify suspicious messages. Once a number, messenger, or link is submitted to ScamShield, it will check if it’s from a verified source such as the government or registered businesses. It will also compare the input with known scam messages, numbers, and links and inform you of the results.
Identify legitimate government messages
Since July 2024, all SMSes from the government come from the gov.sg sender ID , which is protected for use only by government agencies. Telecom operators assist to block any sender IDs that try to look like gov.sg.
Besides, bearing the same sender ID in lowercase, SMSes will begin with the full name of the agency (such as Central Provident Fund Board), end with the signature “This is an automated message sent by the Singapore Government”, and will be grouped together into a single conversation.
What to do if you’ve been scammed
If you do fall victim to a scam, don’t panic – here’s what to do:
-
Contact your bank immediately so that the bank can freeze your account to prevent further loss.
-
File a police report online or at the nearest police post.
-
Secure your accounts by changing your passwords and enabling two-factor authentication (2FA). Let your contacts know if your social media or email accounts have been hacked.
-
For e-commerce scams, report the incident to the platform. Include all the details you have, like screenshots and the scammer’s account info.
New scams call for renewed vigilance
Gone are the days when online scams come riddled with misspellings, laughably obvious get-rich-quick schemes, and other assorted giant red flags.
Instead of thinking “it could never happen to me”, think instead that “it could very well happen to me”. By following the tips here and adopting a healthy dose of scepticism to what you see online, we can ensure that we keep ourselves safe in the wild wild web.
Educating ourselves about AI’s potential to have both negative and positive effects is crucial. If you haven't already, do watch our vodcast on AI and online scams. Afterall, knowledge is power, so get empowered today!
