Your phone rings. It's a family member clearly in distress, claiming to be in jail or some other sort of trouble and they need you to wire some funds. They'll explain all the details once they have more time.
Most of us would probably do whatever we could without any hesitation. This is exactly what AI scammers are counting on. Using AI to create a convincing impersonation is a real thing that is actually happening.
It doesn't end there, either. Besides stories about scammers pretending to be family in distress, you'll find all sorts of ways scammers are tricking people into giving them money using AI-generated audio, video, and text. The one thing they all have in common is that they are good enough to fool almost anyone. Even the CEO of a U.K. energy firm wired €220,000 to someone impersonating his German boss.
And it could happen to you, too.
How it works
You've probably heard the term deep fake — digitally manipulated media designed to fool you into thinking you're seeing or hearing someone doing something they didn't really do or say. In the past, it seemed that this was mostly used for porn and election interference, but using "deep fake" tech to scam people isn't something brand new. It is becoming far too common though.
How it works is a testament to how good AI can be. Using a photo, short voice sample, or a bit of text from a real email or message, AI can create media that tricks our eyes and ears into thinking we're seeing a real video, or reading a real email from our boss, or even talking to a family member on the telephone.
Sometimes there are small tells that give it away. Other times it would take time to analyze the media to tell it's a fake. Either way, when combined with a false sense of urgency as a misdirection, it's fairly easy to provoke a reaction.
Urgency is often used as misdirection — take the time to question everything.
Think about the situation at the beginning of this article. If, for example, you got a phone call from your significant other who frantically explains that he or she needs you to send $2,500 into this account in order to get out of jail. They will explain all the details once they get home.
Would you take the time to verify anything, or even question the authenticity of the call? Probably not — I know I wouldn't. If it sounded like my wife I would react first, and question later. That's what the scammers are counting on.
So what can I do to protect myself?
The basic rules still apply when it comes to dos and don'ts. It's unfortunate but a healthy dose of skepticism is required, whether you're being told about an extended warranty or on the phone with the cable company hearing about a once-in-a-lifetime special offer. If it's too good to be true, it probably is.
More unfortunate is that you now have to question people you would normally trust because your eyes and ears might be lying to you. It's impossible to list the ways you can protect yourself from every online-based scam other than to unplug and go back to paper and pencil and use the fancy smartphone you bought as a paperweight. Nobody wants to do that.
What we can — and should — do is still mostly common sense.
- Never give any sort of password or confirmation code to someone who called you. If you have to confirm your identity when calling someone about a service like your water utility or something, make sure you are actually speaking to a company representative.
- Stop clicking links in text messages. Previous advice was to never click a link from someone you don't know but now you can't be sure who is messaging you no matter what your phone tells you.
- Nothing is really so urgent that you aren't able to stop and think for a few minutes. You do have time to make a phone call before you wire bail money to someone and that low-price lock on some service isn't going to end before you take the time to verify it yourself.
- The IRS still doesn't send you a text to warn you of an audit.
- Never click a link to a URL-shortening service — even if trust the sender. Take the time to inspect a URL to check it. I've seen scams pointing to things like micorsoft (versus Microsoft) for example.
- If you feel like things might not be legitimate, question them. Your family or your boss should be able to tell you something nobody else would know. If they refuse, you refuse. You can sort out why you did it later.
It's terrible that an article like this exists and I hated writing every word of it, but I hate the idea of criminal predators taking advantage of us even more. I'm not impervious to being scammed but I do spend countless hours each week on the internet and that's made me question everything I see and hear because of it.
Hopefully, articles like this help you steer clear of scammers and that makes them worth writing.
