SAN FRANCISCO – The FBI San Francisco division is warning individuals and businesses to be aware of the escalating threat posed by cyber criminals utilizing artificial intelligence (AI) tools to conduct sophisticated phishing/social engineering attacks and voice/video cloning scams.
The announcement, made today from the RSA cybersecurity conference at the Moscone Center in San Francisco, coincides with the division’s outreach efforts to include an FBI booth at the conference and participation in multiple conference panel sessions during the week of May 6, 2024.
AI provides augmented and enhanced capabilities to schemes that attackers already use and increases cyber-attack speed, scale, and automation. Cybercriminals are leveraging publicly available and custom-made AI tools to orchestrate highly targeted phishing campaigns, exploiting the trust of individuals and organizations alike. These AI-driven phishing attacks are characterized by their ability to craft convincing messages tailored to specific recipients and containing proper grammar and spelling, increasing the likelihood of successful deception and data theft.
In addition to traditional phishing tactics, malicious actors increasingly employ AI-powered voice and video cloning techniques to impersonate trusted individuals, such as family members, co-workers, or business partners. By manipulating and creating audio and visual content with unprecedented realism, these adversaries seek to deceive unsuspecting victims into divulging sensitive information or authorizing fraudulent transactions.
“As technology continues to evolve, so do cybercriminals’ tactics. Attackers are leveraging AI to craft highly convincing voice or video messages and emails to enable fraud schemes against individuals and businesses alike,” said FBI Special Agent in Charge Robert Tripp.” These sophisticated tactics can result in devastating financial losses, reputational damage, and compromise of sensitive data.”
The FBI encourages individuals and businesses to mitigate the risks associated with AI-powered phishing and voice/video cloning by doing the following:
- Stay Vigilant: Be aware of urgent messages asking for money or credentials. Businesses should explore various technical solutions to reduce the number of phishing and social engineering emails and text messages that make their way to their employees. Additionally, businesses should combine this technology with regular employee education and employees about the dangers of phishing and social engineering attacks and the importance of verifying the authenticity of digital communications, especially those requesting sensitive information or financial transactions.
- Implement Multi-Factor Authentication: Utilize multi-factor authentication solutions to add extra layers of security, making it more difficult for cybercriminals to gain unauthorized access to accounts and systems.
The FBI urges individuals and businesses to remain vigilant and proactive in safeguarding against the evolving threat landscape of AI-powered cybercrime. Resources are available at the FBI’s Internet Crime Complaint Center (IC3.gov), and this is also the best way to submit a cyber complaint to the FBI.
Related
- April 17, 2024 – AB 2930: Bill to Eliminate Bias in AI Decision-making Passes Privacy Committee
- Jan 17, 2024 – Bill Seeks to End AI Generated Deepfake Pornography
- Jan 4, 2024 – Artificial Intelligence Technology Bills Introduced