Scammers are increasingly turning to artificial intelligence (AI) to aid their scam operations.
According to the Microsoft Anti-Fraud Team, AI-powered fraud attacks – especially in e-commerce and employment – are happening globally, with much of the activity coming from China and Europe.
Fraudulent e-commerce websites can be set up in minutes using AI and other tools requiring minimal technical knowledge. AI-generated product descriptions, polished imagery and fake customer reviews can dupe shoppers into thinking they're dealing with legitimate businesses, often leveraging the branding of well-known retailers to deepen the illusion.
Adding to the deception, AI-powered customer service chatbots are being used to delay chargebacks and deflect complaints. These bots mimic the tone and structure of real customer support interactions, deploying scripted excuses and stalling tactics that lend credibility to scam sites and frustrate victims into giving up.
Consumers can reduce their risk by scrutinising domain names, especially when clicking through from social media ads. They should be wary of countdown timers, “limited-time” deals, and influencer endorsements — all of which can be fabricated by AI to pressure users into impulsive purchases.
Scammers are increasingly using AI to create fake listings on various job platforms, too. They generate fake profiles with stolen credentials, fake job postings with auto-generated descriptions, and AI-powered email campaigns to phish job seekers. Some even deploy AI-powered interviews and automated email exchanges to make fraudulent offers appear legitimate.
See also: Taming the cyber risks in your supply chain
Job seekers are urged to exercise caution, particularly when approached via unsolicited SMS or emails promising high salaries with minimal qualifications. Requests for upfront payments to secure a role are a red flag, as is any demand for personal or financial information during early recruitment stages. To stay safe, applicants should verify that communication comes from official company domains and avoid engaging with recruiters who rely solely on text messages or personal email accounts.
To help protect consumers from scams, Microsoft has introduced free features and tools:
- Typo and domain impersonation protection – Microsoft Edge features website protection using deep learning technology to help users avoid fraudulent websites.
- Digital fingerprinting – Microsoft’s digital fingerprinting capability identifies malicious behaviours and ties them back to specific individuals. This helps in monitoring and preventing unauthorised access.
- Blocking full control requests – Quick Assist now includes warnings and requires users to check a box acknowledging the security implications of sharing their screen (Quick Assist is a tool that enables users to share their Windows or macOS device with another person over a remote connection). This adds a layer of helpful “security friction,” by prompting users who may be multitasking or preoccupied to pause to complete an authorisation step.
