The rise of AI in fraud: how technology is changing the game

In an age of rapid technological advancement, the nature of fraud is undergoing a significant transformation. Traditional methods centred around familiar patterns, such as manipulated invoices and insider misconduct, are still prevalent. However, a new layer of complexity has emerged with the rise of artificial intelligence (AI), which is reshaping the landscape of corporate fraud in ways that many organisations are just beginning to comprehend.

Loxton Forensics, a legal consultancy specialising in the prevention of white-collar crime, says AI tools, now capable of generating convincing documents, mimicking voices, and creating realistic identities, have revolutionised the methods employed by fraudsters. What once required intricate criminal networks can now be executed swiftly, affordably, and on a large scale. This fundamental shift compels businesses to reconsider their approaches to detecting, investigating, and preventing fraudulent activities.

AI-enabled impersonation: a growing threat

Among the most alarming developments in the fraud arena is AI-enabled impersonation. Instances have been reported where fraudsters have used AI voice cloning technology to imitate high-ranking executives, all to authorise urgent payments. Similarly, synthetic identities have been crafted to bypass onboarding checks or establish supplier accounts that appear entirely legitimate.

At the core of this deception lies a fundamental principle: trust. When a message emanates from a familiar voice, a verified email address, or a trusted supplier, employees are often quick to respond without hesitation. Fraudsters have seized upon this dynamic, leveraging AI’s ability to replicate these inherent trust signals with disconcerting accuracy.

Emerging patterns in fraud

The following trends illustrate the evolving tactics employed by fraudsters in the AI era:

• AI-generated documents used to support fraudulent transactions or supplier onboarding.
• Voice cloning exploited to impersonate executives in payment requests.
• Synthetic identities forged from both real and fabricated data to bypass verification processes.
• Communications crafted by AI designed to mimic internal language and tone.
• Highly convincing automated phishing campaigns that surpass traditional scams.

With these evolving tactics, organisations face a pressing question: how does one defend against an adversary capable of so convincingly mimicking people and systems?

Reassessing fraud prevention strategies

Loxton says merely relying on technology will not suffice. Resilience in the face of these challenges encompasses a combination of controls, awareness, and investigative capabilities. Here are five practical strategies businesses can implement to bolster their defences against AI-enabled fraud:

1. Strengthen verification protocols: For high-value payments, supplier changes, and sensitive requests, always use secondary verification through a separate communication channel.
2. Introduce multi-layer approval processes: Ensure that no single individual can authorise critical financial transactions without independent review.
3. Train employees to recognise AI-driven deception: Awareness programmes should encompass examples of voice cloning, deepfake communication, and advanced phishing attempts.
4. Monitor digital activity closely: Implement robust digital monitoring and anomaly detection to identify unusual activity before it escalates into fraud.
5. Build forensic readiness: In the event of an incident, organisations must swiftly preserve digital evidence and investigate occurrences with both clarity and credibility.

As technology continues to advance, fraud will inevitably evolve in tandem. Loxton says the most resilient organisations will be those that acknowledge that preventing fraud extends beyond mere policies and controls. It involves understanding the intricate interplay between technology, behaviour, and governance.

In today’s landscape, fraud transcends the mere theft of money. It threatens information, identity, and trust — elements that are vital to any organisation's integrity. Protecting these assets requires a new level of forensic thinking, underscoring the need for adaptation in an unpredictable digital world.

IOS