Generative AI merges with intelligent malware, threat level rises

There has been a 44% increase in organized ID fraud in North America compared to preceding quarters, according to AU10TIX.

This upsurge is believed to be driven by the ongoing economic recovery and inflationary pressures, particularly in the US market, which are emboldening professional ID fraud syndicates.

Fraudsters target Asia-Pacific region

Amid this escalation, the Asia-Pacific region emerges as the leading target for fraudsters, with over 4% of transactions flagged as an ID fraud attack. This alarmingly high figure greatly surpasses rates seen in other global regions. AU10TIX attributes this epidemic to Asian anti-fraud defenses, which are historically weaker than in other markets.

This renders them ‘soft targets’ that attract bad actors. In contrast, South American organizations experience attack rates of merely 2% largely due to their practice of verifying IDs against government databases, creating a more formidable barrier against fraud.

The data analysis underscores a significant and notable discrepancy in attack modes based on document verification (averaging 37%) compared to attacks using selfies (averaging 5%).

This stark contrast highlights the importance of implementing a multilayered identity verification system incorporatingliveness testing, biometric verification, and consortium validation, and demonstrates that professional fraudsters are still using traditional modes such as personal data and document numbers to generate synthetic identities used in coordinated attacks.

The fusion of generative AI and intelligent malware

The integration of generative AI and intelligent malware is elevating the efficacy of malicious actors, introducing a higher degree of automation, and amplifying the independence of attacks. Concurrently, this advancement substantially bolsters the toolkit available to both attackers and defenders.

“By identifying the geographical regions and industry sectors that are experiencing the most acute attack rates, we are alerting businesses in those areas to take additional steps to protect their customers,” said Dan Yerushalmi, CEO of AU10TIX. “This data reveals which markets fraudsters consider the most vulnerable with the most potentially lucrative return. We hope that by sharing our analysis on a regular basis, we can contribute to the global reduction of identity fraud and make the world a better place.”

Among the sectors scrutinized, cryptocurrency and trading are the most highly targeted, responsible for 47% of attacks in Q2. These industries attract professional fraudsters due to their perceived high-profit prospects and inherent anonymity. The second most targeted industry is payments with 32%, followed by commerce with 12%. Banking accounts for only 2% of attacks.

This divergence is likely attributable to the assumption that financial institutions invest more significantly in robust protective measures than retailers and payment providers do.