Voice clones, fake agents and the new economics of online fraud

Americans did not lose nearly $900 million in 2025 because fraud became magical. They lost it because familiar scams became harder to reject. A fake daughter could cry on the phone. A fake FBI agent could sound official. A fake investment promoter could appear in a polished video, answer questions in fluent English, and keep a victim talking for months. The FBI’s 2025 Internet Crime Report put the AI layer into the record for the first time: 22,364 AI-related complaints and $893,346,472 in adjusted losses reported to IC3. That number is large. It is also almost certainly incomplete.

The FBI number gives synthetic fraud a hard edge

The FBI’s Internet Crime Complaint Center, known as IC3, has tracked online crime complaints for decades, but the 2025 report marked a new moment because it broke out complaints that referenced artificial intelligence. The bureau reported more than one million total complaints in 2025, nearly $21 billion in total reported cyber-enabled crime losses, and a first AI-focused section showing how generative tools are being used in scams that were already profitable before synthetic media matured.

The official AI figure is not a clean census of every AI-enabled scam in the United States. It is a count of complaints to IC3 where an AI connection was visible enough, suspected enough, or described clearly enough to be tagged. That distinction matters. A victim who wires money after a long WhatsApp investment conversation may never know whether the profile photo was AI-generated, whether the script was generated by a language model, or whether the voice note came from a cloned voice. The same is true for a business that pays a fraudulent invoice after an email thread appears normal. AI can be present without leaving obvious marks.

The report still changes the debate. Before this breakout, AI fraud was often discussed through isolated stories: a cloned voice, a deepfake celebrity endorsement, a fake executive call, a synthetic identity document. Those stories were real, but they could sound anecdotal. IC3’s 2025 data shows something firmer: AI is no longer a speculative fraud risk. It has become a measurable layer inside high-loss cybercrime.

The number also reframes public understanding of AI safety. Much of the public conversation around artificial intelligence focuses on copyright, labor displacement, hallucinated answers, political deepfakes, model bias, or long-term risk. Those issues still matter. Fraud is more immediate. It hits bank accounts, retirement savings, home equity, small-business cash flow, and family trust. It does not require a victim to download malware or understand technology. It only requires the victim to believe that a person, document, voice, website, authority figure, or investment opportunity is real.

The FBI’s phrasing is careful. The bureau described criminals using AI to create fake profiles, cloned voices, fabricated identification documents and convincing videos, then urged the public to pause, verify independently, and report quickly. That advice sounds simple because the human defense has to be simple. The problem is that the emotional conditions of fraud are not simple. Victims are rushed, scared, flattered, isolated, embarrassed, or made to feel personally chosen. AI does not invent those conditions. It helps criminals produce them faster and with fewer visible errors.

The sharpest reading of the IC3 data is this: AI has moved from being the subject of scams to being the machinery behind scams. A fraudster no longer has to sell fake AI stocks to exploit the AI boom. They can use AI to translate scripts, create personas, clone voices, fabricate documents, build fake dashboards, automate romance chats, alter “proof-of-life” media, or impersonate a government official. The scam may look like investment fraud, romance fraud, employment fraud, business email compromise, extortion, phishing, customer-support fraud, or government impersonation. The AI layer makes the old category harder to detect.

The reported loss is large and still probably understated

The $893 million number should be read as a floor, not a ceiling. IC3 complaint data depends on victim reporting, victim awareness, law-enforcement classification, and the ability to identify the role of AI after the fact. A person who hears a fake family member on the phone may suspect voice cloning. A person who loses money to a fake crypto platform may not know that the website copy, customer-service chat, profile images and video testimonials were machine-made. The FBI can only count what is reported and described.

This matters because many AI-enabled scams are designed to leave victims uncertain. A cloned voice is gone when the call ends. A fake investment dashboard can vanish. A fabricated account representative can disappear from an encrypted messaging app. A synthetic profile image can be replaced. A scammer can mix real stolen photos with generated documents, making the evidence harder to sort. The victim often has bank records and messages, but not the production chain behind the lie.

IC3’s total 2025 data shows the larger fraud environment in which AI operates. The FBI reported more than one million complaints and nearly $21 billion in reported losses across cyber-enabled crime. Cyber-enabled fraud alone accounted for hundreds of thousands of complaints and more than $17 billion in losses, while cryptocurrency-related complaints were tied to more than $11 billion in losses. The AI figure sits inside that larger system. It is not separate from it.

The FTC’s consumer data points in the same direction from another channel. The agency said consumers reported more than $12.5 billion in fraud losses in 2024, with investment scams and imposter scams among the largest loss categories. The FTC number is not the same dataset as IC3, and it should not be merged casually with FBI numbers. It does show that consumer fraud losses were already huge before AI became routine in scam workflows.

Underreporting has several causes. Some victims are ashamed. Some believe police cannot help. Some are told by scammers that reporting will trigger prosecution, deportation, account freezes or family danger. Some businesses resolve losses through insurers, banks or internal investigations. Some victims report to local police, the FTC, a bank, a crypto exchange or an online platform, but not to IC3. Some never report at all. The result is a public number that captures only part of the harm.

AI also creates a classification problem. A complaint might mention a suspicious video, a fake profile, a cloned voice or an AI-generated document. It might not use the word “AI.” Another complaint may use the word AI because the scam pitch promised “AI trading,” even if the deception did not depend on synthetic media. Analysts have to read the narrative, classify the role of AI, and connect it to known fraud categories. That creates noise, but it also reflects reality: AI fraud is not one crime. It is an accelerant across many crimes.

The phrase “AI-generated scams” can mislead if it suggests that the entire fraud is built by a model with little human involvement. The more common pattern is hybrid. A human criminal chooses the target, payment path and psychological pressure. AI supplies cheap content, plausible identity signals, faster conversation, fake media, translation, and scale. The scam remains human-directed, but the cost of producing credibility drops.

That cost drop is the central economic fact. A scammer who once needed fluent English, a convincing accent, graphic-design skill, a paid actor, a stolen document template, or a large call-center staff can now assemble pieces with consumer or underground tools. The FBI warned in 2024 that generative AI reduces the time and effort needed to deceive, and can correct spelling, grammar and contextual mistakes that once helped victims spot fraud. In fraud, small production improvements matter. A slightly better email, a more convincing profile photo, a voice that sounds familiar for five seconds, or a video that looks official can push a victim across the line from suspicion to payment.

AI is not a scam category by itself

The most useful way to understand the FBI data is to separate fraud type from fraud technology. Investment fraud is a type. Romance fraud is a type. Business email compromise is a type. Government impersonation is a type. Employment fraud is a type. AI is a production and persuasion layer that can sit inside all of them.

That distinction helps explain why the IC3 report counted AI references across many complaint types rather than treating AI as one box. Investment complaints dominated the AI-linked loss picture, but the report also listed confidence and romance scams, business email compromise, employment scams, phishing, tech support scams, extortion, government impersonation, identity theft, real estate fraud, ransomware references and other categories.

The same model can write a romance message, produce a fake customer-service reply, draft a payroll-diversion email, generate a fake investment newsletter, translate a government-agent script, or help create a credible job posting. A voice model can mimic a daughter, a CEO, a bank employee or a federal agent. Image generation can produce a profile photo, a synthetic badge, a fake trading screenshot or a fabricated disaster image for charity fraud. Video tools can create fake endorsements or simulated calls.

Fraud investigators tend to follow money, accounts, devices, IP addresses, wallets, payment flows and communications. AI complicates the communications side. It does not erase the money trail, but it can improve the lie that sends money into the trail. That is why the most promising defense is not “spot the fake.” It is verified process: call back on a known number, slow down urgent payment demands, require out-of-band approval, use family code words, refuse crypto payments demanded by strangers, and preserve evidence quickly.

The FBI’s 2024 warning about generative AI listed text, images, audio and video as separate tools used by criminals. Text could generate fake social profiles, phishing messages, fraudulent websites and chatbots. Images could create fake IDs, false credentials, personas and manipulated charity material. Audio could clone public figures or loved ones. Video could simulate real-time calls with executives, law enforcement or authority figures. Those categories map directly onto the IC3 complaints that surfaced in 2025.

The word “deepfake” often receives the attention because video is dramatic. Text is probably more pervasive. A scammer may send hundreds of messages before a voice or video appears. Language models let scammers maintain long conversations, adapt to a victim’s objections, produce softer emotional phrasing, and avoid obvious translation mistakes. The victim may never see a deepfake video. They may be worn down by fluent, patient, personalized writing.

That writing can be paired with stolen data. A criminal who knows the victim’s employer, family members, recent travel, LinkedIn history, property records or breach-exposed phone number can produce messages that feel tailored. The AI model does not have to “know” the victim independently. It only has to turn available data into believable conversation. That makes data brokers, breaches, social media posts and public records part of the scam supply chain.

The strongest public message is not that every phone call or video is fake. It is that perceived authenticity is no longer enough to authorize money movement, identity disclosure or account access. That is uncomfortable because daily life depends on quick trust signals. A voice, logo, badge, website, email thread, profile image or caller ID once carried more weight. In the AI scam era, those signals still matter, but they cannot stand alone.

The first official AI breakout changes the policy debate

The FBI’s AI section arrives at a time when regulators, consumer agencies and financial institutions are trying to write rules for a threat that changes faster than rulemaking. The FTC has already moved against impersonation scams through a rule that prohibits materially false impersonation of government entities, businesses, and their officers or agents. The agency has also warned that voice cloning can intensify family-emergency scams.

The SEC, FINRA and state securities regulators have warned investors that fraudsters use AI themes and AI-generated media to make scams appear legitimate. They caution against unregistered platforms, guaranteed returns, “can’t lose” trading claims, and impersonation of regulators or company leaders. Those warnings matter because investment fraud carried the largest AI-linked losses in the IC3 data.

FinCEN has also warned financial institutions about deepfake media targeting identity verification and account onboarding. Its 2024 alert described suspicious activity reports tied to fake or altered documents, synthetic identities, webcam manipulation, liveness-bypass attempts and account activity that can launder fraud proceeds. That is a different part of the same problem. Fraud is not only a victim conversation. It is also account creation, identity proofing, payment movement, laundering and cash-out.

The Treasury Department has pushed the financial sector to manage AI-specific cybersecurity and fraud risks, including gaps between large and small firms, information-sharing problems, digital identity challenges and the need for coordination across regulators and institutions. Those points are not abstract. A large bank may have fraud-detection teams, transaction monitoring, behavioral analytics and 24-hour response. A small community institution may have fewer tools. Criminals notice the difference.

Policy debates often lag behind criminal adaptation because enforcement tools are organized by legal category, while scams are organized by opportunity. A criminal does not care whether a synthetic voice should be regulated as biometric data, deceptive practice, identity theft, cybercrime, wire fraud, platform abuse or AI safety failure. The criminal only needs a usable path from trust to payment.

The IC3 number gives agencies a shared reference point. It gives lawmakers a way to ask whether banks, telecom providers, social platforms, crypto services, app stores, payment processors and AI companies are doing enough. It gives consumer advocates a way to argue for stronger defaults, not only education. It gives companies a way to justify tighter payment controls that employees may dislike. It gives journalists a benchmark that separates real growth from panic.

The risk is that policymakers chase the most theatrical example. A spectacular deepfake video of a celebrity or president will draw attention, but everyday fraud may cause more losses through ordinary messages and calls. The policy target should be the fraud chain, not only the synthetic media artifact. That means identity proofing, payment delays, recovery channels, platform takedowns, SIM swap defenses, account-mule detection, crypto cash-out monitoring, and better reporting pipelines.

Generative AI companies also sit in the chain, but not always in an obvious way. A scammer may use mainstream tools, open-source models, stolen accounts, jailbroken systems, custom underground tools or models run locally. Safety filters on large consumer products matter, but criminals can migrate. That is why content provenance, model safeguards, platform enforcement and financial controls need to work together. No single layer can carry the load.

Investment fraud is where the AI loss number gets heaviest

The IC3 report tied more than $632 million in adjusted losses to AI-nexus investment fraud, while overall investment scams in 2025 exceeded $8 billion in reported losses. The FBI described criminals using AI to manage thousands of conversations, generate promotional media, and produce videos or voices of celebrities, executives and trusted figures to create confidence in fake opportunities.

Investment fraud is a natural fit for AI because it rewards patience, volume and polish. A victim rarely sends life savings after one message. The criminal must build trust, answer objections, display fake gains, explain withdrawals, introduce tax or fee demands, and keep the victim from consulting outsiders. AI supports every part of that path. It can produce market commentary, fake analyst notes, customer-service messages, trading-platform copy, social-media posts, testimonials and replies that sound calm under pressure.

The classic crypto investment scam often begins with a casual message, a dating-app connection, a social-media group, a WhatsApp introduction, or a fake opportunity pitched by someone posing as a successful trader. The victim sees a platform, dashboard or app that appears to show gains. The first withdrawal may work, which lowers suspicion. Larger deposits follow. When the victim tries to withdraw more, the platform demands taxes, fees, compliance deposits, liquidity payments or identity checks. The money is already gone.

AI makes these schemes more durable because it fills the gaps that used to reveal the lie. A fake trading platform can have polished support copy. A fake mentor can answer questions at any hour. A scam group can include many generated identities praising the same opportunity. A deepfake video can show a recognizable executive or celebrity promoting a trading system. A synthetic voice note can add warmth to a relationship that has existed mostly through text.

The SEC and FINRA have warned investors that AI terminology itself is being used as bait. A fraudulent platform can claim to use AI trading, AI arbitrage, AI crypto signals, or machine-learning strategies that “remove risk.” Regulators say high guaranteed returns, pressure to act quickly, unlicensed sellers, and promises of low or no risk remain red flags no matter how advanced the pitch sounds.

The harm is not only financial. Investment scams often turn victims into repeat payers. A person may borrow from family, liquidate retirement accounts, refinance property, take personal loans, or sell assets. The criminal narrative adapts each time: pay a tax, unlock a withdrawal, satisfy a regulator, prove account ownership, cover gas fees, pay anti-money-laundering clearance, or deposit more to preserve an account. AI-generated communication can keep the pressure smooth and credible.

The FBI’s Operation Level Up shows why proactive intervention matters. The program has notified thousands of crypto investment fraud victims and reported hundreds of millions of dollars in estimated savings by reaching people while scams are still active. That approach treats fraud as a live harm, not only a post-loss complaint. It recognizes that victims may still be in contact with criminals and may still believe the platform is real.

For investors, the defense is not technical expertise. Few people can inspect a platform backend, verify every testimonial, or identify a synthetic video under stress. The safer rule is procedural: do not invest through a platform introduced by a stranger, romantic contact, messaging-app group, or unsolicited social-media pitch; verify registration independently; and treat guaranteed returns as evidence of fraud, not confidence. If the pitch depends on secrecy, urgency or moving to encrypted messaging, the danger rises.

Voice cloning turns recognition into a trap

Voice has special power because it bypasses analysis. A person who hears a daughter crying, a parent panicking, a spouse asking for help, or a boss issuing urgent instructions does not respond like a fraud analyst. They respond as a family member or employee. That is why voice cloning has become one of the most emotionally dangerous forms of AI-enabled fraud.

The FTC warned as early as 2023 that scammers could take a short audio clip from social media, feed it into a voice-cloning tool, and use the result in a family-emergency scam. Its advice was blunt: do not trust the voice alone; call the person back on a known number; contact another family member; and treat requests for wire transfers, cryptocurrency or gift cards as scam signals.

A widely reported case from San Francisco illustrates the pressure. Deborah Del Mastro told ABC News she received a call from someone claiming her daughter had been kidnapped, heard what sounded like her daughter’s voice, and wired more than $5,000 before later learning her daughter was safe at work. The point is not that every element of that incident can be forensically proven from the outside. The point is that the victim experience matches the warning agencies have been issuing: a familiar voice, a threat, speed, isolation and payment.

Voice cloning does not need perfection. It needs enough familiarity for a few emotional seconds. A panicked call has poor audio. A supposed kidnapper may interrupt. The loved one may cry, whisper, scream or speak briefly. The victim is not comparing clean audio samples. They are trying to rescue someone. In that setting, a rough clone can work.

Consumer Reports assessed AI voice-cloning products in 2025 and found that most products it examined lacked meaningful safeguards to prevent misuse. Academic research is moving in the same direction. One study of synthetic voices in vishing scenarios found that participants struggled to distinguish human from AI-generated voices, with many synthetic clips labeled human by most listeners. These findings support a practical conclusion: human ears are not a reliable security control.

The family code word has returned because it is low-tech and resilient. The FBI and FTC have both suggested family verification phrases or secret words in the face of AI impersonation threats. A code word does not require software, subscriptions or forensic tools. It creates a shared authentication ritual. It also gives a frightened person a script: ask for the phrase, hang up, call back.

The same idea works inside companies. An executive voice message should not authorize a payment. A finance employee should have a written rule that no urgent payment, vendor-bank change or payroll redirection is approved by voice alone. The policy should be stronger than the voice. Employees should not have to decide whether the CEO sounds real. They should be able to say, “The process requires independent verification,” and know leadership will back them.

The discomfort is that verification feels rude during a real emergency. Fraudsters rely on that discomfort. They frame delay as betrayal: your daughter will die, your account will close, your boss will be angry, the FBI will arrest you, the deal will vanish. A practiced verification habit turns delay into duty. The safest response to an urgent voice demand is not disbelief. It is authentication.

Government impersonation grows more dangerous when the voice sounds official

Government impersonation has always carried authority. A caller says they are from the FBI, IRS, Social Security Administration, Medicare, local police, a court, customs, immigration, or a financial regulator. They use case numbers, badge numbers, legal terms and threats. AI can add a synthetic voice, fake video call, forged badge, official-looking documents and polished follow-up messages.

The FBI’s 2025 report and related reporting show government impersonation as a serious loss area. The bureau’s broader IC3 data counted tens of thousands of government impersonation complaints, and The Independent reported that such complaints rose to more than 32,000 in 2025, up from about 17,000 in 2024. The same report described a 93-year-old Ohio woman who lost $1.5 million after scammers posing as FBI agents pushed her to drain accounts and use crypto ATMs.

This type of scam works because the criminal reverses normal civic trust. Law enforcement and regulators are supposed to protect people from fraud. The scammer uses that assumption to create obedience. Victims are told their identity was stolen, their bank account is compromised, their Social Security number is linked to crimes, or their money must be moved to a “safe” account. They may be told not to speak with family, bankers or local police because the case is secret.

Real agencies do not demand cryptocurrency, gift cards, cash courier deliveries, gold bars, wire transfers to “safe” accounts, or secrecy from family. They do not ask citizens to move money to prove innocence. They do not require payment through a crypto ATM. Those rules sound obvious in calm conditions. They are less obvious when a caller has personal information, an official tone, a badge image and a threat of arrest.

The FTC’s impersonation rule gives the agency clearer civil enforcement authority against business and government impersonation. The agency has also reported billions in consumer losses from imposter scams. Enforcement matters, but individual prevention still has to be simple. A person who receives a threatening government call should hang up and contact the agency through an independently found official number or website. The number provided by the caller is part of the scam.

AI video can make government impersonation more dangerous because victims may assume a live video call proves authenticity. The FBI’s generative AI warning specifically noted that criminals can use AI-generated video to pose as law enforcement or other authority figures in real-time fraud schemes. That means the public must retire a once-reasonable belief: seeing a face on a screen does not prove that the person has the authority they claim.

For older adults, this risk can be severe. Many seniors grew up in a communication culture where government letters, official voices and formal titles carried weight. They may also have more savings, less comfort with crypto or online banking, and more fear of losing benefits. Scammers exploit all of it. The practical response is family planning before a crisis: agree that no government money demand will be handled alone, and that any urgent call must be verified through a second person.

Government impersonation is also a business risk. Fake regulators can request documents, credentials, vendor information or payment. Fake law-enforcement requests can target platform trust-and-safety teams. Fake procurement officials can lure suppliers into invoice fraud. AI makes the paperwork and tone better. The defense is the same: known channels, documented process, callback rules, legal review, and refusal to treat urgency as authority.

Business email compromise is no longer only about email

Business email compromise, or BEC, has long depended on impersonation. A finance employee receives an email that appears to come from an executive, vendor, lawyer, client or payroll authority. The message directs a wire transfer, bank-account change, invoice payment or sensitive data release. Traditional BEC often relied on compromised email accounts and careful social engineering. AI expands the toolbox.

The FBI’s AI section reported more than $30 million in BEC losses tied to AI-referenced complaints. That figure should not be read as the full AI risk to businesses. A successful BEC complaint may not mention AI if the victim sees only an email thread. A compromised vendor account can look ordinary. A payment instruction may be generated by AI without any visible synthetic media.

AI affects BEC in three ways. It improves writing. It improves impersonation across channels. It creates supporting artifacts. A fraudster can scrape executive bios, press releases, LinkedIn posts and prior emails, then produce messages that match tone and context. They can add a voice call that sounds like an executive. They can create a fake video meeting if an employee asks for confirmation. They can draft vendor invoices, legal letters or transaction explanations.

The NSA, FBI and CISA warned organizations that deepfake technology can impersonate leaders and financial officers, support fraudulent communications, damage brands and create access opportunities. Their guidance emphasizes planning, training, reporting, authentication and layered defenses rather than asking employees to act as deepfake examiners. That is the right emphasis. A payroll clerk cannot be expected to run media forensics during an urgent payment request.

The defense for BEC is procedural resilience. A company should not ask employees to decide whether a CEO’s voice sounds real. It should require callback verification through a known internal number, dual approval for payment changes, waiting periods for new vendor bank details, separate confirmation for payroll changes, and logging of exceptions. The rule must apply even when the request appears to come from the most senior person in the company.

AI also raises the stakes for small businesses. Large companies may have treasury controls, anti-fraud teams and cyber insurance. Small firms often rely on personal trust. The owner texts the bookkeeper. The vendor emails a new account. The accountant calls after hours. Those habits are efficient until a criminal studies them. AI lowers the cost of that study.

The most exposed business moments are predictable: invoice changes, urgent wire transfers, payroll-routing updates, M&A closings, real estate closings, tax-season payments, legal settlements, executive travel, vendor onboarding, and after-hours emergencies. A good policy treats these as high-risk events regardless of message quality. The trigger for verification should be the action requested, not whether the message looks suspicious.

The shift from email to multi-channel deception also changes employee training. Old training told people to look for typos, strange phrasing and bad logos. Those clues still appear in lazy scams, but AI removes many of them. Training should teach employees to notice payment pressure, secrecy, channel switching, new account details, requests outside normal workflow, and attempts to bypass controls. The process matters more than the polish.

Employment scams show the hidden access problem

The FBI’s 2025 AI data listed hundreds of employment-related AI complaints and nearly $13 million in adjusted losses tied to employment scams. Employment fraud often looks smaller than investment fraud because individual losses may be lower. Its hidden risk is access. A fake job can steal identity documents, bank details, tax forms, remote-work equipment deposits, or login credentials. A fake worker can enter a company.

AI supports both sides of employment deception. Scammers can create fake job postings, recruiter personas, company websites, offer letters, onboarding portals and interview scripts. They can conduct chats in polished English, generate contracts, and answer questions about benefits or remote-work policies. Victims may pay for equipment, background checks, training, certifications or “refundable” fees. They may hand over Social Security numbers, bank details and scans of identification documents.

Employers face a parallel risk: fake applicants. Synthetic identities, generated resumes, AI-written cover letters, deepfake interview videos and proxy interview schemes can help a malicious actor pass early hiring screens. The goal may be payroll fraud, data theft, source-code access, insider access, or espionage. The line between employment scam and cybersecurity incident becomes thin.

FinCEN’s alert on deepfake media described criminals using fake or altered identity documents and synthetic media to bypass identity verification at financial institutions. Similar methods can pressure corporate hiring systems. If a company’s remote onboarding relies heavily on document upload, video call appearance and automated checks, the attacker’s job is to produce credible artifacts. AI makes that cheaper.

Job seekers should treat remote hiring that moves to personal messaging apps, asks for money, sends checks for equipment purchases, or requests sensitive data before a verified offer as high risk. Real employers do not require new hires to buy equipment from a specified vendor with a fake reimbursement check. They do not conduct all hiring through anonymous messaging accounts. They do not send payroll forms before the candidate can verify the company and role through known channels.

Employers should stop treating AI-written applications as the main issue. The bigger problem is identity and access. A fake applicant with clean language is not dangerous because the resume reads well. They are dangerous if the company grants network access, customer data, internal chat, code repositories, payment systems or production environments before identity and role legitimacy are verified.

This is where HR, security and legal teams need tighter coordination. Hiring systems were built for speed and candidate experience. Fraud defense requires some friction. The right friction should sit at high-risk points: identity proofing, device provisioning, privileged access, payment setup, contractor onboarding and role changes. A company does not need to treat every applicant like a criminal. It does need to recognize that remote work turned identity into a security boundary.

Employment scams also exploit economic stress. People who need work are less able to ignore a promising offer. Scammers use that pressure. They promise fast hiring, flexible remote income, easy tasks, high pay for low skill, or urgent onboarding. AI makes the offer look professional. The defense is verification through the employer’s real website, known HR contacts, official email domains, and refusal to pay money to get paid.

Romance and confidence scams become harder to break

Confidence and romance scams depend on emotional isolation. The criminal builds a relationship, creates a private world, and turns affection into payment. The FBI’s AI section linked more than $19 million in adjusted losses to confidence and romance complaints with AI references. That number captures only cases where the AI role surfaced. The real exposure is likely higher because many romance victims never know whether a profile photo, voice message or video was synthetic.

AI is useful in romance fraud because conversation is the product. The scammer must appear attentive, patient, emotionally fluent and available. Language models can help maintain many conversations across time zones. Image tools can create profile photos. Voice cloning or synthetic voice tools can add intimacy. Video manipulation can explain why a person appears briefly on camera but cannot meet in person.

The old warning signs still matter: military deployment, offshore work, medical emergencies, customs fees, inheritance problems, sudden travel obstacles, and requests to move to private messaging. AI changes the texture. A fake partner may write better than old scam scripts, remember details, adapt to the victim’s mood and generate believable daily messages. The relationship can feel less scripted.

Romance scams often merge with investment fraud. A victim believes they have met a partner who is financially savvy, generous and patient. The partner introduces a crypto platform, trading opportunity or “short-term” investment. The romantic bond lowers skepticism. The platform shows gains. The victim deposits more. The relationship and investment fraud reinforce each other.

This hybrid is especially damaging because advice from outsiders can be framed as jealousy, ignorance or interference. The scammer tells the victim that family will not understand, banks are blocking opportunity, or regulators are trying to control them. AI-generated messaging can sustain that manipulation for longer. The victim is not only being misled about money. They are being pulled away from independent verification.

Dating platforms and social networks face a hard moderation problem. They can detect some fake accounts, repeated text, suspicious images and off-platform movement, but scammers adapt. AI-generated photos may not match known stolen images. A model can vary messages. A human controller can intervene when a victim becomes high value. Platforms should not promise perfect detection. They should make suspicious off-platform movement, investment solicitation and repeated money requests easier to flag and interrupt.

Victims need a nonjudgmental exit path. Shame keeps people inside romance scams. A family member who says “you were foolish” may push the victim back to the scammer. A better approach is evidence-based: preserve messages, stop sending money, contact the bank, report to IC3 and the FTC, verify images and stories where possible, and get outside help before confronting the scammer. The goal is to reduce loss, not win an argument.

The cultural challenge is that loneliness is not a software bug. AI romance fraud exploits real human needs. Better detection will help, but it will not erase the vulnerability. The strongest prevention message is direct: a person you have not met in real life should not control your investments, receive emergency money, or ask you to keep secrets from people who care about you.

Distress scams turn panic into payment

The FBI’s AI section identified more than $5 million in adjusted losses tied to distress scams with AI references. Distress scams include fake kidnappings, fake accidents, fake arrests, fake hospital emergencies and urgent family crises. They work because they compress time. The victim is told that delay will cause harm.

AI’s role in distress scams is straightforward and cruel. A criminal can use a cloned voice, altered photo, generated proof-of-life image, fake video, or fabricated chat message to make the threat feel real. They can scrape social media to learn names, travel plans, school affiliations, family relationships or recent posts. A parent who knows their child is traveling may be more likely to believe a kidnapping claim. A grandparent who hears a familiar voice may act before calling anyone else.

The FBI warned in 2025 that criminals were using altered photos from social media or public sites as fake proof-of-life media in virtual kidnapping and ransom scams. The bureau said criminals may send convincing photos or videos, demand ransom, and time communications to limit scrutiny. This is a natural evolution from voice-only emergency scams. The criminal supplies just enough evidence to block rational delay.

The practical defense has to be rehearsed before panic. Families should choose a code word, agree that urgent payment demands will be verified, and keep alternate contact routes. Parents should talk with children and older relatives about the exact scam pattern: a caller may say “do not hang up,” “do not call anyone,” “I will hurt them,” or “law enforcement is involved.” Those commands are designed to isolate the victim.

The code word should not be posted, guessed from family jokes, or stored in a shared social-media caption. It should be simple enough to remember under stress and uncommon enough to be useful. Some families may prefer a question whose answer is known only to close relatives. The format matters less than the habit.

Calling back is powerful. If a caller claims a loved one is in danger, hang up or keep the line open on one phone while using another device to call the loved one, their workplace, school, roommate, partner or another family member. If a kidnapper refuses any verification, that refusal is evidence. Real emergencies can survive a verification call. Scams often cannot.

Law enforcement agencies encourage reporting even when money is not lost, because reports help map numbers, scripts, wallets, accounts and patterns. A near miss can be useful intelligence. It can also help protect other families. Reporting does not guarantee recovery, but silence guarantees that investigators see less of the pattern.

Distress scams expose the core truth of AI fraud: the danger is not only that fake media looks real; the danger is that real fear leaves little time to inspect it. The public should not be trained to become forensic analysts. People should be trained to pause, verify and refuse payment channels that criminals prefer.

Synthetic identity pushes fraud through the front door

AI fraud is often imagined as a message sent to a victim. In finance, the threat often begins before the victim is contacted. Criminals can use synthetic identities, forged documents, manipulated selfies, altered videos, stolen personal data and generated images to open accounts, pass onboarding checks, receive stolen funds or move money.

FinCEN’s 2024 alert described deepfake media targeting financial institutions, including false identity documents, attempts to defeat identity verification, and suspicious account activity that may indicate the use of generated or altered media. It said generative AI has reduced the resources needed to create high-quality synthetic content and can make that content hard to distinguish from authentic media.

This part of the fraud chain matters because scams need infrastructure. A fake investment platform needs receiving accounts. A romance scam needs money mules. A government impersonation scheme needs cash-out paths. A BEC scheme needs accounts that can receive wires before funds are moved again. If criminals can open accounts more easily with synthetic or stolen identities, victim-facing scams become easier to monetize.

Identity verification systems were not built for a world where faces, documents and videos can be generated or altered cheaply. A scanned driver’s license, selfie video or liveness check can still stop many criminals, but the arms race is real. Attackers look for weak vendors, poor implementation, low-friction account types, reused documents and institutions with slower fraud response. They also use real stolen identities where synthetic content fills missing pieces.

FinCEN’s red flags include inconsistencies in documents, suspicious use of webcam plugins, refusal to use multi-factor authentication, possible AI-generated face matches from reverse-image tools, device or geographic anomalies, and rapid transaction activity after account opening. No single signal proves fraud. Clusters matter. A new account opened with odd media artifacts and followed by fast transfers to high-risk payees deserves scrutiny.

The financial sector faces a balancing problem. Too little friction allows fraud. Too much friction locks out real customers, especially people with thin credit files, disability-related access needs, older documents, rural connectivity issues or limited digital literacy. AI fraud should not become an excuse for blanket suspicion. It should push institutions toward risk-based checks that intensify when signals cluster.

Banks, fintechs and crypto services also need better sharing of fraud patterns. A receiving account used in one scam may touch multiple victims and institutions. A wallet address, mule account, device fingerprint, phone number or domain can appear across cases. Privacy and legal constraints are real, but the current fragmentation helps criminals. The Treasury Department has noted the need for stronger collaboration and shared approaches to AI-related cybersecurity and fraud risks in finance.

For consumers, synthetic identity risk can feel distant until an account is opened in their name. The defensive basics still matter: freeze credit where appropriate, monitor accounts, use multi-factor authentication, treat unexpected verification codes as danger signs, and act quickly on unknown account notices. AI may create better fake documents, but stolen real data remains fuel.

Crypto is not the cause, but it is a powerful cash-out rail

AI does not need cryptocurrency to produce losses. Victims lose money through wire transfers, ACH, payment apps, gift cards, cash couriers, checks, gold, and credit-card payments. Crypto deserves special attention because it is common in investment fraud, difficult for victims to understand, fast to move across services, and hard to recover once transferred.

The FBI’s 2025 press release reported cryptocurrency-related complaints totaling more than $11 billion in losses, with investment fraud playing a central role. The relationship between AI and crypto is practical. AI makes the pitch more credible. Crypto makes the payment path attractive to criminals. A fake AI trading bot, fake crypto exchange, fake wallet support agent or fake regulator can push victims to send assets to addresses the criminal controls.

Crypto ATMs add another risk. Government impersonators and tech-support scammers often direct victims to deposit cash into crypto ATMs. Victims may be told the funds are being protected, transferred to a safe government wallet, or used to clear a case. Once sent, recovery is difficult. Some operators and states have introduced warnings and limits, but criminal scripts adapt.

Payment irreversibility is one reason urgency is so dangerous. A scammer wants the victim to act before a bank, family member, platform or law-enforcement agency can intervene. AI-generated conversation can keep a victim engaged while transfers are made. A fake support agent can explain delays. A fake compliance officer can demand another payment. A fake FBI agent can insist the victim remain on the phone.

Banks and crypto exchanges can reduce harm when they intervene at the right moment. Transaction warnings, cooling-off periods, scam-risk prompts, limits on first-time transfers, monitoring for mule accounts, and rapid account freezes can interrupt loss. These controls must be tested carefully. A generic warning that appears on every transaction becomes background noise. A warning tied to a specific pattern—first crypto transfer after a government-agent call, for example—has more force.

Operation Level Up shows the value of live intervention. FBI victim notifications have reportedly helped prevent hundreds of millions in losses by reaching potential victims during active crypto investment fraud. That model should influence private-sector design. Fraud prevention is not only blocking bad accounts. It is also finding victims who are still persuadable before the next payment.

The message for consumers is plain: a government agency, legitimate investment firm, bank fraud department or romantic partner should not instruct you to move money into cryptocurrency under pressure. If the request includes secrecy, urgency, a QR code, a crypto ATM, a “safe wallet,” or a promise that payment will unlock funds, stop and verify through independent channels.

Crypto is often blamed as if it created fraud. Fraud existed long before Bitcoin. The better claim is narrower: crypto gives certain scams a fast, cross-border cash-out method that pairs well with digital persuasion. AI improves the persuasion. The payment rail improves the criminal’s odds of keeping the money. Defense must address both.

The complaint categories show AI spreading across the fraud map

The 2025 IC3 AI section is useful because it does not reduce the problem to one headline number. It shows AI references appearing across investment fraud, extortion, personal data breaches, phishing, harassment, employment scams, romance fraud, non-payment schemes, tech-support fraud, identity theft, government impersonation, BEC, real estate fraud, ransomware references and more.

AI-related complaint categories in the 2025 IC3 report

The table groups only the AI-linked measures that IC3 broke out or highlighted. It should not be read as the full national loss by scam type; it shows reported complaints where AI was identified or suspected strongly enough to appear in the complaint record.

The category spread tells a simple story. AI is not replacing fraud categories. It is entering them. Extortion can use generated images. Phishing can use cleaner text. Employment scams can use fake recruiters. Tech-support scams can use synthetic call scripts or fake support pages. Identity theft can use altered documents. Real estate fraud can use polished emails and fake notarization artifacts. Ransomware affiliates can use AI-assisted social engineering even when the malware itself is unchanged.

This is why public education built around single examples will age quickly. If the warning is only “beware of deepfake celebrity investment ads,” people may miss fake job offers. If the warning is only “beware of cloned family voices,” businesses may miss fake vendor instructions. If the warning is only “beware of AI trading bots,” romance victims may miss the investment pivot. The durable warning is broader: any request for money, credentials, documents or secrecy should be verified by process, not by appearance.

The complaint categories also show why law enforcement needs narrative detail. A victim who files a report saying “I was scammed” gives less usable intelligence than a victim who saves messages, wallet addresses, phone numbers, emails, websites, account names, screenshots, call times, payment receipts and descriptions of synthetic media. Details help investigators connect complaints across victims.

The FBI’s advice to “take a beat” is stronger than it sounds. Pausing disrupts the emotional rhythm of fraud. A scammer’s script is designed for continuous pressure. When the victim hangs up, calls a known number, asks a family member, contacts a bank, or searches a regulator database, the scammer loses control of the environment. AI can generate better replies, but it cannot force the victim to remain inside the scammer’s channel.

The “worst AI” warning is about direction, not doom

The Independent reported expert concern that the AI tools used in scams today are likely the weakest version victims will face, paraphrasing the view that current AI is the worst AI society will ever use and current complaint numbers may be the lowest. The point is not that losses must rise forever. It is that capability, availability and criminal experimentation are all moving in the wrong direction for victims.

Generative tools improve in quality, speed and cost. Voice cloning needs less clean audio than it once did. Image generation produces fewer obvious artifacts. Video generation is becoming more accessible. Language models can sustain longer dialogue, handle objections, translate across languages, and create credible documents. Open-source models and local deployment reduce dependence on commercial safety filters. Criminal markets package tools for users with little technical skill.

Still, fatalism is not useful. Fraud losses are not determined only by AI capability. They are also shaped by bank controls, public awareness, reporting, payment friction, platform enforcement, telecom authentication, crypto compliance, identity proofing, law-enforcement capacity, family habits and corporate process. A better AI voice does not guarantee payment if the family code word fails. A better fake CEO video does not move money if payment policy requires dual approval through a known channel.

The future risk is less about one perfect deepfake and more about persistent synthetic interaction. A victim may be contacted by a fake recruiter, then a fake HR portal, then a fake payroll team, then a fake bank-support representative. An investor may interact with a fake mentor, fake customer support, fake compliance officer and fake regulator, all generated or assisted by AI. The fraud feels like an ecosystem rather than one message.

Voice-enabled AI agents raise another concern. Research has tested whether AI voice agents can perform common scam workflows, showing that automation could reduce the labor needed for phone-based fraud. Not every lab finding becomes a mass criminal method, but the direction is clear: scripts that once needed human callers can be partly automated, scaled or supported by AI.

AI also improves after failed attempts. A scam group can test scripts, translate them, refine objections, generate variants and learn which messages produce responses. Fraud has always used A/B testing in crude forms. AI lowers the cost of iteration. The victim sees one conversation. The criminal organization may have tested thousands.

The strongest response is to design defenses that do not depend on identifying the newest model. A family code word works against a crude clone and a polished clone. Independent callback works against a fake bank agent and a fake government agent. Dual approval works against a bad email and a convincing video. Transaction monitoring works against old scripts and AI-assisted scripts. Controls that survive better fakery are the controls that matter.

The “worst AI” warning should motivate preparation without panic. Panic helps scammers because it makes people reactive. Preparation does the opposite. It turns rare decisions into rehearsed steps. It gives victims permission to pause. It gives employees language to resist pressure. It gives banks justification to intervene. It gives policymakers a measurable harm to target.

Detection tools are useful, but they cannot be the main public defense

AI detectors have a role. Media-forensic tools, deepfake detection, voice analysis, image provenance checks, metadata review and pattern detection can help investigators, platforms and financial institutions. They are not a complete defense for ordinary victims. A person receiving a panic call from a supposed child cannot run a lab test. A bookkeeper receiving a fake CEO voice note cannot wait for forensic confirmation before the requested payment deadline.

The NSA, FBI and CISA deepfake guidance points toward layered detection and planning rather than blind faith in any one tool. It recommends media authentication, personnel training, incident planning, reporting, passive detection methods, visual and audio review, and stronger authentication for high-risk actions. The logic is sound: detection helps, but process and authentication carry more weight.

Detection also faces adversarial pressure. A tool trained to spot one generation method may fail against another. A scammer can compress audio, add noise, record through a phone speaker, crop video, use real stolen footage with synthetic overlays, or avoid media entirely and rely on text. A detector that works in a controlled setting may perform worse in messy real-world conditions.

False positives create a second problem. If an authentic emergency call is labeled suspicious, the consequences can be serious. If a real customer is rejected by an identity system because of lighting, disability, accent, camera quality or document age, the system causes harm. Fraud defenses have to manage both missed fraud and mistaken suspicion.

For consumers, the practical hierarchy is clear. First, verify through independent channels. Second, refuse irreversible payments under pressure. Third, preserve evidence. Fourth, report. Detection tools may support those steps, but they should not replace them. A person does not need to prove a voice is cloned before refusing to send crypto to a stranger.

For companies, detection belongs inside a broader control system. A deepfake-detection alert on a video call should trigger step-up verification, not a theatrical “gotcha.” A suspicious email should be linked to payment workflow controls. A flagged onboarding document should lead to manual review. Tools should create safer pauses.

The market for AI detection will remain noisy. Vendors may oversell accuracy. Organizations may buy tools to signal seriousness without changing payment rules. That would be a mistake. A detector that flags synthetic media after a wire is sent is less useful than a policy that stops the wire until an independent callback confirms it.

The public should also understand that “no detector flagged it” does not mean “it is real.” Absence of evidence is not authentication. A scammer may use real stolen media, human callers, or a mix of real and synthetic content. The right question is not only whether the content is fake. The right question is whether the requested action is safe.

Provenance helps, but it is not a fraud shield

Content provenance standards such as C2PA aim to create records showing where digital media came from and how it was changed. The C2PA technical standard is designed to establish origin and editing history for digital content. Provenance can help newsrooms, platforms, investigators and users assess media authenticity. It is a useful piece of the trust infrastructure.

It is not enough to stop scams. Many frauds do not rely on media that needs provenance. A scammer can use text. A real stolen photo. A real video clipped from another context. A live human caller supported by AI-written script. A fake website that does not present media credentials. A government impersonator can send a PDF that looks official but lacks provenance. A victim under pressure may not know how to inspect provenance even if it exists.

Provenance also depends on adoption. Cameras, editing tools, platforms, messaging apps and viewers have to preserve and display credentials. Criminals can strip metadata, screenshot content, re-record screens, or move to channels that do not display verification. A provenance system can show that a piece of media has a trustworthy origin. It cannot prove that a person requesting money is authorized, or that an investment platform is legitimate.

Research has raised concerns about the limits of relying on C2PA in high-stakes settings, including gaps between the promise of provenance and the messy ways media moves across tools and platforms. That critique should not be read as a reason to abandon provenance. It should be read as a warning against treating provenance as a single answer.

A more realistic role for provenance is triage. A news organization can use it to assess footage. A platform can use it to label media. A bank can use it as one signal in identity proofing. A user might notice when an image lacks credentials from a trusted source. Investigators can reconstruct media histories in some cases. Each use helps at the margin.

Fraud prevention still needs action-based controls. A C2PA credential on a video of a CEO would not justify a wire transfer if the request bypasses payment policy. A verified photo of a romantic interest would not justify sending money to a crypto platform. A real government seal on a page would not make a demand for gift cards legitimate. Authentic media can be used in false contexts.

The media-authenticity debate often assumes the core question is “Is this content real?” Scam defense asks a second question: “Even if this content is real, does the requested action make sense through a verified channel?” That second question is often safer.

Provenance will matter more as platforms display it in plain language. Users should not need to inspect technical manifests. A browser, messaging app or social platform could state whether a piece of media came from a known camera, was edited by known tools, or lacks origin data. Even then, the system must avoid turning missing provenance into automatic guilt. Much legitimate media lacks credentials.

Financial institutions need friction in the right places

Fraud prevention is often a fight over friction. Customers want speed. Banks want safety. Criminals want irreversible movement before anyone interrupts. AI shifts the balance because it makes fraudulent persuasion more convincing. A payment that once seemed irrational may now be backed by a polished story, realistic documents, a synthetic authority figure and a victim who believes they are acting wisely.

Financial institutions cannot rely only on customer education. Education is necessary but not enough. The person making the transfer may have been groomed for months. They may believe the bank is obstructing a legitimate investment. They may be on the phone with a fake agent while standing at a branch. They may have rehearsed answers the scammer supplied. A teller or fraud analyst needs procedures for that situation.

The most useful friction is targeted. Large first-time transfers to crypto exchanges, payments to newly added recipients, wires following account-takeover signals, repeated withdrawals after suspicious calls, sudden liquidation by an older customer, or transfers inconsistent with prior behavior all deserve risk-based review. The goal is not to block ordinary commerce. It is to slow the exact moments criminals exploit.

FinCEN’s deepfake alert offers financial institutions a typology mindset: look for clusters of identity, device, document, behavior and transaction signals, not one magic clue. That mindset applies beyond onboarding. A customer’s explanation may sound polished because a scammer wrote it. The transaction pattern may reveal more than the script.

Banks also need staff training that does not shame victims. A customer under scam control may become angry if questioned. They may believe the staff member is costing them money or putting a loved one in danger. Good intervention requires calm language, evidence, escalation paths and sometimes private conversations away from the phone. Branch staff should know when to call fraud teams or law enforcement.

Crypto services face a parallel duty. Exchanges and ATM operators can display warnings, monitor risky flows, flag wallet addresses, delay first-time withdrawals, and cooperate with law enforcement. The challenge is to distinguish legitimate self-custody from coercive scam transfers. That is hard, but not impossible. Patterns reveal much: newly created accounts, immediate outbound transfers, repeated small deposits from older victims, or wallets tied to known fraud clusters.

False positives must be handled with care. A customer has a right to use their money. Overbroad blocks can harm people and damage trust. The best systems combine risk signals, clear explanations, human review, appeal paths and documentation. Friction should be proportional to risk.

The financial sector’s strongest AI defense may be defensive AI, but only if it is tied to real intervention. Models can detect abnormal behavior, cluster fraud reports, identify mule networks, score risky transfers and flag synthetic identity signals. Those systems must be audited, governed and monitored. They should reduce harm rather than simply produce alerts that no one acts on.

Companies need payment rules that survive a perfect fake

A company that bases payment security on recognizing people is vulnerable to synthetic media. A finance employee may know the CEO’s voice. A controller may recognize a vendor’s writing style. An assistant may see a familiar display name. Those signals still help, but they should not authorize money movement by themselves.

The better rule is action-based. Any request for a wire transfer, payroll change, vendor-bank update, gift-card purchase, sensitive document release, credential disclosure, remote-access installation, or unusual secrecy should trigger verification. The rule applies even when the request appears to come from leadership. Especially then.

Fraud controls that still work when voices and faces can be faked

These controls work because they do not ask ordinary people to identify synthetic media under pressure. They move trust away from appearance and toward repeatable verification.

Corporate payment policies often fail because exceptions become normal. A senior executive travels. A deal is urgent. A vendor is angry. A client is waiting. A board member wants discretion. Scammers study these pressures. They time requests near holidays, closings, leadership travel, tax deadlines, M&A events and payroll cycles. AI helps them produce the right tone for the moment.

The policy must be explicit: no employee is punished for slowing a payment to verify it. Without that promise, lower-level employees will fear leadership more than fraud. A fake CEO does not need to defeat the policy if the real CEO has created a culture where questioning urgent requests is risky.

Vendor-bank changes deserve special treatment. Many BEC losses involve changing payment destination details rather than creating a new invoice from scratch. The vendor relationship is real, the invoice may be real, and only the account number is fraudulent. Verification should use a known contact from prior records, not the contact information in the change request.

Companies should also test their controls through exercises. A tabletop scenario involving a fake executive voice call, urgent acquisition payment, or synthetic vendor video can reveal gaps. Who approves the payment? Which channel is trusted? Who can override? Who calls legal? Who contacts the bank? A plan written after a loss is too late.

Security teams should partner with finance, HR, legal and executive offices. AI fraud crosses departmental lines. A fake applicant reaches HR. A fake invoice reaches finance. A fake subpoena reaches legal. A fake CEO reaches an assistant. A fake customer reaches support. The controls need shared ownership.

The best corporate message is short: we do not authenticate money movement by voice, video, email style or urgency. We authenticate it by process. That message should come from leadership before criminals test it.

The public has to retire old scam-detection habits

For years, people were told to watch for misspellings, awkward grammar, strange email domains and low-quality logos. Those clues still catch some scams. They are no longer enough. AI produces clean language and credible formatting. It can create patient replies. It can translate idioms. It can mimic official tone. It can remove the very mistakes people were trained to notice.

This does not mean every old rule is useless. Suspicious links, odd domains, unsolicited attachments, requests for gift cards, wire transfers and crypto remain danger signs. The change is that polished content should no longer lower suspicion when the requested action is risky. A perfect email can still be fraud.

CISA’s phishing guidance encourages organizations to address phishing early in the attack cycle and train employees to recognize suspicious requests, urgency and unusual links. In the AI scam context, training should shift from “find the typo” to “notice the pressure and verify the action.” The message needs to be less aesthetic and more behavioral.

The same applies to families. A realistic voice does not make a payment safe. A convincing video does not make a stranger trustworthy. A well-designed investment website does not prove custody or registration. An official-looking PDF does not prove a government case. The old trust cues have been weakened.

A useful personal checklist is short enough to remember:

Do they want money, credentials, documents, secrecy or remote access?

Are they creating urgency, fear, romance, authority or exclusivity?

Can I verify through a channel I choose, not a channel they provide?

That is enough to break many scams. It does not require knowing how neural networks work. It does not require detecting image artifacts. It focuses on the scammer’s goal.

The public also needs to understand that caller ID is not proof. Phone numbers can be spoofed. Display names can be faked. Email sender names can be misleading. Social-media verification marks can be misused or misunderstood. Search ads can lead to fake support pages. A victim who “checked” the wrong thing may feel safer while still inside the scam.

Public agencies often say “hang up and call back.” The advice is repeated because it works. The call-back number must come from an independent source: a bank card, official website typed directly, prior contact record, or known family number. A number given by the caller is contaminated evidence.

The hardest habit to retire is politeness. People do not want to hang up on a caller who sounds official or distressed. Scammers exploit social training. Fraud defense requires permission to be rude for a moment. Hang up. Verify. Apologize later if needed. A real bank, real agency, real child or real boss can survive a call-back.

Victims often stay trapped after the first payment

The first payment is rarely the end. Many scams are designed to keep the victim paying. Once a person has sent money, the criminal has proof of belief, available funds and emotional investment. The next step may be framed as a fee, tax, recovery cost, legal clearance, courier charge, account unlock, ransom increase or fraud investigation.

AI supports post-payment manipulation. A fake support agent can answer withdrawal questions. A fake regulator can explain why more money is needed. A fake romantic partner can reassure the victim. A fake FBI agent can claim the victim must cooperate in secret. A fake recovery service can promise to retrieve stolen crypto for an upfront fee. The second scam often begins before the first one ends.

Recovery scams deserve special attention. After a victim loses money, they may search for help and find firms or individuals claiming they can recover funds, trace wallets, hack scammers, or work with law enforcement. Some are legitimate service providers. Many are scammers. AI-generated websites, testimonials and documents make fake recovery services look professional. Victims who are desperate and ashamed are vulnerable.

The safest recovery path begins with the bank or payment provider, law enforcement reporting, IC3, the FTC where relevant, and legitimate legal advice for large losses. Crypto recovery is hard. Anyone promising guaranteed recovery for upfront payment should be treated with suspicion. Real investigators do not need victims to pay “release fees” to unlock funds from a blockchain.

Victims also need emotional support. Fraud produces grief, shame, anger, fear and denial. A person who has lost retirement savings may not tell family. A romance-scam victim may defend the scammer. An investment victim may send more money to avoid admitting the platform is fake. Family members and bank staff should expect resistance.

The FBI’s Operation Level Up noted that many victims contacted were unaware they were being scammed. That fact matters. Outsiders often assume victims know something is wrong but act anyway. In reality, many victims are inside a constructed narrative. The scammer has preloaded explanations for every warning.

Breaking that narrative takes evidence and care. Show the victim official warnings that match the pattern. Verify the platform registration. Test withdrawal claims without sending new money. Search exact wallet addresses, domains and company names. Contact the bank. Speak with law enforcement. The goal is to create enough doubt to stop the next payment.

AI makes the narrative more persistent, but it also creates more artifacts: messages, generated documents, domains, wallet addresses, synthetic media, fake support chats. Victims should save everything. Deleting messages out of shame can make investigation and recovery harder. Evidence matters even if funds cannot be recovered.

Platforms are part of the fraud chain

Social networks, dating apps, messaging services, video platforms, search engines, ad networks, app stores and domain registrars all appear somewhere in the AI scam chain. A fake investment ad may start on a social platform. A romance scam may move to encrypted messaging. A fake app may be distributed through a store or sideloading link. A deepfake celebrity endorsement may circulate as video. A phishing page may be found through search.

Platforms cannot catch every scam. They also should not become private police without accountability. Yet they control surfaces criminals use for reach, targeting, credibility and persistence. AI-generated content increases the volume and polish of scam material, which makes platform policy and enforcement more central.

The FBI’s 2024 generative AI warning described criminals using generated text for fake social profiles, messages and websites; generated images for fake personas and documents; generated audio for voice impersonation; and generated video for authority impersonation and investment fraud. Much of that material moves through mainstream platforms before the payment occurs.

Ad systems are a major concern. Paid placement can make a fake investment platform, fake government service, fake tech-support number or fake recovery service look legitimate. Search results and social feeds carry implicit trust. A user who clicks an ad for customer support may not realize the support number is fraudulent. AI-generated landing pages and fake testimonials make those ads harder to judge.

Platforms should focus on behavior as well as content. Repeated off-platform movement, investment solicitation from newly created profiles, use of generated celebrity endorsements, clusters of identical scam domains, suspicious advertiser identities, and complaints tied to payment fraud are actionable signals. Content moderation alone is too narrow.

Dating platforms face a special responsibility because romance scams develop slowly. They can warn users when a match pushes for money, crypto, investment, secrecy or external messaging. They can make reporting easier. They can share scam indicators where law allows. They can test warnings that appear at the moment a user is likely to move off-platform.

Messaging apps face a harder balance because privacy matters. End-to-end encryption protects users from surveillance and abuse, but it can also shelter criminals. Client-side warnings, user reporting, metadata-based abuse detection, account reputation and friction for mass outreach may reduce scam reach without reading private messages. The technical and civil-liberties tradeoffs need care.

App stores and domain registrars should tighten response for fraudulent investment apps, fake banking portals, fake government pages and recovery scams. Takedown speed matters. A scam platform may need only days to extract money from a victim. Slow abuse handling turns every delay into criminal revenue.

AI companies cannot solve this alone, but they cannot stand outside it

Generative AI developers often argue that fraud is a misuse problem, not the core purpose of their tools. That is partly true. Language, image, audio and video tools have legitimate uses. The same voice technology that can help accessibility or entertainment can clone a victim’s daughter. The same image tool that helps design can create fake credentials. The same chatbot that helps customer support can scale scam replies.

The dual-use nature of AI does not remove responsibility. It makes responsibility harder. AI companies can set limits on voice cloning, require consent for voice replication, watermark or label generated media where feasible, block obvious fraud prompts, monitor abuse patterns, rate-limit suspicious accounts, restrict high-risk capabilities, support provenance standards, and cooperate with law enforcement. None of these steps is perfect. Weakness is not an excuse for absence.

Consumer Reports’ assessment of voice-cloning products found gaps in safeguards across much of the market it reviewed. That finding matters because voice cloning has direct scam utility. A product that lets users clone a voice from a short clip without meaningful consent checks creates foreseeable risk. Even if criminals can find other tools, mainstream products should not make abuse easy.

Open-source and local models complicate enforcement. A bad actor can run tools outside major platforms. That reality strengthens the case for downstream controls at banks, platforms and telecom providers. It also means AI companies should not oversell safeguards as if they can eliminate misuse. They can reduce abuse on their systems, shape norms, and make some criminal workflows harder. They cannot stop every synthetic scam.

The AI industry should also help create standards for media provenance and consent. Voice cloning should have clear consent signals, audit logs and abuse reporting. Video generation should support traceable outputs where possible. APIs should include monitoring for high-risk use patterns. Enterprise customers should be able to configure controls for fraud-sensitive sectors.

The harder question is whether some capabilities should be restricted by default. Instant cloning of any voice from a few seconds of audio is a predictable fraud tool. Real-time face swapping in video calls has obvious impersonation risk. Document generation that can create realistic IDs crosses into direct abuse if not controlled. Companies should not wait for headline losses before treating these as high-risk features.

AI firms also have a public-education role. When a company releases a tool that changes what can be faked, it should explain the risks plainly. Vague safety pages do less than concrete warnings: do not trust urgent voice requests; use code words; verify payment requests; do not clone someone’s voice without consent; report misuse.

The right standard is harm reduction. A tool does not need to be the only source of abuse to justify safeguards. If it makes a harmful workflow cheaper, faster or more convincing, the developer has a role in making abuse harder.

Telecom and caller identity remain weak links

Many AI voice scams begin with a phone call. The synthetic voice gets attention, but the phone system often delivers the attack. Caller ID spoofing, cheap VoIP numbers, disposable accounts, SIM swaps and international routing all help criminals hide. Even a perfect family code word does not solve the broader telecom problem if scammers can reach millions of people cheaply.

Phone carriers and regulators have made progress on caller authentication, spam labeling and robocall enforcement, but scam calls remain common. AI voice tools make phone fraud more dangerous because they raise the perceived authenticity of a call that might once have sounded generic. A robocall can become conversational. A scammer can switch between human operators and AI-generated audio. A voice note can be sent through messaging apps to avoid live detection.

Telecom defenses need to focus on both volume and targeted impersonation. Mass scam calling can be detected through call patterns. Targeted voice-clone calls may not have high volume. A one-off call to a parent using a cloned child’s voice is hard for a carrier to identify from traffic alone. That is why carrier controls must be paired with public verification habits.

Banks and carriers should also treat phone number takeover as a fraud enabler. SIM swap or number-port fraud can give criminals access to verification codes, bank alerts and personal contacts. Once a phone number is compromised, AI-generated messages from that number become more credible. Multi-factor authentication that relies only on SMS is weaker than app-based or hardware-backed methods.

Government impersonation and bank-support scams often use spoofed numbers to appear legitimate. A victim sees the bank’s number on caller ID and believes the call is safe. The public needs a stronger norm: caller ID shows what the call claims to be, not what it has proven to be. A legitimate institution can be called back through a known number.

Messaging apps add another caller-identity challenge. A scammer can create an account with a familiar photo, display name and phone number from a compromised contact list. AI-generated profile content can fill gaps. Users need to treat new numbers, changed accounts and urgent requests with caution, even when the name is familiar.

Caller authentication standards are useful, but they are not visible enough for most consumers. Spam labels help, but many scam calls are not labeled. The user experience has to make verification easier. Banks could place secure in-app call verification where a customer can see whether an inbound call is genuine. Some institutions already offer call-status checks or secure messages. Those tools should become normal.

The phone remains powerful because it feels direct. AI makes it easier to fake directness. The safest future is one where high-risk phone interactions are authenticated through apps, account portals, call-back numbers and shared secrets, not through voice recognition.

Law enforcement needs faster reporting and better evidence

IC3 exists because online crime crosses jurisdictions. A victim in Ohio may send money to a wallet controlled through accounts opened overseas, after messages from a phone number registered elsewhere and a website hosted in another country. Local police may take the report, but federal aggregation is needed to connect patterns.

The FBI urges victims to report to IC3 and to document details. Speed matters. Banks may have limited windows to recall wires or freeze funds. Crypto tracing can sometimes follow assets, but fast laundering reduces recovery odds. Domains, phone numbers and accounts may disappear quickly. Reporting after weeks of silence is still worthwhile, but earlier is better.

Good reporting includes more than the loss amount. Victims should preserve emails, message threads, phone numbers, usernames, profile links, wallet addresses, transaction hashes, bank records, wire receipts, screenshots, fake documents, website URLs, app names, caller claims, voice or video recordings where lawful, and the timeline of events. Even a failed scam attempt can help.

AI-specific evidence should be described without overclaiming. A victim can say, “The voice sounded like my daughter and I suspect cloning,” or “The video appeared synthetic,” or “The profile photo looked generated.” They do not need to prove it. Investigators can decide how to classify the complaint. Clear description is better than certainty the victim cannot support.

Local police still matter. A local report may be needed for banks, insurers, credit bureaus or identity-theft recovery. It may also help protect other residents. But local reports alone may not reach national pattern analysis. IC3, the FTC and other relevant agencies each serve different functions. Duplicate reporting can feel tedious, but it spreads intelligence.

Businesses should have an incident checklist before a loss. Who contacts the bank? Who files with IC3? Who preserves email headers and logs? Who contacts cyber insurance? Who notifies counsel? Who freezes vendor records? Who contacts the real vendor or executive? A BEC incident becomes more damaging when the company spends the first hours deciding who owns the problem.

Law enforcement also needs private-sector cooperation. Banks, platforms, telecom providers, domain registrars, crypto services and AI companies may each hold part of the evidence. Legal process can be slow. Pre-established reporting channels and emergency procedures can preserve data before it vanishes.

Victims should be told a hard truth: reporting does not guarantee recovery. That truth should not discourage reporting. Reports build cases, identify patterns, support takedowns, inform public warnings and may prevent future losses. A single report may be one piece of a larger map.

Training alone is too weak for a synthetic fraud era

Education matters, but training cannot carry the whole fraud burden. People forget warnings under stress. Employees click when busy. Older adults panic during fake emergency calls. Investors rationalize red flags when apparent gains are visible. Romance victims protect the relationship. A company can train staff every quarter and still lose money if payment systems allow one employee to authorize a rushed transfer.

Research on anti-phishing training has found limits in real-world behavior, including evidence that some common training interventions do not produce the hoped-for improvement in clicking or reporting rates. That does not mean training is useless. It means training must be paired with safer systems.

Fraud-resistant design assumes mistakes will happen. A person may click a link, answer a call, believe a voice, or trust a fake profile. The system should still reduce loss. Multi-factor authentication can stop credential misuse. Payment approval can stop a wire. Bank monitoring can stop a transfer. App warnings can interrupt a crypto payment. Family code words can stop an emergency scam. Platform reporting can remove an account.

Training should also become more specific. “Be careful online” is not training. “Never approve a vendor-bank change through the email thread requesting it” is training. “No one in this company can override dual approval by voice message” is training. “If someone claims your child is kidnapped, ask the code word and call another family member” is training. Specific rules survive panic better than general awareness.

Scam simulations have value when they test process, not humiliation. An employee who fails a phishing test should not become a joke. The organization should ask why the process allowed danger. Was the link reachable? Did the email bypass filters? Was reporting easy? Did the employee know whom to call? Did workload or culture create pressure?

Families can run simple drills too. A family does not need to make it dramatic. Agree on the code word. Ask older relatives what they would do if a police officer called demanding money. Put bank and family callback numbers somewhere accessible. Talk about crypto ATMs. Explain that real agencies do not demand secrecy and payment.

Training must also avoid overconfidence. A person who believes they are too smart to be scammed may be more vulnerable to shame after a near miss. Fraud targets emotion, timing and context, not only ignorance. A cybersecurity expert can be fooled by a family emergency call. A finance professional can be groomed by a fake investment group. A lawyer can receive a fake court notice. The right attitude is not paranoia. It is disciplined verification.

The rise of AI scams should push organizations away from blame and toward design. A good fraud program does not ask humans to be perfect. It makes the dangerous action hard to complete without verification.

Older adults need protection without loss of autonomy

Older Americans are often discussed as fraud victims because they may hold retirement savings, be targeted by imposter scams, or face social isolation. The risk is real, but the framing can become patronizing. Older adults are not vulnerable because they are incapable. They are vulnerable because criminals target their assets, trust relationships, health fears, family bonds and respect for authority.

AI intensifies those tactics. A fake grandchild’s voice can trigger immediate fear. A fake Medicare call can sound professional. A fake FBI agent can create legal panic. A fake investment mentor can promise retirement security. A fake romance profile can exploit loneliness. The tools are new; the emotional levers are old.

The best protection preserves autonomy while adding verification. Families should not take over every financial decision unless a legal and personal need exists. They can create shared rules: no urgent government payment alone, no crypto ATM deposits, no gift cards for bills or bail, no large new investment without a second conversation, no secrecy from family around money demands.

Banks can help with trusted contacts, transaction alerts, view-only account access where appropriate, delayed high-risk transfers, and branch staff trained to identify coercion. These tools should be chosen with the older person, not imposed behind their back. Trust is more durable when the person understands the reason.

Community organizations also matter. Senior centers, libraries, faith groups, local police and healthcare providers can share plain warnings about voice cloning and government impersonation. The message should be repeated without ridicule. A person who has heard the pattern before is more likely to recognize it under pressure.

Older adults should be told that a scammer may know real family names. Public records and social media make that easy. A caller who knows a grandchild’s name is not proven legitimate. A voice that sounds familiar is not enough. A badge number is not enough. A demand for secrecy is a red flag.

Families should also plan for embarrassment. If an older relative sends money, the first response should be help, not blame. Blame teaches silence. Silence helps scammers. A family culture where mistakes can be disclosed quickly is a fraud defense.

The same principle applies to younger victims. Teenagers and young adults can be exposed to sextortion, fake jobs, social-media scams and AI-generated harassment. The content differs, but the defense culture is similar: report early, preserve evidence, do not pay, and do not let shame isolate you.

Teenagers and young adults face AI fraud through social pressure

AI scam risk is not limited to retirees. Younger people live inside the platforms where synthetic content spreads fastest: short-video apps, messaging platforms, gaming chats, dating apps, creator communities, freelance marketplaces and social networks. They may have less savings, but they can be exposed to extortion, identity theft, fake jobs, account takeovers, fake marketplaces and social manipulation.

The FBI’s AI complaint categories included extortion, harassment, stalking, personal data breach, employment scams and crimes against children descriptors. Those categories point to harms beyond investment loss. AI-generated images can be used for sexual extortion. Fake profiles can be used for grooming. Synthetic media can be used for harassment. AI-written messages can make phishing feel like normal platform communication.

Sextortion is especially dangerous because shame and fear move quickly. A young person may believe paying once will make the threat disappear. In reality, payment often increases demands. AI-generated or manipulated explicit images can worsen the fear because the victim may feel they cannot prove the media is fake. The safest advice is direct: stop contact, do not pay, preserve evidence, report to the platform and law enforcement, and tell a trusted adult.

Fake job and gig offers also target young adults. A remote assistant role, crypto trading assistant, content moderation job, mystery shopper gig or easy-money task may ask for banking details, identity documents or upfront payments. AI-generated recruiter messages and fake company pages make these offers look more credible. Job seekers should verify through official company domains and avoid any job that requires payment to receive wages.

Young adults may also be drawn into money mule activity without understanding it. A scammer may ask to use their account to receive funds, move crypto, cash checks or transfer money for a fee. The story may involve romance, employment, friendship or emergency help. AI-generated conversation can normalize the request. Moving money for someone else can create legal exposure even if the person feels like a helper.

Parents and schools should avoid fear-based lectures that teenagers tune out. The message should be practical: if someone threatens to share images, asks for money, offers easy income, requests account access, or wants secrecy, involve a real person immediately. A teen who fears punishment may hide the problem until it grows.

Platforms used by younger people need faster abuse response for AI-generated sexual material and impersonation. Victims should not have to navigate complex reporting forms while panicking. Clear pathways for urgent removal, preservation and escalation are needed.

AI fraud against young people may produce lower dollar losses than retirement fraud, but the emotional damage can be severe. A national conversation focused only on dollar totals will miss that harm.

The scam economy adopts new tools faster than institutions do

Criminal networks do not need board approval, procurement cycles, compliance reviews or public-comment periods. They test tools quickly. If a voice-clone tactic produces money, it spreads. If a fake investment dashboard works, it is copied. If a platform tightens controls, criminals shift channels. If a script gets stale, AI can generate variants.

Institutions move slower because they have obligations criminals do not. Banks must avoid discrimination and false positives. Platforms must balance speech, privacy and safety. Agencies need legal authority. Courts need evidence. AI companies need to support legitimate users while limiting abuse. That slower pace is frustrating, but it is part of operating lawfully.

The speed gap means defenses should favor adaptable principles. Verified callback, dual approval, family code words, payment cooling-off periods, risk-based monitoring, suspicious account detection, provenance where useful, and fast reporting do not depend on one specific scam script. They remain useful as tools improve.

Scam organizations also professionalize. Some groups specialize in lead generation. Others handle fake profiles, call scripts, payment collection, mule recruitment, laundering, domain registration, or victim recontact. AI can support each role. The person messaging the victim may not be the same person controlling wallets. That division makes enforcement harder.

Language barriers are shrinking. A fraud group can target victims in English, Spanish, French, German or other languages with better fluency than before. Translation errors once served as weak warning signs. AI reduces those errors. Diaspora communities may be targeted in their preferred languages with culturally specific scripts.

The cost structure favors attackers. Sending another message is cheap. Generating another profile is cheap. Creating another fake document is cheap. Victim time, bank review time, law-enforcement time and emotional recovery are expensive. This asymmetry is why prevention at choke points matters. Stopping a receiving account, fake domain or scam ad can protect many victims.

The criminal adoption curve also means today’s unusual case can become tomorrow’s routine script. Voice-clone kidnapping calls once sounded like edge cases. Now federal agencies warn about them plainly. Fake video calls with authority figures may follow the same path. Synthetic job interviews may become more common. Scam chatbots may become ordinary.

The answer is not to predict every tactic. The answer is to build verification habits that treat high-risk requests as untrusted until proven through independent channels.

AI also gives defenders better tools

AI is not only an attacker tool. Banks, platforms, telecom providers, law-enforcement analysts and security teams can use machine learning and AI to detect suspicious patterns, cluster complaints, identify mule networks, triage reports, summarize evidence, translate victim narratives, flag synthetic media signals, and spot abnormal transaction behavior.

The defensive advantage comes from scale. A single victim sees one scam. A bank sees millions of transactions. A platform sees account clusters. A telecom provider sees call patterns. A law-enforcement database sees complaints across jurisdictions. AI can help connect weak signals that humans would miss.

Payment providers can use models to detect scam-like transfer sequences: a newly added payee, a large first transfer, unusual device, recent password reset, customer age risk, and contact-center notes about a government call. A platform can identify clusters of accounts using generated profile images and pushing users to the same investment domain. Investigators can cluster wallet addresses and domains from many reports.

Defensive AI must be governed carefully. A fraud model can create false positives, discriminate through proxy variables, or block legitimate transactions. Institutions need testing, human review, appeal routes and documentation. The goal is not to let a model decide every case. The goal is to make investigators faster and interventions better timed.

The NIST AI Risk Management Framework offers a structured way for organizations to think about AI risks, including governance, mapping, measurement and management. Fraud-defense AI should be evaluated under that kind of discipline. A model used to protect consumers still needs accountability.

Research from digital payments also points to AI’s defensive potential. Work on scam intelligence in payments has explored agentic systems that collect and apply scam signals to improve enforcement outcomes. Such systems will not remove the need for human investigators, but they may help institutions move closer to scam speed.

There is a public-trust issue here. People may worry that fraud detection means surveillance. Institutions should explain what signals they use, how customers can appeal, and how privacy is protected. Secret systems that block payments without explanation will create backlash. Transparent risk controls are more durable.

Defensive AI should also support victims after loss. Automated tools can guide evidence preservation, generate report drafts, identify agencies to contact, and warn against recovery scams. A victim who is panicked and ashamed needs clear steps. AI could help produce those steps, provided it does not replace real human support where needed.

The phrase “AI versus AI” sounds dramatic, but the real contest is organizational. Defenders win when models are connected to authority, process and response. An alert that no one acts on is just data. A well-timed hold, call, takedown or victim notification can stop loss.

The legal system is chasing impersonation, not only technology

Fraud laws already cover much AI-enabled conduct. Wire fraud, identity theft, extortion, securities fraud, money laundering, unauthorized access and impersonation statutes can apply whether the message was written by a human or a model. The legal gap is not always that conduct is lawful. It is that attribution, scale, cross-border evidence and speed make enforcement hard.

The FTC’s impersonation rule is one attempt to sharpen civil enforcement around fake government and business identities. It prohibits material and false impersonation of government entities, businesses, and their officers or agents in commerce. That matters because AI makes impersonation more persuasive, but the deception itself remains the legal core.

Securities regulators face a similar issue. A fake AI trading platform may violate securities laws, commodities rules, state laws, consumer-protection laws or criminal statutes depending on structure. If the seller is unregistered and promises guaranteed returns, the AI label does not sanitize the conduct. The SEC, FINRA and state regulators have warned investors not to treat AI branding as proof of legitimacy.

Voice cloning raises consent and biometric questions. Some states have laws addressing biometric data, deceptive media, election deepfakes, right of publicity or voice likeness. Federal law remains patchier. Even with better laws, cross-border scam operations may be beyond easy reach. Domestic platforms and service providers may be easier regulatory targets than overseas fraud rings.

The law also has to protect legitimate uses. AI-generated satire, accessibility tools, dubbing, voice restoration, film production, customer support and education are not scams. A rule that bans every synthetic voice would be blunt and unrealistic. The sharper focus is consent, disclosure, impersonation, fraud, and high-risk uses tied to money or identity.

Civil liability may expand. Victims, regulators or prosecutors may ask whether platforms, AI services, payment companies or telecom providers ignored obvious abuse. The answer will depend on facts: knowledge, control, legal duties, technical feasibility and response. Blanket blame is too easy. So is blanket immunity.

Evidence standards will become more contested. A party may claim an incriminating voice is AI-generated. A scammer may deny creating a deepfake. A victim may allege cloning without a preserved recording. Courts and investigators will need forensic methods, chain-of-custody practices and expert testimony. Synthetic media complicates both accusation and defense.

Law is necessary, but it is slow. The fastest harm reduction will come from operational changes: verification habits, payment controls, platform enforcement, financial monitoring, and rapid reporting. Legal reforms should support those changes rather than pretending that a new statute alone can stop a global scam economy.

Newsrooms and public figures are now part of fraud defense

Deepfake scams often exploit public trust in recognizable people. Celebrities, CEOs, journalists, doctors, government officials and influencers can be made to appear to endorse investments, grants, medical products, crypto platforms or giveaways. A victim may not know the person personally, but recognition lowers skepticism.

The FBI warned that criminals can use AI-generated videos and voices of celebrities, CEOs and other trusted figures in investment scams. FINRA has also warned that deepfake videos can imitate company leaders and spread fake news or market manipulation. Public figures should assume their likeness may be used without consent.

Newsrooms have a dual role. They must verify synthetic media before publishing, and they must avoid amplifying scam clips in ways that help criminals. Showing a fake celebrity ad without context can spread it. Describing the verification process helps readers learn. Fast correction and clear debunking matter when scam content circulates.

Public figures and companies should maintain clear fraud-warning pages. A CEO whose image is abused in fake investment ads should have an official page stating that they do not endorse such platforms. A government agency should have pages explaining how it contacts citizens and what payment methods it never uses. A bank should make inbound-call verification easy.

Search engines and social platforms should surface official warnings when users search for suspicious combinations: celebrity name plus crypto platform, agency name plus gift card payment, bank name plus support number, recovery firm plus scam. SEO is not only a marketing discipline in this context. It is consumer protection. If official warnings are buried under scam pages, victims lose.

AI-generated scam content also creates reputation harm. A company may be blamed by victims who saw a fake executive endorsement. A celebrity may face angry messages from people who lost money to fake ads. Brands need monitoring and takedown processes for impersonation. Delay can become costly.

Media literacy should include a practical distinction: a real clip of a public figure does not prove endorsement of the page where it appears. Scammers can stitch real footage into fake ads, use old interviews out of context, or generate new content. The question is whether the endorsement appears on the public figure’s verified channel or the company’s official site.

The public should treat famous-person investment pitches with strong suspicion. Real wealth-building does not arrive through a celebrity video in a social feed promising guaranteed returns. AI simply makes that old truth easier to forget.

The victim stories matter because they show the mechanism

Statistics can make fraud feel abstract. Victim stories show the mechanism. The San Francisco mother who heard a voice that sounded like her daughter did not fall for an implausible email. She reacted to fear. The Ohio woman who reportedly lost $1.5 million to fake FBI agents did not decide to support criminals. She believed an authority story under pressure.

Those stories should not be used to mock victims. They should be used to study the attack path. What did the criminal know? What emotion was activated? What verification was blocked? What payment method was demanded? Which institution could have interrupted? What evidence remained? Which warning would have helped before the call?

Fraud succeeds when it creates a closed room. The victim is told not to hang up, not to call family, not to speak with the bank, not to contact police, not to search online, not to trust anyone else. AI makes the room more convincing. The exit is outside contact. Every prevention strategy should make outside contact easier.

Journalists should cover AI scam stories with enough detail to educate readers without giving criminals a playbook. The useful details are the pressure tactics, payment methods, verification failures and agency advice. Less useful are step-by-step tool instructions or sensational claims that every voice call is now impossible to trust.

Victim stories also reveal recovery gaps. A person may discover the scam only after wires have cleared or crypto has moved. Banks may be unable to reverse transfers. Local police may have limited options. Families may be shocked. The victim may then encounter recovery scammers. A serious public response must include post-loss support.

There is also a class dimension. A $5,000 loss can be devastating for one family. A $1.5 million loss can erase retirement savings. A small-business BEC loss can threaten payroll. AI scam analysis should not focus only on the largest numbers. The harm is measured in the life affected, not only the dollar figure.

The stories also show why “just verify” is harder than it sounds. Verification requires a person under stress to break social and emotional pressure. That is easier when the habit was established earlier. A family code word created before crisis is far stronger than advice remembered during crisis. A company payment policy practiced before an attack is stronger than an employee improvising under a fake executive’s demand.

The public numbers reveal a trust recession

AI scams are part of a broader decline in the reliability of everyday trust cues. A voice can be cloned. A face can be generated. A badge can be forged. A website can be polished. A document can be fabricated. A caller ID can be spoofed. A testimonial can be fake. A social profile can be synthetic. The result is not that people should trust nothing. It is that trust must move from appearance to verification.

This shift has social cost. Slower payments, callback rituals, identity checks and suspicion can make life less convenient. Families may feel awkward creating code words. Employees may feel burdened by approvals. Customers may complain about transaction holds. But the alternative is a world where criminals use convenience as a weapon.

Trust will not disappear. It will become more formal at high-risk moments. People will still answer calls, meet partners, apply for jobs, invest, hire employees and talk to banks. They will need sharper rules for moments involving money, identity, access and secrecy. That is a manageable change.

The larger danger is cynicism. If people believe everything can be fake, they may disengage from real warnings, real institutions and real evidence. Scammers can exploit cynicism too. A criminal posing as a “fraud investigator” may tell a victim not to trust the bank. A fake regulator may claim mainstream warnings are part of a cover-up. Distrust can be weaponized as easily as trust.

The answer is authenticated trust. A bank message inside a secure app is stronger than a random call. A government notice verified through an official website is stronger than a threatening caller. A family code word is stronger than a familiar-sounding voice. A registered investment firm checked through regulator databases is stronger than a polished ad. A vendor-bank change confirmed through prior records is stronger than a perfect email.

AI scam losses should push institutions to make authentic channels clearer. Too many real agencies and companies still communicate in ways that resemble scams: unexpected links, vague urgent messages, inconsistent phone practices, hard-to-find official numbers, and confusing customer-support paths. Criminals thrive when legitimate communication is messy.

Organizations should review their own communications through a fraud lens. Do they ever ask customers for sensitive data by email? Do they send links that look suspicious? Do they call from numbers customers cannot verify? Do they make official notices hard to distinguish from scams? Cleaning up legitimate communication is a fraud defense.

The FBI data is not only about criminal misuse of AI. It is about the need to rebuild trust architecture for a synthetic media era.

Businesses should treat AI fraud as financial risk, not only cyber risk

AI scams often land between departments. Cybersecurity sees phishing and account compromise. Finance sees wire risk. Legal sees impersonation and liability. HR sees fake applicants. Compliance sees KYC and reporting. Customer support sees account takeovers. Marketing sees brand impersonation. If no one owns the whole pattern, criminals exploit the gaps.

Boards and executives should treat AI-enabled fraud as financial risk. The loss may occur through a payment, not a data breach. Insurance may not cover all of it. Reputational harm may follow. Customer trust may be damaged if the company’s brand is used in scams. A deepfake executive incident can create market, legal and internal confusion even if no money leaves.

The controls should be reviewed at the enterprise level. Which payments require dual approval? Which vendor changes require call-back? Who can approve exceptions? Are executive assistants trained? Are HR identity checks strong enough for remote roles? Does the company monitor fake domains and ads? Are employees told they will not be punished for delaying suspicious requests?

Incident response plans should include synthetic media. If a fake CEO video circulates, who verifies and communicates? If a fake customer-support number appears in search ads, who handles takedown? If a voice-clone call targets finance, who preserves evidence? If a fake recruiter collects applicant data, who notifies victims? These scenarios should not be invented during crisis.

Insurance policies deserve review. Some policies distinguish cyber incidents, social engineering, funds-transfer fraud, crime losses and voluntary parting. AI does not fit neatly. A company that voluntarily wires money after a fake video may face coverage disputes depending on policy wording. Legal and risk teams should examine exclusions and limits before a loss.

Vendor risk also changes. A third-party payroll provider, KYC vendor, customer-support vendor, marketing agency or outsourced finance provider can be targeted. Contracts should address fraud controls, reporting timelines, identity verification, payment-change procedures and incident cooperation. A weak vendor can become the entry point for a strong scam.

Small businesses need simpler versions of the same controls. A written two-person approval rule for wires, a vendor callback list, a bank-change form, and a no-gift-card policy can prevent many losses. The rule should be printed, repeated and followed even when the owner is busy.

The business case is easy: one prevented fraudulent transfer can pay for years of process discipline. The cost is inconvenience. The benefit is survival.

Regulators should focus on choke points

AI scam regulation can become scattered if every agency targets only its own visible slice. A more practical approach looks for choke points: places where many scams depend on the same infrastructure. These include identity proofing, payment movement, crypto cash-out, telecom access, ad placement, platform account creation, domain registration, app distribution and recovery-scam promotion.

Choke points do not remove the need for criminal prosecution. They reduce volume and harm while cases are built. If a fake investment domain can be removed quickly, fewer victims reach payment. If a receiving account is frozen after early complaints, later victims may be protected. If a search ad for fake tech support is blocked, fewer calls begin. If crypto ATM warnings and limits interrupt government impersonation scripts, losses fall.

Regulators should also push for clear communication standards. Agencies and financial institutions should tell the public exactly what they will never do: demand crypto, gift cards, secrecy, remote access, or transfers to safe accounts. The message should be repeated across official channels. Confusion helps criminals.

Data sharing is another choke point. Fraud reports are fragmented across IC3, FTC, banks, platforms, telecom providers, crypto firms and local police. Better sharing of indicators can identify active campaigns. Privacy safeguards are needed, but the current fragmentation favors criminals.

AI-specific rules should avoid narrow definitions that age quickly. A law that targets one kind of deepfake may miss synthetic audio, AI-written scripts or generated documents. The legally relevant conduct is deception tied to harm: impersonation, unauthorized use of likeness, false authority, fraudulent solicitation, identity theft, extortion, market manipulation and funds theft.

Regulators should also measure outcomes. Did a rule reduce losses? Did warnings change behavior? Did transaction holds stop scams or merely annoy customers? Did platform takedowns happen faster? Did reports increase because victims became more aware, or because scams grew? Without outcome measures, policy can become symbolic.

The FBI’s new AI data category gives regulators a starting benchmark. Future reports may show changes in complaint volume, losses, categories and methods. If the numbers rise, that may reflect both growth and better reporting. Analysts should avoid simple conclusions. Better measurement often makes a problem look worse before it helps reduce harm.

The most urgent regulatory target is not a distant hypothetical. It is the money leaving victims now.

The next wave will be more conversational

The scams most people fear are cinematic: a perfect video call from a CEO, a fake president declaring an emergency, a celebrity promoting a fraudulent platform. Those will happen. The more common danger may be quieter: persistent AI-assisted conversation that slowly creates belief.

Conversational scams are hard to detect because each message looks ordinary. A fake recruiter answers questions. A fake romantic partner remembers details. A fake investment mentor explains volatility. A fake support agent calms the victim. A fake government official sends procedural updates. A fake recovery expert expresses sympathy. The victim is not hit by one shocking artifact. They are surrounded by a coherent story.

AI makes coherence cheaper. The scammer can maintain tone across weeks. They can translate accurately. They can generate explanations for delays. They can create fake policy documents. They can personalize replies. They can use sentiment analysis to detect hesitation. They can escalate to a human closer when money is near.

Voice and video may become optional proof points inside these longer conversations. A victim asks for a call, and the scammer provides a brief synthetic voice note. A business employee asks for confirmation, and the criminal produces a short video. A job seeker asks for a website, and the scammer provides one. Each artifact supports the story.

This is why “deepfake detection” is too narrow. The future scam may not include an obvious deepfake. It may include hundreds of normal-seeming messages. Platforms and financial institutions need to identify patterns of grooming, payment pressure and account movement, not only synthetic media.

Consumers need patience with their own doubt. A common victim thought is, “I have talked to this person for months, so it must be real.” Time is not proof. Criminals invest time when the possible payout is large. AI reduces the labor cost of that investment. A relationship that exists only in messages and money requests should remain untrusted around financial decisions.

The next wave may also include real-time AI translation in phone scams. A criminal who does not speak a victim’s language fluently could still conduct calls with synthetic assistance. That widens targeting. Communities that rely on language cues to identify outsiders may lose that weak protection.

The strongest personal rule for the conversational era is this: no relationship that began online should move into money, identity documents, account access or secrecy without independent verification outside the relationship. This rule protects against romance scams, investment scams, job scams and recovery scams.

A practical defense model for households

Households need a defense model that fits real life. Most families will not study IC3 reports or media forensics. They need a few rules that everyone can remember, including older relatives and teenagers. The rules should be discussed before a crisis.

First, create a family code word or verification question. Use it for emergency calls involving injury, kidnapping, arrest, travel trouble or urgent money. If the caller cannot answer, hang up and verify through another channel. Do not post the code word or make it guessable from family social media.

Second, agree that no government agency, bank or police officer gets money through crypto, gift cards, wire transfers to safe accounts, cash couriers or secrecy. If a caller claims otherwise, the family rule overrides the caller. Hang up and call the agency or bank through a known number.

Third, treat online investment introductions as dangerous when they come from strangers, romantic contacts, messaging groups, social-media ads or famous-person videos. Check registration independently. Do not install unknown trading apps. Do not pay taxes or fees to unlock withdrawals from a platform introduced online.

Fourth, create a trusted-contact habit for large transfers. Before sending a large wire, crypto transfer, gift-card purchase, cashier’s check or unusual payment, speak to one trusted person not involved in the transaction. Scammers hate third parties because third parties break the closed room.

Fifth, preserve and report. Save screenshots, numbers, websites, wallet addresses and messages. Contact the bank quickly. File with IC3. Report to the FTC where relevant. Tell the platform. Warn family members if the scammer used personal information.

These rules should be written down. A printed card near a phone may protect an older relative. A shared family note may help everyone. A conversation after reading a news story may be enough to set the habit.

Households should also reduce raw material for scammers. Limit public audio and video of children where possible. Review social-media privacy. Avoid posting travel plans in real time. Remove unnecessary personal information from public profiles. These steps will not stop all targeting, but they reduce easy personalization.

None of this requires paranoia. Families can still answer calls, post photos and invest. The line is high-risk action. Money, identity, access and secrecy need verification. Everything else can remain normal.

A practical defense model for small businesses

Small businesses often run on speed and trust. The owner knows the vendors. The bookkeeper knows the payroll. The office manager knows the bank. That intimacy is strength until a criminal impersonates one person convincingly. AI makes small-business impersonation easier because public information is abundant and controls are often informal.

A small business should start with payment rules. No wire transfer, ACH change, vendor-bank update or payroll-routing change should be approved through the same channel that requested it. Use a known phone number from records. Require two approvals for large payments. Document the approval. Apply the rule to owners too.

Gift-card policies should be absolute. No executive, client, vendor or government official should request gift cards for business purposes. This is one of the simplest scam defenses. If a message asks an employee to buy gift cards and send codes, it is fraud until proven otherwise.

Vendor records should be protected. Account-change requests should go through a formal process. The business should call the known vendor contact, not the number in the email. A short waiting period for new bank details can prevent loss. A criminal who claims the payment is urgent should not bypass the process.

Employee training should be role-specific. Finance staff need payment-scam drills. HR staff need fake-applicant and fake-recruiter warnings. Customer-support staff need account-takeover scripts. Executives need to know that their public voices and images can be used against employees. Everyone needs permission to verify.

Cybersecurity basics still matter. Multi-factor authentication, password managers, email security, domain monitoring, endpoint protection and backups reduce the chance that criminals can compromise real accounts. AI impersonation is worse when paired with real mailbox access.

The business should know its bank’s fraud procedures before a loss. Who is the emergency contact? What is the wire recall process? What information is needed? How fast must the business act? A laminated incident card may sound old-fashioned. It can save hours.

Small businesses should also warn customers if the company’s brand is impersonated. A page on the official website can explain legitimate payment methods and known scams. Customers who search for the business plus “scam” should find the real warning, not a fake recovery page.

A small company does not need a large security department to reduce risk. It needs a few non-negotiable rules, practiced until they feel normal.

A practical defense model for larger organizations

Large organizations face more complex AI fraud because they have more people, more vendors, more executives, more public information, more systems and more exception paths. They need governance that treats AI-enabled fraud as a cross-functional risk.

The first step is mapping high-risk workflows. Payment approval, vendor onboarding, payroll changes, executive communications, remote hiring, customer identity proofing, privileged access, legal requests, customer-support resets, and public brand use all deserve review. The question is where appearance-based trust still authorizes action.

Second, organizations should define synthetic-media escalation. If an employee suspects a deepfake call, cloned voice, fake executive video or synthetic document, where do they report it? Who responds? What evidence is preserved? Which systems are frozen? Which external partners are contacted? A vague “tell security” instruction is not enough.

Third, treasury controls should be tested against perfect impersonation. Assume the email looks real, the voice sounds real, the video looks real and the timing is plausible. Does the payment still require independent verification? If not, the control fails.

Fourth, HR and security should redesign remote onboarding for identity risk. Identity checks, device posture, role-based access, probationary access limits, reference verification and anomaly monitoring should be aligned. A fake worker with privileged access can cause more damage than a fake invoice.

Fifth, brand-protection teams should monitor fake domains, scam ads, fake support numbers, cloned executive media and fraudulent social profiles. Takedown relationships with platforms and registrars should be ready. Public warning pages should be clear and indexed.

Sixth, incident-response exercises should include AI fraud. A fake CFO voice approving a wire. A deepfake board call. A fake regulator requesting data. A synthetic applicant hired into a sensitive role. A fake customer-support campaign using the company’s brand. Exercises reveal process gaps before criminals do.

Large organizations should also share intelligence through industry groups, ISACs, law enforcement channels and financial-crime networks. AI fraud campaigns often hit multiple firms. A wallet address, domain, phone number or synthetic media pattern found by one company may protect another.

Governance should include legal, compliance, finance, security, HR, communications, customer support and executive leadership. AI fraud does not respect org charts. A fragmented response will be slower than the attack.

Reporting should become easier than silence

Public agencies often tell victims to report. Victims often do not. The gap is emotional and practical. Reporting forms can be intimidating. Victims may lack details. They may fear judgment. They may believe nothing will happen. They may still be under scammer influence. They may not know whether to report to IC3, the FTC, local police, the bank, a platform or a state regulator.

The reporting experience should be redesigned around victim reality. A person should be able to start with partial information. Forms should ask plain questions: Who contacted you? What did they ask for? How did you pay? What phone numbers, usernames, websites or wallet addresses were used? Did they use a voice, video or image that seemed fake? Are they still contacting you?

AI could help victims assemble reports from screenshots and transaction records, but safeguards are needed. A reporting assistant should not expose sensitive data unnecessarily or give legal advice beyond its role. It should help preserve evidence and direct victims to official channels.

Banks and platforms should place reporting prompts where harm occurs. A customer who sends a first crypto transfer could see a warning and a one-click path to report suspected coercion. A dating app user asked for investment money could report the profile quickly. A search engine could show official recovery warnings when users search for “recover stolen crypto.”

Reporting should also protect near-miss data. If a person receives a fake kidnapping call and sends no money, that report is still useful. If a company catches a fake vendor-bank change, that evidence may connect to other victims. Near misses reveal active campaigns.

Victim feedback matters. People who report often hear nothing. Law enforcement cannot update every case in detail, but basic confirmation, evidence guidance and recovery-scam warnings would help. Silence after reporting can make victims feel abandoned and less likely to warn others.

Community reporting channels can supplement federal reporting. Banks, elder-fraud hotlines, local police, state attorneys general, platform abuse teams and nonprofit victim-support groups all play a role. The challenge is coordination. Victims should not have to understand the entire system while panicked.

The public message should be: report quickly, even if embarrassed; report attempts, not only losses; preserve evidence; and beware anyone who contacts you afterward promising guaranteed recovery.

The economics of synthetic trust favor early interruption

Fraud is a business model. Criminals invest in tools, scripts, domains, accounts and labor because expected returns are high. AI changes the economics by reducing the cost of trust signals. A fake profile becomes cheaper. A long conversation becomes cheaper. A polished website becomes cheaper. A cloned voice becomes cheaper. A fake document becomes cheaper.

When production costs fall, volume can rise. When quality rises, conversion can rise. When personalization improves, high-value targeting becomes easier. That combination explains why agencies warn that the problem may grow as tools improve. It also explains why small defenses at the right moment can have large effects.

Early interruption changes scam economics. If platforms remove fake profiles before grooming, scammers lose leads. If banks stop first transfers to mule accounts, scammers lose cash-out paths. If families use code words, voice scams lose conversion. If companies require callback verification, BEC returns fall. If crypto services delay risky withdrawals, criminals face time risk.

Late response is more expensive. After funds move through several accounts or wallets, recovery is harder. After a victim sends multiple payments, emotional damage is deeper. After a fake domain reaches many victims, takedown is less useful. After a synthetic applicant gains access, incident response becomes complex.

The best anti-fraud investments are therefore preventive and interruptive. They should target points where the criminal needs the victim or system to act: click, disclose, approve, transfer, onboard, withdraw, install, verify. AI may make persuasion stronger, but it still needs an action.

This action-centered view also helps avoid panic about synthetic media. A deepfake video that asks for nothing may be misinformation or harassment, but it is not yet a payment scam. A plain text message that asks for a wire transfer may be far more financially dangerous. Risk should be assessed by action requested, not media type alone.

The economics also favor cooperation. A single bank may see one mule account. A platform may see one fake profile. A telecom provider may see one number. IC3 may see complaints across all of them. Sharing turns isolated clues into patterns. Criminals benefit when every institution sees only its slice.

Reducing the expected return of AI scams does not require perfect prevention. It requires enough friction, detection and enforcement to make campaigns less profitable. Fraud groups are opportunistic. If one path becomes harder, some will shift. That is not failure. It means defenses should keep raising the cost across the chain.

The language around “AI scams” needs precision

Public discussion often uses “AI scam” to mean any scam involving artificial intelligence. That phrase is convenient but imprecise. It can mean at least four different things: a scam that sells fake AI products, a scam that uses AI-generated media, a scam that uses AI automation to contact victims, or a scam complaint where the victim suspects AI. Those differences matter for policy and prevention.

The FBI’s 2025 AI figure should not be interpreted as “all scams created entirely by AI.” It is better understood as complaints with an AI nexus. That includes generated voices, videos, images, documents, profiles, scripts, fake AI investment claims, or other AI-related elements described by victims or identified in the complaint process.

Precision avoids two mistakes. The first is minimization: “Only 22,364 complaints, so AI fraud is small.” That ignores underreporting and invisibility. The second is exaggeration: “AI created $893 million of entirely new fraud.” That ignores the fact that many losses sit inside old fraud categories, especially investment scams. The true picture is more useful: AI is changing the cost, quality and scale of deception inside established fraud markets.

Better language also helps consumers. “AI-generated scams” may sound technical and remote. “A scammer can clone your child’s voice” is concrete. “A fake FBI agent may use AI-generated documents and a spoofed number” is concrete. “A fake investment platform may use AI videos of celebrities” is concrete. People act on concrete patterns.

For businesses, “AI fraud” should be translated into workflows. Which workflow is exposed? Payments? Hiring? Vendor management? Customer identity? Executive communications? Brand impersonation? Each needs controls. A generic AI-risk memo will not stop a wire transfer.

For regulators, precision supports better metrics. Future IC3 reports may refine AI tags, distinguish media types, track losses by category, and identify whether AI was used in the pitch, identity, automation, payment support or laundering stage. Better taxonomy would help agencies measure which controls work.

For journalists, precision protects credibility. Not every polished scam is AI. Not every fake video is proven synthetic. Not every victim suspicion can be confirmed. Careful wording builds trust and avoids panic. The facts are alarming enough without overstatement.

The phrase can remain, but the analysis should be exact. AI is not a new species of crime. It is a new production layer in the fraud economy.

The strongest defense is authenticated process

The core lesson from the FBI’s 2025 AI scam data is not that people must become experts in generative media. It is that the old cues of authenticity have weakened. A familiar voice, polished video, official document, realistic profile, clean grammar, convincing website, caller ID or social proof cannot authorize high-risk action alone.

Authenticated process is the replacement. It is not glamorous. It means code words, callback numbers, dual approvals, payment delays, secure portals, regulator checks, identity proofing, transaction monitoring, incident reporting and platform takedowns. It means refusing to let urgency override verification. It means designing systems that assume some fake content will look real.

For households, authenticated process is a family ritual. For businesses, it is a control environment. For banks, it is risk-based intervention. For platforms, it is account and ad enforcement. For AI companies, it is abuse prevention and provenance support. For law enforcement, it is faster reporting and pattern analysis. Each layer catches what the others miss.

The FBI’s $893 million AI-linked loss figure will likely become a reference point. Future reports may show higher numbers, lower numbers, refined categories or better detection. The direction of technology suggests criminals will keep experimenting. The direction of defense should be equally clear.

The public does not need to distrust every voice or every video. That would be exhausting and socially corrosive. People need to distrust urgent demands that bypass verification. They need to pause when a request involves money, identity, credentials, access, secrecy or fear. They need institutions that make the safe path easier than the criminal path.

The most human part of AI fraud is not the machine. It is the moment when a victim believes they are helping a child, obeying an officer, seizing an opportunity, protecting an account, pleasing a boss, accepting a job, or saving a relationship. Scammers use AI to reach that moment more convincingly. Defenders have to protect it with rules strong enough to hold when the fake sounds familiar.

Questions readers ask about AI scam losses

Author:
Jan Bielik
CEO & Founder of Webiano Digital & Marketing Agency

This article is an original analysis supported by the sources cited below

2025 FBI Internet Crime Report
Official IC3 annual report with 2025 cybercrime complaints, losses and the first AI-focused cybercrime section.

Cryptocurrency and AI Scams Bilk Americans of Billions
FBI press release summarizing the 2025 IC3 report, total losses, cryptocurrency complaints, AI-related complaints and prevention advice.

Criminals Use Generative Artificial Intelligence to Facilitate Financial Fraud
IC3 public service announcement describing criminal use of AI-generated text, images, audio and video in fraud schemes.

Criminals Using Altered Proof-of-Life Media to Extort Victims in Virtual Kidnapping for Ransom Scams
IC3 warning about altered or synthetic proof-of-life media used in virtual kidnapping and ransom scams.

Senior U.S. Officials Continue to be Impersonated in Malicious Messaging Campaign
IC3 warning on impersonation of senior officials, malicious messaging and voice-based social engineering risk.

Operation Level Up
FBI victim-notification program focused on interrupting active cryptocurrency investment fraud.

New FTC Data Show a Big Jump in Reported Losses to Fraud to $12.5 Billion in 2024
FTC consumer fraud data release covering reported 2024 losses, imposter scams and investment scams.

Scammers use AI to enhance their family emergency schemes
FTC consumer alert explaining how voice cloning can be used in family-emergency scams and how families should verify calls.

FTC Highlights Actions to Protect Consumers from Impersonation Scams
FTC release on impersonation scam losses, enforcement actions and protections for consumers.

Trade Regulation Rule on Impersonation of Government and Businesses
Federal Register final rule prohibiting false impersonation of government entities, businesses and their officers or agents.

Artificial Intelligence and Investment Fraud
SEC Investor.gov alert warning investors about AI-themed fraud, unregistered platforms and unrealistic return claims.

Artificial Intelligence and Investment Fraud
FINRA investor guidance on AI, deepfakes, impersonation and fake investment promotions.

FinCEN Alert on Fraud Schemes Involving Deepfake Media Targeting Financial Institutions
FinCEN alert describing deepfake typologies, identity-verification risks and suspicious activity red flags for financial institutions.

Contextualizing Deepfake Threats to Organizations
NSA, FBI and CISA guidance on deepfake threats to organizations and layered mitigation steps.

AI Data Security
Joint cybersecurity guidance on securing data used to train and operate AI systems.

Phishing Guidance: Stopping the Attack Cycle at Phase One
CISA resource on phishing methods and defensive measures for organizations.

Teach Employees to Avoid Phishing
CISA small and medium business guidance on phishing awareness and employee training.

U.S. Department of the Treasury Releases Report on Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Sector
Treasury release summarizing AI-specific cybersecurity and fraud risks in the financial sector.

Managing Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector
Treasury report on AI cybersecurity risks, financial-sector coordination and risk management.

Artificial Intelligence in Financial Services
Treasury report examining AI use, risk management and oversight issues in financial services.

AI Risk Management Framework
NIST framework page for organizations managing risks associated with AI systems.

Artificial Intelligence Risk Management Framework AI RMF 1.0
NIST publication setting out a framework for mapping, measuring, managing and governing AI risk.

C2PA Specifications
Technical specification for content provenance and digital-media origin records.

Woman loses thousands to scammer using what she suspects was AI voice mimicking daughter
ABC News report on a voice-clone-style family emergency scam involving a San Francisco victim.

Americans lost nearly $900 million to AI-generated scams last year
The Independent report covering FBI AI scam data, victim examples and expert warnings.

Consumer Reports assessment of AI voice cloning products
Consumer Reports release on safeguards and misuse risks in AI voice-cloning products.

Voice-enabled AI agents can perform common scams
Research paper examining whether voice-enabled AI agents can carry out scam workflows.

Can you tell it’s AI? Human perception of synthetic voices in vishing scenarios
Research study on human ability to distinguish synthetic voices from human voices in scam-like calls.

Anti-phishing training still does not work
Large-scale research paper examining limits of common anti-phishing training interventions.

How spammers and scammers leverage AI-generated images on Facebook for audience growth
Research paper on AI-generated imagery used by spammers and scammers to grow audiences on social platforms.

Verifying provenance of digital media: Why the C2PA specifications fall short
Research paper examining limits and implementation challenges in content provenance systems.