INDIANA – As the U.S. celebrates recovering nearly $15 billion in healthcare fraud, experts are sounding the alarm on the rapid evolution of organized scams, particularly those leveraging artificial intelligence (AI).
Residents are urged to be aware of new tactics, such as AI-powered phishing, cloned emails, and gift card fraud, which exploit personal data to create compelling attacks.
Justas Bagdonavičius, Head of Marketing at Webshare, highlighted the growing threat: “AI is changing how scammers operate, making their attacks more personal and harder to spot. They use tools to mimic voices, create fake videos, or send messages that seem to come from trusted contacts.” He warned that it’s now “easier than ever to fall for a scam,” whether it’s a seemingly innocent text from a friend or a tempting gift card offer from a favorite store.
The warning comes as scam techniques become increasingly sophisticated:
- AI-Powered Impersonation: Scammers are using AI to create realistic voice recordings or videos, often from social media content, to impersonate family or friends and request money or personal information. Action: Always verify unexpected requests by asking questions only the real person would know.
- Gift Card Scams: By analyzing online habits, scammers target victims with gift card requests from frequently used stores, particularly during peak shopping seasons. Action: Treat any request for gift card codes, particularly those related to payment or problem resolution, as highly suspicious and verify them directly with the organization.
- Vishing (Voice Phishing): Phone scams where attackers impersonate trusted entities like banks or government agencies, creating urgency to pressure victims into revealing sensitive details. Action: Legitimate organizations will not request sensitive information, such as PINs, over the phone. Hang up and call the institution back using a verified official number.
- Smishing (SMS Phishing): Fake text messages, often mimicking delivery updates or account alerts, designed to steal credentials or spread malware. Action: Check the sender’s number for authenticity and verify messages directly with the company.
- Clone Phishing: Replicated legitimate emails (e.g., receipts) with malicious links or attachments. Action: Verify the sender’s email address, hover over links to check their destination, and if unsure, contact the sender via official channels.
- Social Media Phishing: Scams using fake or hacked social media profiles to send deceptive messages (e.g., counterfeit giveaways) to steal login credentials. Action: Avoid clicking links in unsolicited messages and verify requests directly.
- Man-in-the-Middle Attacks: Hackers intercept data on public Wi-Fi. Action: Avoid logging into essential accounts on public Wi-Fi. Use a VPN and ensure websites are secure by using the “https://” prefix.
- Ransomware: Encrypts files or devices and demands payment to unlock them. Action: Back up essential files offline, avoid suspicious links, and report any incidents to the relevant authorities.
- DNS Spoofing: Redirects users to fake websites designed to steal information. Action: Always verify website addresses, use secure “https://” sites, and consider DNS protection tools.
- Fake Job Offers: Scammers post enticing job offers to steal personal details or money. Action: Research companies thoroughly and confirm details through official channels before sharing information or paying fees.
“Staying alert is important, as these scams can lead to serious financial losses,” Bagdonavičius emphasized. “Under no condition should you share very personal data, such as passport details or credit card CVV, via email, phone, or any other method that hackers can easily access.” He also advised extreme caution when a close person asks for help over the phone, urging verification through specific questions only they would know.
