February 4, 2024
Inside the AI-Fueled Explosion of Fraud
AI doesn't only work for the good guys. Not only are scammers turning to AI for things like grammatically perfect messages, they're also using it to develop advanced evasion malware and novel fraud techniques, then selling these programs to other scammers on the dark web. DarkBlue analysts have seen an explosion in dark web files tagged with fraud, and international law enforcement organizations are sounding the alarm about the staggering financial impact of rising fraud.
The Exponential Rise of Fraud
The DarkBlue Intelligence Group regularly scrapes dark webs sites and ingests their data to make it searchable, using AI to enhance the data and add content tags. In 2024, DarkBlue captured 117,376,896 dark web files related to fraud, the equivalent of 13,436 dark web fraud files every hour.
Figure 1: The DarkBlue Intelligence Group ingests 13,436 scraped dark web files tagged with "fraud" every hour
This level of fraud has serious financial impacts. The Federal Bureau of Investigation (FBI) reported in their annual Internet Crime Report last year that investment fraud was the costliest type of crime tracked, with losses to investment scams increasing 38% from $3.31 billion in 2022 to $4.57 billion in 2023.
One such type of investment scam is "pig butchering,” which typically involves cryptocurrency and gets its name from the way scammers "fatten up" their victims with promises of high returns, only to "slaughter" them later when they have drained their resources. Such scams doubled between 2021 and 2022. They have become so prevalent that Interpol recently called to rename them “romance baiting,” due to concerns that “pig butchering” shames victims and prevented them from seeking help. As fraudsters continue to exploit AI to create more personalized, automated scams, the scale of the problem continues to grow, putting millions of people at risk.
The Spread of Advanced Fraud Techniques
In some ways, AI has simply supercharged traditional methods of fraud, enabling scammers to craft highly convincing phishing messages and investment scams at scale that mimic the tone and style of legitimate communications in a way that is more difficult for individuals and security systems to identify.
However, cybercriminals are also using AI to develop increasingly sophisticated malware that can evade traditional security software. One highly concerning trend is malware disguised as antivirus software. Fraudsters are embedding malicious code into what appears to be legitimate malware protection, making it harder for antivirus software to detect and neutralize threats. Worse, criminals often take these advanced new programs and sell them on dark web fraud-as-a-service platforms, thereby enabling even inexperienced aspiring scammers to execute highly sophisticated fraud techniques that are difficult to track and prevent.
Pictured on the next page is an image of one such popular dark web site, which was captured in DarkPursuit, a secure live access tool in the DarkBlue Intelligence Suite. The user pictured is selling “cracking” software to access phones and computers, as well as other pre-configured exploits, stolen bank account numbers, and login information for PayPal and other retail sites.
Another user responds that they will make a purchase when they have enough Monero, a popular, privacy-focused cryptocurrency. This highlights a compounding problem: the relative anonymity afforded to buyers and sellers of these AI-powered fraud programs who conduct transactions in cryptocurrency on the dark web makes holding criminals accountable even more difficult.
Figure 2: User selling fraud services on the dark web [captured in DarkPursuit]
One final advanced technique that is cause for alarm is that fraudsters are embedding malware in free large language models (LLMs) that are commonly used for legitimate purposes. These models then become Trojan horses, spreading malware to unsuspecting users. As these tools become more widely accessible, they create a vicious cycle, infecting more systems and spreading fraud further.
Conclusion: The Need for Dark Web Monitoring
As fraud on the dark web continues to evolve, propelled by AI-powered tools, the need for robust threat intelligence has never been more urgent. Traditional security measures simply can't keep pace with the rapidly advancing tactics used by cybercriminals.
The DarkBlue Intelligence Suite provides an essential, AI-enhanced solution to track, analyze, and mitigate these sophisticated threats in real-time. By scraping, tagging, and analyzing vast amounts of dark web data, DarkBlue empowers organizations to stay ahead of emerging fraud schemes and protect their assets with unparalleled precision. The Suite’s DarkPursuit tool enables analyst and investigators to safely and anonymously pursue threat actors across the live dark web.
Don’t wait for the next AI-powered fraud attack to catch you off guard. Request a free trial of DarkBlue today and take the first step toward strengthening your defenses against the evolving dangers of cybercrime.
Want more insights from DarkBlue? Subscribe to our newsletter for blog posts, intel, webinars, and more.