close online banking
Online Banking Sign-In

Cybersecurity and Fraud Trends for 2025

Remember all those cybersecurity scares from last year? Well, bad news: the threat level is still sky-high in 2025. Phishing scams, ransomware attacks – they're all still happening, and now cybercriminals are getting even smarter. They're using cutting-edge tech like AI, quantum computing, and even deepfake voices to trick us.

It's a scary world out there, but don't worry! Ameris Bank is here to break down the biggest cybersecurity trends of 2025 and give you the tools to protect yourself. We'll cover the latest scams, how to spot them, and how to keep your personal and financial info safe. 


AI-GENERATED FRAUD

You may have noticed the increasing coverage of artificial intelligence (AI) in the news lately. This innovative technology is reshaping industries and transforming how we live and work. AI enables machines to perform tasks that require human intelligence, such as learning, reasoning, analyzing data, and solving problems. Unfortunately, the robust capabilities of AI have not gone unnoticed by cybercriminals.

Fraudsters are using AI to create automated phishing scams, spread malware, and support existing cyberattacks. Because AI can access and analyze immense amounts of data and information online, cybercriminals are using it to develop fraudulent emails, fake websites (domain spoofing), and bogus text messages that look realistic and convincing. AI-generated fraud is targeting individuals and businesses alike, but the following proactive measures can mitigate its risks:

•    Use complex, unique passwords
•    Enable multi-factor authentication on all accounts
•    Keep passwords and login information private
•    Never access sensitive accounts on a public Wi-Fi network
•    Regularly update operating system and security software
•    Clear cache and browsing history
•    Stay away from untrustworthy or suspicious websites

Lastly, individuals and business owners (and their employees) need to recognize unexpected communications that may be AI-generated fraud. The sender of a suspicious email or text message must be verified before taking action. Plus, any links included in these messages should be treated with extreme caution; it's advisable to avoid clicking on them entirely to prevent potential security breaches or malicious attacks.


QUANTUM AI INVESTMENT SCAMS

Quantum computing processes information and data in ways that surpass the capabilities of traditional computers. When quantum computing is combined with AI, it leads to faster, more accurate data analysis and problem-solving abilities. Cybercriminals are using this tech to deploy quantum AI investment scams.

This type of scam involves promising a big return on a fake investment opportunity for stocks, cryptocurrency, property, etc. Fraudsters use quantum computing and AI to create fake news articles/press releases, bogus testimonials from non-existent individuals, and deepfake videos featuring athletes or celebrities who appear to "endorse" the phony investment. The scammers promote their investment scams on fake websites and social media. Unsuspecting investors are lured in with the promise of unrealistic profits, only to find themselves losing money.

There are measures you can take to avoid becoming a victim of a quantum investment scam. For starters, if you see an investment opportunity online that sounds too good to be true, it probably is, so avoid it. Next, be wary of news articles, videos, and social media posts that contain links to unknown websites. Cyberthieves create realistic-looking websites with slightly different domain names to trick users into visiting them and, once there, to provide personal and/or financial information.

Finally, be cautious when you see email signup lists that advertise investment opportunities promising unrealistic returns. Cybercriminals promoting quantum AI investment schemes may inundate you with deceptive emails.


SPEAR PHISHING

Traditional phishing scams are designed to steal money from as many unsuspecting victims (individuals and businesses) as possible via a bulk of spammy emails, text messages, or phone calls. The victims are tricked into sharing bank account information or credit card numbers or making a wire transfer to a fake vendor.

Spear phishing is a variation of traditional phishing that targets individuals and businesses using a more personalized approach. The fraudsters spend time researching their targets to craft email messages that appear credible (e.g., from a family member, business associate, vendor, or frequently visited website). They gather information from business websites, online forums, and social media to build a profile of their spear phishing targets.

This tailored approach to a social engineering attack increases the likelihood of success for the fraudster. It makes it more difficult for the recipient to recognize it as a spear phishing scam, ultimately posing a greater threat to individuals and businesses. However, there are ways to spot spear phishing scams. These include emails from unusual sending addresses, text messages from unknown senders, emails with poor grammar/spelling errors, and spammy phone calls. These are all red flags, especially if you are told to act quickly and provide personal and financial information.


DEEP-FAKE VOICE SCAMS

Cybercriminals are using AI to create voice recordings of celebrities, athletes, political figures, company employees, and even individuals' friends and family members. The fraudsters make robocalls to people at home or work and play the AI-generated voice recordings to ask for personal information or money or solicit donations to a bogus charity or community initiative.

Some of the other deep-fake voice scams used by fraudsters include asking for money to receive a "free" trial of a non-existent product or service, paying shipping fees for a "free" prize that doesn't exist, and paying for a bogus service warranty/extended warranty for a product you purchased. In all of these cases, the fraudsters take the money from their victims and run.

Because the AI-generated recordings sound realistic, it can be hard for people to realize they are being scammed. Individuals and business owners can follow these tips to avoid falling for a deep-fake voice scam:

•    Don't answer calls from unknown telephone numbers
•    Never give out personal or business information over the phone
•    Hang up if you hear unnatural speech patterns or long pauses
•    Ask the caller to verify their identity, company name, etc., and check it online
•    Report the suspected scammer's phone number to the Federal Trade Commission (FTC)
•    Add your phone number to the National Do Not Call Registry at https://www.donotcall.gov


FORMJACKING

Whether filling out a personal information form on a website or purchasing at an online store, sensitive information is transferred digitally. And if hackers have compromised a website form, they may be able to steal the information. This type of fraud is known as formjacking.

With formjacking, cybercriminals inject malicious code into a website's online forms, often without the company's information technology (IT) team knowing. The malicious code works behind the scenes, collecting the information that website users provide on forms (name, address, credit card numbers, etc.), and the fraudsters access this information illegally. This type of identity theft can result in financial losses from unauthorized transactions and negative impacts on credit scores.

There isn't a universal solution to avoid falling victim to formjacking as a website user, but there are some proactive steps to take. Start by confirming the legitimacy of any website or app you use. Next, steer clear of websites that lack HTTPS data encryption, as any information provided will be at risk.

Finally, business owners must create a secure online environment to minimize the risk of formjacking. Some strategies include using website firewalls to detect and block suspicious activities, implementing input validation on online forms, and using the latest online security software.

Ameris Bank cares about your digital and financial security. Learn more about how you can protect yourself or your business from cyberattacks. 



Sources: 
  1. https://www.cyfox.com/blog-posts/the-future-of-cybersecurity-trends-and-predictions 
  2. https://ironscales.com/glossary/generative-ai-fraud
  3. https://unit42.paloaltonetworks.com/dynamics-of-deepfake-scams/ 
  4. https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html 
  5. https://us.norton.com/blog/emerging-threats/what-is-formjacking


The opinions voiced in this material are for general information only and are not intended to provide specific advice or recommendations for any individual. Ameris Bank does not endorse nor is affiliated with the companies listed in this article.