Natwest study reveals top financial scams of 2023; finds seven in 10 targeted by scams in last 12 months – IEEE comments

NatWest has today (17 October) released new research of 2,000 Brits*, in conjunction with its own data, revealing that more than seven in 10 adults have been targeted by financial scammers in the last 12 months, most commonly through phishing scams (37%), where fraudsters use fake emails, calls, messages or websites that seem legitimate to try to elicit personal or financial information.

The study found that 61 percent of Brits agreed that digital scams are now more prevalent than real life scams, such as people coming to the door asking for money. 8 in 10 of those polled are concerned that impersonation fraud may become harder to detect in the next five years because of the rise in AI. Indeed, nearly a fifth (18%) of people said they had replied to a message from an impersonator in the past, initially believing it was from a friend or family member.

 

Kevin Curran, IEEE senior member and professor of cybersecurity at Ulster university, offers the following comment on the issue of phishing attacks, the use of AI and the best practice to avoid being caught out by attackers:

“Phishing attacks remain a big problem. Many are designed to be effective in these environments by targeting large numbers of people with finance or bill related claims. These attacks use tailored techniques, dynamic websites, and regularly update the methods used. The result is a series of attacks that have an alarmingly high success rate, yet a relatively low detection rate. It’s important to be cautious – unsolicited communications that ask for data or refer to pages asking for personal data should be carefully checked.

“Increasing the risk of phishing scams is the use of AI. ChatGPT could be used to write phishing emails without typos, given its real-time intelligent responses in many scenarios. This is a crucial point because, as the study shows, phishing scams are still the number one attack vector in the last 12 months. Typos in traditional phishing emails is one of the key indicators of spam but ChatGPT could suddenly clean up this aspect for the scammers. Generative AI can also be used to create keyloggers and there are even examples already of ChatGPT being asked to write malware. It could also be used in various scam situations where people are fooled into thinking they are communicating with a real-world authentic person.

“It is best practice to avoid clicking on links or downloading attachments from suspicious emails altogether. For those who are concerned that they have been caught out by the attackers, they should review online accounts regularly – this helps to flag signs of fraud or rogue charges. Banks are good at spotting fraud, however it’s also up to the individual to spot fraud on their account.”

*https://www.natwestgroup.com/news-and-insights/news-room/press-releases/financial-capability-and-learning/2023/oct/most-common-financial-scams-of-2023-revealed.html