Artificial intelligence (“AI”) continues to transform society in ways beyond imagination.   It is rapidly becoming clear that AI pervades every aspect of society, and criminal activity has been no exception.  AI is now reshaping the methods and scale of fraudulent activity.

In 2024, Americans lost more than $158 billion dollars to Fraud and Scams according to the Federal Trade Commission.  Much of this is powered by AI-enabled scams, which are becoming more sophisticated, widespread, and destructive.

From deepfake audio impersonations to coordinated phishing campaigns that use email, text, and voice calls, scammers are leveraging AI to conduct complex, highly convincing attacks. These evolving threats pose significant risks to individuals, businesses, and public institutions alike.  At Lasher, we are monitoring these developments and advising clients on both proactive and responsive measures to remain vigilant and mitigate exposure. Below is an overview of the current threats and key strategies to help protect yourself and your assets.

Fraud Targeting Government Benefits, Tax-Related Identity Theft; Institutional Impersonation and Website Spoofing

Several states have recently issued public alerts regarding fraudulent communications that claim to be related to various tax relief programs or inflation-related refund checks.

According to the FBI’s Internet Crime Complaint Center, tax-related identity theft complaints increased significantly over the past year.  During the 2024 peak tax season, tens of thousands of identity theft incidents were reported where fraudsters frequently used stolen identities to file false tax returns and divert legitimate refunds.  Scammers have begun impersonating federal and state governmental agencies themselves to gain such information.  The FBI’s Internet Crime Complaint Center website (https://www.ic3.gov/) currently warns of attempts to spoof its own website in an attempt to harvest financial information from unsuspecting victims. Phishing emails falsely claiming to be from the IRS redirect victims to the fabricated website in an attempt to gather information for “further verification” and “crime reporting” purposes, all part of an overall deceptive scheme.

AI-Driven Phishing, Deepfakes, and Voice Cloning

Fraudulent communications are no longer riddled with grammatical errors or obviously suspicious content. With the assistance of AI, scammers are crafting professional-grade phishing emails, mimicking voices with precision, and generating deepfake videos which are all designed to deceive their recipients and gain access to sensitive information.

These tactics are increasingly implemented in complex attacks that combine email, SMS, and even live phone calls and ask for additional verification information that is later used fraudulently.

Rising Threat of QR Code Phishing (“Quishing”)

A form of phishing that relies on malicious QR codes, called “quishing,” is becoming increasingly prevalent. These codes are strategically placed in public spaces or printed materials and target curious users who scan codes using unsecured personal devices.

Mitigating Risk: What You Can Do

To protect yourself from these evolving threats, we recommend taking the following precautions:

1. Be Skeptical of Unsolicited Communications. Government agencies, including the IRS and state tax departments, do not initiate contact via email, text, or social media to discuss refunds or payments. Treat any such messages as potentially fraudulent and proceed with caution.
2. Independently Verify Correspondence. If you receive a suspicious message, do not engage with it directly. Instead, visit the agency’s official website or call an independently verified number to confirm the legitimacy of the request.
3. Enroll in the IRS Identity Protection PIN (IP PIN) Program. Taxpayers can register for an Identity Protection PIN, a six-digit code issued annually by the IRS to prevent unauthorized filing of tax returns using their Social Security number. This is an effective measure against tax-related identity theft.
4. Strengthen Your Digital Security. Use complex, unique passwords for each account and make certain you always enable multi-factor authentication wherever possible.
5. Exercise Caution. Maintain awareness of potential fraudulent activity and bad actors, use caution when scanning QR codes, particularly from unknown sources or public postings.  If you encounter suspected fraud, report it immediately.  You should report tax-related scams directly to the IRS and all other forms of fraud to the FBI’s Internet Crime Complaint Center official website.  Timely reporting can aid ongoing investigations and prevent others from falling victim.

Conclusion

AI has introduced powerful tools for innovation, but, unfortunately, those same tools are now being used by bad actors to perpetrate increasingly advanced scams and fraudulent activity. At Lasher, we advise individuals and organizations to stay informed, maintain secure digital practices and seek legal counsel when in doubt. If you have issues about this or other related topics, please reach out to anyone in Lasher’s Corporate and Business team.