In the developing world such as Tanzania, Artificial intelligence (AI) is still a new concept and its invasive capabilities are not well known, save for a few people who follow its evolution. However, AI is increasingly becoming a tool for international criminals, who target bank accounts with the intent to drain your lifetime savings, among other malicious activities.
Yes, the savings you have painstakingly planned, sacrificed and saved for summer times access may be imperilled to your utter disappointment. The digital scammers know that too, that it is estimated globally more than two trillion dollars is saved to cater for old age by people who are not tech-savvy.
It is such vulnerability that poses the most serious danger to us. This article will try to shed light on what these international scammers are capable of doing, and how to protect ourselves from such cyberattacks before we get scammed. Here is my take.
How Scammers Can Empty Your Bank Accounts
AI is now arming scammers with powerful tools that are difficult to spot, and neutralize. Days, scammers can alert you through poorly crafted messages or bad grammar are disappearing at faster rates. Such communications of the past were easier to detect because were different from the ones your bankers normally apply.
All that effort of making fake communication impress us as legitimate is credited to what AI can do for digital thieves. While AI-powered crimes are still unheard of in Tanzania, just trust me, international criminals have been testing our security defences for years now, and are now more potent to pounce. They do not need to be physically here since the internet has dissolved physical boundaries, and can hit us without notice or without much ado!
ChatGPT and other AI tools can even enable scammers to create an imitation of your voice and identity. In recent years, criminals have used AI-based software to impersonate senior executives and demand wire transfers. In these recent cases, the frauds are often similar to old scams. But AI has enabled scammers to target much larger groups and use more personal information to convince you the scam is real.
Read Related: Lonely Hearts Beware: How Catfish Scams Deceive and Destroy
These sophisticated tactics are often harder to spot because they bypass traditional indicators of scams, such as malicious links and poor wording and grammar. Criminals today are faking driver’s licences and other identification in an attempt to open new bank accounts and adding computer-generated faces and graphics to pass identity verification processes. All of these methods are hard to stave off.
Top international banks have been stepping up to the plate introducing large-language models to stem out identity theft, and also educating and sensitising their valuable customers about it. In Tanzania, the Central Bank – BoT is still sleeping on the job jeopardising the financial security of Tanzanians.
With AI as their chief accomplice and enabler, international fraudsters are reaping billions of dollars from unsuspecting bank customers, and the trend will grow exponentially as AI gets even more powerful in assuming the identities of us all. Social engineering attacks have grown more sophisticated with AI.
Scammers parlay AI tools to unearth details about targets from social media and data breaches, cybersecurity experts forewarn. AI can aid them in adapting their nefarious schemes in real-time by generating personalized messages that convincingly mimic trusted individuals, persuading targets to send money or divulge sensitive information!
In an April survey of 600 fraud-management officials at banks and financial institutions by banking software company Biocatch, 70% said the criminals were more skilled at using AI for financial crime than banks are at using it for prevention. Kimberly Sutherland, vice president of fraud and identity strategy at LexisNexis Risk Solutions, said there has been a noticeable rise in fraud attempts that appear to be AI-related in 2024.
Passwords in the age of AI are still confiding false assurances that you can lock out fraudsters but now password thieves are developing AI tools to discern those gateway filters to our consternation. Criminals used to have to guess or steal passwords through phishing attacks or data breaches, often targeting high-value accounts one after another.
Now, scammers can quickly cross-reference and test reused passwords across platforms. They can use AI systems to write code that would automate various aspects of their ploys.
If scammers obtain your email and a commonly used password from a tech company data breach, AI tools can swiftly check if the same credentials unlock your bank, social media or shopping accounts!
What Can You Do to Stop Scammers From Their Evil Schemes?
Most people tend to use bank debit cards for transactions which in today’s high-tech vulnerabilities is a huge mistake. Transactions can be traced and through data breaches, your bank information can fall into the wrong hands, and expose your savings to the possibility of finding yourself losing all your money.
Rule number one, please operate different accounts for transactions and savings. Never use your savings account for payments. This is the first layer of shielding you from scammers.
Also, read: Just an Alert: Social Engineering Poses a New Threat to Your Security!
Rule number two, keep your savings in fixed deposits. Unlike in the past fixed deposit accounts used to involve the tedious process of physically visiting your bank branch, and speaking to a teller who will furnish you with forms to fill before that fixed account can be opened.
The good news, some local banks such as the CRDB have apps that allow their customers to open fixed accounts from a mere million up to a trillion shillings without visiting a bank branch! Such accounts in the past used to pay interest rates to the tune of 13% per annum but have been downgraded to 5% per annum.
That rate hardly covers inflation only but it is what we have today. It is also much better than leaving all your cash in the normal savings accounts which attract much lower or no interest payment, flimsy coverage and open-end cyber vulnerabilities. Whereof if that money in the fixed deposit is lost it is 100% protected by the bank because you have an agreement with your bankers to refund you in case of a loss through fraudsters.
Of equal significance, some banks like CRDB can allow you to have a plan when you want to collect your interest earnings. Most fixed deposits of this nature allow you to pick your interest payments either monthly, quarterly, semi-annually, annually, two years or even three years depending on your financial circumstances. Such payment flexibility is most welcome for those who are good at using banking services to their utmost advantage.
Rule number three, where applicable, use credit cards instead of banking accounts to carry out your transactions. This mode of payment is not widely available in Tanzania but for those who have the cards please use them as much as it is feasible. This is another filtered layer to protect your money.
Even if scammers successfully vacuum your financial and personal information from social media and elsewhere, they will quickly learn credit cards have some toughened safeguards to flush them out. And, the limits of withdrawals impose constraints over how much you can lose.
Credit card companies can easily refund you and cancel false transactions than banks can. The only concern when dealing with credit cards is the financial discipline to clear the borrowed money in time. Late clearance can attract hefty penalties.
Rule number four do not open doors to scammers. Sometimes unwittingly we invite bad people into our lives, sharing personal and financial information out of the eagerness to get to know the other person or just out of courtesy or just bad habits of bragging about our improved financial situation. That may alert scammers and put you into their in-tray for special and expedited investigations for possible penetration.
For reasons not clear you may find someone posting a check with a big sum on messaging social platforms! The glaring intent is to boast, period. What this naive person does not know is personal banking information displayed on that cheque may turn out to be a goldmine to excavate by the potential scammers. One day, he may find his account has been emptied, and in such circumstances, your bank may not be able to protect you.
Rule number five, avoid drawing cash from ATMs. Most people are oblivious that bank cards leave behind digital footprints that can be copied, pasted and swiped to generate fake bank cards that can be used to wipe out all your money as if it is you who has been making the withdrawals! It is true that ATMs are becoming biometric smarter and retooled with facial and fingerprint recognition. Regrettably, such capital investments in replacing the current family of outdated ATMs are not part of the menu imposed by our central bank on our local banks.
I understand that moving money from your account, let’s say, to your sim card in your phone attracts even more transaction fees, and that may discourage you from doing just that. It is a delicate balancing act weighing in over the cost-benefit choices one has to make. Again, it is a personal choice you need to personally sort out.
Rule number six, do not talk to strangers on the phone or open up mysterious emails or SMS bombarding your portal or smartphone. AI-powered bots are a growing menace. Some of these AI bots are trained to hijack the user rights of your phone or have been empowered to monitor and record your activities like passwords you use to open your online banking accounts or financial apps installed on your phone.
Talking on the phone is increasingly becoming a way for criminals to record your voice and use it as an audio password where biometric functionality exists. These efforts are aimed at emptying your bank accounts without your authorization.
Again while banks are also fighting to keep our money safe it is so important to remember that the last line of defence is us. In most of these scams once a victim is hit it is difficult to wriggle his way out to salvage what has been stolen, and ends up picking up most if not the whole tab alone. But how do banks bracing up to stop scammers?
Banks Are Also Sharpening Their Tools to Frustrate Scammers
Financial institutions are taking new steps—and tapping AI themselves—to shield our money and data. Such top-class banking services are yet to gain traction in Tanzania.
Top international banks monitor how you enter credentials, whether you tend to use your left or right hand when swiping on the app, and your device’s IP address to build a profile on you. If a login attempt doesn’t match your typical behaviour, it is flagged, and you may be prompted to provide more information before proceeding.
They can tell when you’re being coerced into filling out information, because of shifts in your typing cadence. If digits are copied and pasted, if the voice verification is too perfect, or if the text is too evenly spaced and grammatically correct, that is a red flag, said Jim Taylor, chief product officer at RSA Security, a firm with fraud-detection tech used by Wells Fargo, Citibank and others.
Since international scammers are a couple of steps ahead of the banking system, BoT will do us a huge service if it imposes these minimum thresholds on our local banks – as a matter of urgency, discussed in this chit. I wish them well.