{"id":23222,"date":"2025-11-11T08:00:28","date_gmt":"2025-11-11T01:00:28","guid":{"rendered":"https:\/\/fpt-is.com\/en\/?post_type=goc_nhin_so&#038;p=23222"},"modified":"2025-11-17T11:17:51","modified_gmt":"2025-11-17T04:17:51","slug":"ai-is-also-a-new-weapon-in-cyberspace","status":"publish","type":"goc_nhin_so","link":"https:\/\/fpt-is.com\/en\/insights\/ai-is-also-a-new-weapon-in-cyberspace\/","title":{"rendered":"AI is not just technology; it is also a &#8220;new weapon&#8221; in cyberspace."},"content":{"rendered":"<h2 id=\"heading-overview\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Overview<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">AI in cybercrime is rapidly evolving, driving AI phishing attacks, AI scam calls, AI cloning scams, and even Deepfake attacks. Over the years, the enormous losses caused by AI crime have been extremely concerning. With Deepfakes becoming more sophisticated, users and businesses are losing the ability to distinguish between real and fake in calls, online meetings, and videos.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">According to\u00a0<strong>Cybersecurity Ventures<\/strong>,\u00a0<strong>global cybercrime will cause an estimated $10.5 trillion in damages annually by 2025<\/strong>, with a significant portion being &#8220;attacked&#8221; by AI. A report by\u00a0<strong>Europol (2024)<\/strong>\u00a0also states:\u00a0<em>&#8220;AI is blurring the lines between amateur and professional attackers,&#8221;<\/em>\u00a0threatening national cybersecurity systems.<\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">According to\u00a0<strong>Group-IB<\/strong>, a leading global cybersecurity company, five prominent trends in which AI is being applied in cybercrime have been identified:<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Sophisticated AI phishing.<\/strong><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>AI-assisted scam calls.<\/strong><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Voice cloning scams.<\/strong><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Integration of AI into cyber attack tools.<\/strong><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Dark LLMs<\/strong>\u00a0\u2013 large language models that have been stripped of control mechanisms for illegal purposes.<\/span><\/li>\n<\/ul>\n<h2 id=\"heading-the-main-impact-of-ai-in-crime\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>The Main Impact of AI in Crime<\/strong><\/span><\/h2>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Increase in successful scam rates<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">More effective impersonation of real people<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Shortened attack cycles<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Spread of AI crime to new emerging hacker groups<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Investigations becoming more difficult<\/span><\/li>\n<\/ul>\n<h2 id=\"heading-details-of-the-trends\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Details of the Trends<\/strong><\/span><\/h2>\n<ol>\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Voice cloning scams<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Among all AI attack trends, Deepfake emerges as a powerful and potentially dangerous tool. Hacker groups are continuously ramping up cyberattacks using Deepfake to highlight its current priority level. In the second quarter of 2025 alone, damages caused by Deepfake are estimated to reach $350 million.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">In Deepfake attacks, hackers mainly use the following common methods:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Executive Impersonation:<\/strong>\u00a0Deepfake videos directly impersonate CEOs, CFOs, or trusted clients in real-time calls to pressure victims into making transfers or disclosing data. This is often combined with Business Email Compromise (BEC) scams.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Romance and Investment Scams:<\/strong>\u00a0AI-generated fake groups build trust and manipulate victims over time.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>KYC Bypass:<\/strong>\u00a0Deepfake videos and images deceive identity verification processes during account creation or financial service registration.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/1-1762141114.jpeg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23223\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/1-1762141114.jpeg\" alt=\"1 1762141114\" width=\"940\" height=\"680\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/1-1762141114.jpeg 940w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/1-1762141114-700x506.jpeg 700w\" sizes=\"(max-width: 940px) 100vw, 940px\" \/><\/a><br \/>\n<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Deepfake and Lip-Sync<\/strong>\u00a0services have been around for a few years, from fake Elon Musk cryptocurrencies to politicians explaining fake tax laws. As of now, fake Deepfake videos are widely sold on social platforms for just $5 to $50. This is why AI Deepfake campaigns are becoming increasingly dangerous and widespread.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/2-1762141115.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23224\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/2-1762141115.jpg\" alt=\"2 1762141115\" width=\"999\" height=\"867\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/2-1762141115.jpg 999w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/2-1762141115-700x608.jpg 700w\" sizes=\"(max-width: 999px) 100vw, 999px\" \/><\/a><br \/>\n<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Initially, attackers exploited AI to create videos that impersonated legitimate individuals with the most natural gestures and actions during meetings. As a result, users were misled and believed they were making authentic calls with superiors and transferred large sums of money. Over the past two years, many high-profile cases involving millions in fraudulent transfers have emerged, such as the case of Arup&#8217;s CFO losing $25 million in a\u00a0<strong>Zoom Deepfake<\/strong>\u00a0meeting.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">In the latest recorded reports, hackers are very fond of the form:\u00a0<strong>\u201cImpersonation-as-a-Service\u201d &#8211; IaaS, which specializes in providing impersonation services for other criminals to use<\/strong>, often to carry out scams, financial fraud, unauthorized system access, or identity theft.<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Impersonating IT engineers.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Impersonating banks.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Impersonating CEOs (CEO fraud).<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Deepfake voice\/video.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Impersonating customers.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/3-1762141115.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23225\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/3-1762141115.jpg\" alt=\"3 1762141115\" width=\"995\" height=\"780\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/3-1762141115.jpg 995w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/3-1762141115-700x549.jpg 700w\" sizes=\"(max-width: 995px) 100vw, 995px\" \/><\/a><br \/>\n<\/span><\/p>\n<ol start=\"2\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>AI-Assisted Scam Calls<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Recently, this trend has been increasing significantly. Criminals have taken advantage of AI&#8217;s ability to learn a person&#8217;s voice from a short recording (just a few seconds) and then use that voice to:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Make calls pretending to be a relative asking for money transfers.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Impersonate a boss to instruct financial staff to make a transfer (Business Email Compromise in voice form).<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Imitate the voice of an IT engineer or bank employee to obtain OTPs or login information.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\" data-rmiz=\"\"><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/4-1762141116.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23226\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/4-1762141116.jpg\" alt=\"4 1762141116\" width=\"1004\" height=\"392\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/4-1762141116.jpg 1004w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/4-1762141116-700x273.jpg 700w\" sizes=\"(max-width: 1004px) 100vw, 1004px\" \/><\/a><br \/>\n<\/span><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Additionally, criminals use\u00a0<strong>AI voicebots<\/strong>\u00a0to create\u00a0<strong>smart automated calls<\/strong>\u00a0impersonating:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Police.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Banks.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Tax agencies.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Shipping companies (e.g., impersonating FedEx, DHL&#8230;).<\/span><\/li>\n<\/ul>\n<\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">They then ask victims to provide OTPs, card information, ID numbers, bank account details, and can even\u00a0<strong>listen and respond naturally like a human.<\/strong><\/span><\/li>\n<\/ul>\n<ol start=\"3\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Dark LLMs<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Dark LLMs<\/strong>\u00a0are rising strongly in the underground world of cybercrime.\u00a0<strong>Dark LLMs<\/strong>\u00a0(Dark Large Language Models) are known as\u00a0<strong>large language models (LLMs)<\/strong>\u00a0customized by cybercriminals,\u00a0<strong>removing all ethical barriers and safety policies<\/strong>\u00a0to support\u00a0<strong>illegal activities, fraud, or cyberattacks.<\/strong><\/span><\/li>\n<\/ul>\n<p><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/5-1762141117.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23227\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/5-1762141117.jpg\" alt=\"5 1762141117\" width=\"1003\" height=\"999\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/5-1762141117.jpg 1003w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/5-1762141117-700x697.jpg 700w\" sizes=\"(max-width: 1003px) 100vw, 1003px\" \/><\/a><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Dark LLMs are rising strongly partly because they support attackers significantly in criminal activities:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Scam\/Fraud Content Generation.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Social Engineering &amp; Phishing Kit.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Malware Support.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Reconnaissance &amp; Initial Access.<\/span><\/li>\n<\/ul>\n<\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">According to reports, there are currently at least 3 active Dark LLM providers with rental costs starting from\u00a0<strong>$30 to $200 per month<\/strong>, which is why there are more and more potential threats from this form of AI attack.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">A notable point of this trend is that criminals\u00a0<strong>do not use public APIs<\/strong>\u00a0(like OpenAI, Anthropic&#8230;) because they are easy to track and collect data. Instead, they\u00a0<strong>self-host LLMs<\/strong>\u00a0on private infrastructure or the dark web to:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Remain anonymous.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Optimize according to their own needs.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Be difficult to shut down.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ol start=\"4\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Sophisticated AI Phishing.<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">This is a trend where attackers use\u00a0<strong>AI-powered phishing and spam email tools<\/strong>, with the ability to be\u00a0<strong>smarter, more automated, and scale up significantly<\/strong>\u00a0in\u00a0<strong>social engineering<\/strong>\u00a0attack campaigns.<\/span><\/li>\n<\/ul>\n<p><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/6-1762141119.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23228\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/6-1762141119.jpg\" alt=\"6 1762141119\" width=\"857\" height=\"637\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/6-1762141119.jpg 857w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/6-1762141119-700x520.jpg 700w\" sizes=\"(max-width: 857px) 100vw, 857px\" \/><\/a><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Unlike traditional spam emails,\u00a0<strong>AI-powered mailers<\/strong>\u00a0are bulk email systems integrated with\u00a0<strong>large language models (LLMs)<\/strong>\u00a0or\u00a0<strong>AI NLP<\/strong>, aimed at:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Automatically generating phishing email content<\/strong>\u00a0tailored to each target.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Customizing and personalizing content<\/strong>\u00a0(name, company, position, etc.).<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Optimizing subject lines, tone, and sending times to increase\u00a0<strong>open rates<\/strong>\u00a0and\u00a0<strong>click-through rates<\/strong>.<\/span><\/li>\n<\/ul>\n<\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Furthermore, on the dark web, new spam platforms are emerging with the\u00a0<strong>&#8220;Mailer-as-a-Service&#8221;<\/strong>\u00a0model, where:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Users\u00a0<strong>pay to rent bots or AI for spam<\/strong>\u00a0as needed.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Service packages include:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Sending 10,000 emails per month.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Personalizing content with AI.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Spam performance reports.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Options to send from lists of stolen email addresses.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ol start=\"5\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Integrating AI into Cyber Attack Tools<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">This is a\u00a0<strong>particularly important<\/strong>\u00a0trend in modern cybercrime, where\u00a0<strong>AI is integrated into cyber attack tools<\/strong>,\u00a0<strong>but does not yet operate completely independently<\/strong>.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Previously, cybercriminals used chatbots like ChatGPT or WormGPT to generate malicious code\u00a0<em>once<\/em>, such as a PowerShell obfuscation script or phishing email. But now AI will be\u00a0<strong>directly integrated<\/strong>\u00a0into malware builders, phishing toolkits, reconnaissance frameworks, and even exploit\u00a0<strong>public APIs from legitimate AI chatbots<\/strong>\u00a0(like OpenAI, Google, etc.) or use their own\u00a0<strong>Dark LLMs<\/strong>.<\/span><\/li>\n<\/ul>\n<p><a href=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/7-1762141120.jpg\"><img decoding=\"async\" class=\"aligncenter size-full wp-image-23229\" src=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/7-1762141120.jpg\" alt=\"7 1762141120\" width=\"998\" height=\"723\" srcset=\"https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/7-1762141120.jpg 998w, https:\/\/cdn.fpt-is.com\/en\/sites\/3\/2025\/11\/7-1762141120-700x507.jpg 700w\" sizes=\"(max-width: 998px) 100vw, 998px\" \/><\/a><\/p>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">A campaign will go through 6 main stages:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Reconnaissance:<\/strong>\u00a0Analyze the target system, list resources, and assess vulnerabilities.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Vulnerability Scanning:<\/strong>\u00a0Automatically generate queries for Shodan\/Censys or write attack PoC from CVE.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Exploitation &amp; Evasion:<\/strong>\u00a0Generate exploit code suitable for the operating system, use AI to obfuscate payloads to avoid EDR detection.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Persistence &amp; Privilege Escalation:<\/strong>\u00a0Suggest ways to maintain access and escalate privileges based on the system environment.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Tactical Code Generation:<\/strong>\u00a0Generate shellcode, backdoors, and droppers with AI according to specifications.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Phishing\/Social Engineering:<\/strong>\u00a0Write email content, chatbot scams, and voice phishing with AI-generated voices.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h2 id=\"heading-recommendations\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Recommendations<\/strong><\/span><\/h2>\n<ol>\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Smart Multi-Layer Defense<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Implement\u00a0<strong>multi-layer defense<\/strong>\u00a0combining elements like behavior analysis, biometric authentication, session analysis, and anomaly detection.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Use explainable AI applications to monitor user and device behavior and identify complex AI-driven fraud.<\/span><\/li>\n<\/ul>\n<ol start=\"2\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Monitoring the Underground Ecosystem<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Invest in a\u00a0<strong>comprehensive Threat Intelligence platform<\/strong>\u00a0to:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Monitor forums, dark markets, and underground services.<\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Provide early warnings about new AI tools, attack tactics, and Crime-as-a-Service offerings.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ol start=\"3\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Advanced Awareness Training<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Contextual Warnings<\/strong>: Analyze content and situations (e.g., urgent requests, emphasis on authority).<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Clear Reporting and Verification Flow<\/strong>: Guide employees on how to respond to and escalate suspicious requests.<strong>Khuy\u1ebfn kh\u00edch t\u01b0 duy ho\u00e0i nghi<\/strong>: Nh\u1eadn di\u1ec7n c\u00e1c h\u00e0nh vi t\u1ea1o c\u1ea3m gi\u00e1c g\u1ea5p g\u00e1p, \u00e1p l\u1ef1c hay v\u01b0\u1ee3t quy\u1ec1n.<\/span><\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<ol start=\"4\">\n<li>\n<h3><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>AI Defense Applications<\/strong><\/span><\/h3>\n<\/li>\n<\/ol>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Integrate AI into monitoring systems to:<\/span>\n<ul>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Detect anomalies on a large scale<\/strong><\/span><\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Automate classification, alerts, and initial response<\/strong><\/span><\/li>\n<\/ul>\n<\/li>\n<li><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">Apply machine learning models to reduce the time from detection to response (MTTD\/MTTR).<\/span><\/li>\n<\/ul>\n<h2 id=\"heading-conclusion\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>Conclusion<\/strong><\/span><\/h2>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\">AI is increasingly transforming how cybercrime operates, from making phishing more sophisticated to creating deepfakes and automating attacks through\u00a0<strong>Dark LLMs.<\/strong>\u00a0Being aware of these threats and implementing comprehensive countermeasures (people, technology, collaboration) will help minimize damage and maintain digital security in the AI era.<\/span><\/p>\n<p id=\"heading-references\" class=\"permalink-heading\"><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><strong>References<\/strong><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.group-ib.com\/blog\/ai-cybercrime-usecases\/\" target=\"_blank\" rel=\"noopener nofollow\">From Deepfakes to Dark LLMs: 5 use-cases of how AI is Powering Cybercrime | Group-IB Blog<\/a><\/span><\/p>\n<p><span style=\"font-size: 12pt;font-family: arial, helvetica, sans-serif\"><a href=\"https:\/\/www.akamai.com\/blog\/security\/ai-cybersecurity-how-impacting-fight-against-cybercrime?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener nofollow\">AI in Cybersecurity: How AI Is Impacting the Fight Against Cybercrime<\/a><\/span><\/p>\n<table style=\"border-collapse: collapse;width: 100%\">\n<tbody>\n<tr>\n<td style=\"width: 100%\"><span style=\"font-family: arial, helvetica, sans-serif\"><strong class=\"custom-cursor-default-hover default_cursor_land\">Exclusive article by FPT IS Technology Experts<\/strong><\/span><\/p>\n<p><span style=\"font-family: arial, helvetica, sans-serif\"><em>Luu Tuan Anh \u2013 FPT IS Cyber Security Center<\/em><\/span><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"author":21,"featured_media":23329,"parent":0,"template":"","nang_luc":[790,821],"danh_muc_goc_nhin_so":[789,882],"dich_vu":[537,712],"linh_vuc":[],"platform":[],"san_pham":[],"the_goc_nhin_so":[],"class_list":["post-23222","goc_nhin_so","type-goc_nhin_so","status-publish","has-post-thumbnail","hentry","nang_luc-experts-sharing","nang_luc-security","danh_muc_goc_nhin_so-expert-sharing","danh_muc_goc_nhin_so-data-ai-insights","dich_vu-insights-data-ai","dich_vu-security"],"acf":[],"_links":{"self":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/goc_nhin_so\/23222","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/goc_nhin_so"}],"about":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/types\/goc_nhin_so"}],"author":[{"embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/users\/21"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/media\/23329"}],"wp:attachment":[{"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/media?parent=23222"}],"wp:term":[{"taxonomy":"nang_luc","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/nang_luc?post=23222"},{"taxonomy":"danh_muc_goc_nhin_so","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/danh_muc_goc_nhin_so?post=23222"},{"taxonomy":"dich_vu","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/dich_vu?post=23222"},{"taxonomy":"linh_vuc","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/linh_vuc?post=23222"},{"taxonomy":"platform","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/platform?post=23222"},{"taxonomy":"san_pham","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/san_pham?post=23222"},{"taxonomy":"the_goc_nhin_so","embeddable":true,"href":"https:\/\/fpt-is.com\/en\/wp-json\/wp\/v2\/the_goc_nhin_so?post=23222"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}