Investing

Criminals go after South African retirement savings using AI

South African retirement savings are increasingly at risk of cybercrime, with the widespread adoption of artificial intelligence (AI) making it harder to detect phishing emails and other forms of fraud. 

This is feedback from actuary and damages expert Gregory Whittaker, who explained the rise of AI-enabled fraudulent schemes in a recent research paper. 

Whittaker focused particularly on FraudGPT, which was launched in July 2023 and has become the tool of choice for criminals looking to steal money. 

In particular, retirees are vulnerable as criminals focus on their efforts on them as they rapidly gain access to capital following retirement. 

In a prize-winning essay recently published by the US-based Society of Actuaries Research Institute, Whittaker describes FraudGPT as “the beginning of a new era of cybercriminal at scale”.

FraudGPT enables anyone intending to commit a cybercrime to create sophisticated phishing emails, build hacking tools and uncover weaknesses in IT systems. 

“It is likely that we will soon see the end of badly punctuated, misspelt, misdirected and factually inaccurate phishing emails”, Whittaker said. 

This will make it much harder to distinguish between honest communication from financial services providers and fraudulent approaches from criminals.

The FBI’s Internet Crime Report 2023, released in March this year, shows that most cybercrime victims were older than 60, having suffered losses in excess of $3.4 billion (R58.5 billion) in 2023. 

While similar research does not exist for South Africa, it is safe to assume that retirees in this country are just as vulnerable.

The increasing complexity of financial products, more retirees using computers and smartphones, and scammers aided by AI create significant risks for retirees.

“If they have a greater propensity to turn to social media to fill the void created by no longer interacting with colleagues in the workplace, there is the potential that more personalised information will become available to scammers to harvest.”

What to look out for 

Whittaker explained that mistrust is the best defence and encouraged all consumers to never share sensitive information over the phone, via email or via social media. 

He suggested calling the company you believe you are dealing with, checking in with your financial adviser, or calling the Financial Sector Conduct Authority to check whether the company or individual is registered.

There are many scams targeting consumers, but all retirees should be made aware of the most common forms of cybercrime listed below. 

  • Phishing and its more advanced version, spearfishing

Most consumers who bank online have encountered warnings about phishing attempts, whereby criminals try to solicit information such as passwords via emails or text messages that appear to come from a reputable company. 

While phishing attempts are sent out widely and randomly, with the senders hoping that someone will fall for the scam, spearfishing is more targeted.

Whittaker explained that with the help of AI tools such as FraudGPT, criminals can review large volumes of data to identify potential victims and tailor messages that capture the retiree’s unique circumstances. 

This makes the approach even more believable for the targeted retiree, increasing the chances that confidential personal information will be shared with the criminal. 

  • Deepfakes

Whittaker said a common deepfake scam uses images of celebrities or trusted public figures claiming on social media, Telegram, or WhatsApp to have made large profits from online trading. 

Retirees hoping to increase their retirement savings are tricked into signing up and parting with their money. 

However, when an attempt is made to withdraw “invested” funds, the accounts are locked, and the bogus investment company is gone.

  • Grandparent scam (voice cloning)

With AI tools, criminals clone a younger relative’s voice and then call the retiree, reporting an emergency like a car accident or an arrest and asking for money. 

He explained that in most cases, the caller requests that the call be kept secret and pressures the grandparent for immediate access to the money.

Any suspicious behaviour should prompt the grandparent to end the call and either call another family member for guidance or return the call on a number known to be genuine. 

Families may also establish safe words for all family members to help establish that the caller is authentic.

Newsletter

Top JSE indices

1D
1M
6M
1Y
5Y
MAX
 
 
 
 
 
 
 
 
 
 
 
 

Comments