From FraudGPT to deepfakes: AI is now running cybercrime at scale — and only AI can stop it

AI is transforming cybercrime by automating attacks at unprecedented scale. Tools like Mythos and Open Claw allow hackers to bypass traditional security controls, exploiting vulnerabilities through methods such as prompt injection, model manipulation, and data poisoning. MITRE Atlas identified these AI-first threats as creating entirely new attack vectors, making detection and defense more challenging. Sanjay Katkar, joint managing director at Quick Heal, warned that AI-driven phishing, impersonation campaigns, and intelligent botnets will dominate future cyberattacks, operating autonomously and adapting in real time. The rise of AI has also industrialized deception, with cybercriminals using hyper-personalized scams to mimic trusted platforms like ChatGPT or Gemini. Varun Grover, business unit head at mFilterIt, noted that AI analyzes user behavior to craft convincing fraud schemes, including fake influencer promotions and hidden auto-renewal traps. Warning signs include unrealistic discounts, suspicious payment flows, and AI-generated chat support. India’s government has responded by convening a high-level meeting with banks and regulators, including the Reserve Bank of India and National Payments Corporation of India. Finance Minister Nirmala Sitharaman and IT Minister Ashwini Vaishnaw discussed strategies to combat AI-driven fraud, emphasizing the need for adaptive security measures. While AI poses new threats, it is also a critical defense tool. Organizations are leveraging AI to detect anomalies, combat phishing, and mitigate DDoS attacks. However, experts stress that traditional security models are insufficient against AI-powered exploits, requiring innovative approaches to stay ahead of evolving threats.