- Flashpoint finds that AI is now widely used to circumvent deepfake-based KYC, with posts selling toolkits of synthetic videos, voice cloning and fake documents.
- Criminals are less focused on creating new AI tools and more on perfecting jailbreaks, rapid workflows, and moving to softer models like VeniceAI, with phishing scripts and impersonation prompts traded like commodities.
- Researchers emphasize that visibility into these evolving methods is critical for defenders because it allows for earlier detection and more targeted responses to active fraud techniques.
It’s not news that cybercriminals are using artificial intelligence (AI) in their campaigns, but the way they use these tools is changing almost by the minute, according to a new study.
A report from security researchers Flashpoint explained how scammers are using AI primarily to impersonate people with deepfakes, and thus bypass Know Your Customer (KYC) protocols and enable fraud.
The report is based on more than 2.3 million discussions across the web about how to use artificial intelligence for illicit activities, with Flashpoint seeing more than 63,000 posts discussing KYC bypass methods using AI and, in many cases, threat actors were selling entire toolkits.
A mature industry
Flashpoint explained how these solutions bring together the generation of synthetic videos designed to mimic live verification behavior, voice cloning, scripted interaction prompts and fake documentation, allowing peers to assume a false identity from start to finish.
Some sellers even offered advice on tailoring their products to specific platforms or verification requirements, updating listings in real time based on buyer feedback.
Flashpoint also said the hacker collective had “matured” as it was no longer interested in creating new AI tools. Instead, it aims to squeeze maximum utility from existing models, through discussions of jailbreak methods, rapid sharing workflows, and migration to alternative models that operate with fewer guarantees compared to industry standards like ChatGPT or Gemini.
VeniceAI is seeing a notable increase in mentions, according to the report, primarily driven by new Reddit and Discord communities dedicated to the platform. The prompts themselves have become a convenience, with scammers sharing phishing scripts, step-by-step impersonation workflows, and much more.
“For security teams, the priority is to maintain visibility into how these methods are evolving and where they are being applied,” Flashpoint said.
“This visibility allows for earlier detection, a more targeted response, and a clearer understanding of the techniques actively in circulation. »
“Monitoring these sources provides that context. It connects observed activity to the methods behind it and helps teams track how those methods evolve over time.”
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds.
