The age of the obviously fraudulent email has ended. Where once scammers relied on poorly written messages and grainy photographs to deceive victims, criminals today employ sophisticated artificial intelligence tools to craft convincing forgeries that would fool even cautious observers. Generative AI systems—including chatbots, image generators, and voice-cloning technology—have become so accessible and affordable that they now power a rapidly expanding ecosystem of internet fraud that threatens consumers across Southeast Asia and beyond.
The scale of this transformation is staggering. United States law enforcement authorities reported that cybercriminals extracted nearly USD21 billion from American victims throughout the previous year, with approximately USD893 million in losses directly attributable to AI-enabled schemes. These figures represent a troubling milestone: artificial intelligence has moved from theoretical concern to concrete threat affecting millions of individuals in real time. For Malaysia and the wider region, where digital commerce and social media adoption continue to surge, the implications are particularly acute. The tools enabling this fraud are globally distributed and rapidly evolving, creating vulnerabilities that existing consumer protections and platform safeguards have struggled to contain.
The shift fundamentally changes how ordinary people should approach online security. Mark Beare, a security industry executive at Malwarebytes, articulates this critical distinction: rather than hunting for telltale signs of deception, consumers must now actively verify that what they encounter is genuine. The traditional red flags—broken English, amateurish design, suspicious sender details—have largely vanished. Modern scam operations feature professional-grade websites indistinguishable from authentic retail outlets, meticulously crafted social media advertisements, and convincing digital personas. This inversion means that passive vigilance no longer suffices; active verification has become essential to navigating the online landscape safely.
One particularly prevalent scam category involves counterfeit retail websites masquerading as legitimate brands. Criminals use AI tools to replicate the visual design, product listings, and checkout processes of well-known retailers, then purchase targeted advertisements on platforms like TikTok and Instagram to direct unsuspecting shoppers to these fraudulent operations. The economics of this scheme reveal why it has proliferated: scammers can afford expensive digital advertising precisely because they have no genuine products to ship. Unlike authentic brands that must balance marketing costs against actual merchandise expenses, fraudsters operate with pure profit motivation, making each click-through a potential direct financial gain. Shoe retailers like Hoka have specifically warned consumers about proliferating fake clearance websites bearing their name, while established platforms including REI and eBay face constant replication attempts.
The scale of fraudulent advertising has triggered regulatory action and mounting legal pressure against social media platforms. Meta, which operates Facebook and Instagram, faces complaints from consumer advocacy organisations and state governments alleging that the company has inadequately policed deceptive advertising despite claiming otherwise. The company reported removing 159 million scam advertisements in the previous year and suspending nearly 11 million accounts associated with fraud operations, yet critics contend these efforts remain insufficient given the volume and sophistication of modern schemes. TikTok similarly maintains that it prohibits deceptive content and claims that in the final quarter of 2025, it removed 97 percent of violating spam before users reported it—though this metric offers limited comfort to those already victimised before automated systems intervened.
Beyond fake retail operations, scammers have increasingly weaponised AI to impersonate individuals in victims' personal networks. This personalised fraud approach exploits the gap between what families and friends imagine is possible with technology and the sophisticated capabilities now readily available through commercial tools. Researchers at organisations studying artificial intelligence capabilities confirm that creating realistic real-time video impersonations has become remarkably simple and inexpensive, using tools that can replace a person's entire body and alter their voice with complete realism during video calls. A mother might receive a text message apparently from her son's phone number—itself spoofed through basic technical means—and subsequently participate in a video conversation with an artificial recreation of her child, manipulated by a fraudster requesting money for a manufactured emergency.
These impersonation scams operate along multiple vectors depending on a victim's circumstances and vulnerabilities. Isolated individuals might be manipulated through romantic impersonations recreating supposed past relationships. Job seekers facing employment difficulty could encounter entirely synthetic interviewers conducting fake hiring processes for nonexistent companies. Elderly relatives with limited technical familiarity become particularly exposed to these schemes, lacking the context to recognise that video authenticity no longer guarantees genuine identity. The effectiveness of this approach lies partly in its psychological cleverness: it combines technological sophistication with exploitation of human emotional bonds, making victims simultaneously less likely to question what they encounter and more motivated to respond quickly without verification.
Defending against identity impersonation requires low-technology solutions grounded in direct human communication. Security researchers recommend that family members, particularly older relatives less accustomed to digital deception, establish predetermined security protocols through personal conversation. These might include designating a secret code phrase that only genuine family members know, enabling rapid authentication when unexpected calls or messages arrive. This approach costs nothing and requires no specialised knowledge, yet it creates a verification mechanism that AI impersonation cannot easily overcome precisely because it relies on genuine shared history rather than digital authentication.
Deepfake impersonation has extended beyond individual targeting to broader celebrity exploitation schemes. High-profile figures from entertainment and business—including chef Gordon Ramsay, entrepreneur Richard Branson, and numerous others—have become targets for scammers creating fabricated videos that claim these personalities endorse products or investment opportunities. A widening circulation of deepfake Ramsay footage promoted fraudulent cookware giveaways, with victims transferring credit card information believing they paid shipping fees for legitimate free merchandise. Branson experienced such frequent deepfake exploitation that he eventually posted instructional content on Instagram explaining how followers could identify and avoid these impersonation schemes. These incidents underscore how accessible celebrity images and videos make realistic fabrication possible—the training data for generative AI systems includes countless photographs and footage of famous individuals, providing abundant material for generating convincing fake content.
Responding to celebrity-based scams requires returning to verification fundamentals that predate digital technology. Branson's specific advice—trust only information originating from official channels, such as verified corporate websites—remains sound even as deception methods have advanced. Blue verification checkmarks on social media platforms, once considered reasonable confidence indicators, have proven insufficient barriers to fraud. Scammers have obtained legitimately verified accounts or created convincing imitations with minor character variations that casual observers miss. Consequently, consumers encountering celebrity endorsements or investment pitches, regardless of apparent verification status, should independently verify such claims through official corporate channels before engaging financially.
Identifying fraudulent retail websites before entering payment information requires developing practical verification skills. A straightforward initial step involves searching the website's URL through Google and examining what discussions appear on forums like Reddit where victims frequently share experiences. This crowdsourced approach provides rapid feedback about whether others have encountered scams associated with a particular domain. More sophisticated verification employs artificial intelligence tools in an inversion of the fraud threat itself: Malwarebytes has partnered with ChatGPT and Claude creators to develop a scam-detection application where consumers can paste suspicious URLs and screenshots for analysis determining whether sites appear legitimate. This turning of AI capabilities toward protection represents one emerging counter-balance to fraud applications, though it requires consumer initiative and technological comfort many victims may lack.
Beyond specific fraud categories and detection methods, fundamental consumer scepticism remains the most reliable protection available to ordinary people. The age-old wisdom that exceptional offers—steeply discounted luxury goods, unrealistic investment returns, unexpected financial windfalls—typically indicate deception has not been rendered obsolete by technological advancement. AI has made scams more visually and verbally convincing, but it has not created genuine economic value or fundamentally altered the underlying fraudulent premise. When a website offers designer sneakers at eighty percent discounts, or when a stranger's video call requests emergency money transfers, the basic implausibility of the scenario persists regardless of production quality. Malaysian consumers navigating increasingly sophisticated digital environments should remain sceptical of unusual offers and requests, verify information through independent official sources, and maintain direct communication with family members about the expanding capabilities of impersonation technology.
