Machine learning is changing cyber fraud — and helping fight it

In an increasingly connected digital economy, rapid advances in technology such as machine learning (ML) are being leveraged for both business objectives and malicious intent. As more cyber criminals harness the power of the latest ML tools to launch ever-more effective scams and thefts, businesses are also adopting the technology to sharpen their cyber defenses. In this environment, it’s critical not only to safeguard your business against ML-enabled cyber fraud, but also to understand the risks involved in deploying the technology in your fraud-detection arsenal.

As criminals continue utilizing cutting-edge technologies to enable fraudulent activities, tech-adept businesses are countering these advances by adopting ML and other AI tools to improve their cyber defenses. A recent study by Forbes found that more than half of U.S. businesses use cyber security and fraud management tools that employ some form of AI.¹ These tools help them identify indicators of compromise across multiple data access points, monitor activity and rapidly respond to cyber threats, dramatically reducing man hours required for initial triage of potential threats.

Despite the move toward adopting ML cyber security capabilities, this use of the technology is nascent, so it’s important to keep some best practices in mind as you consider integrating ML into your cyber security framework.

Validate your data models. ML relies on vast data models for its so-called intelligence. Without transparency into the models it builds from your data, they are at risk for inaccuracies, bias and even data poisoning by bad actors. Be sure to implement data-driven procedures to identify, investigate, discipline and remediate model variances and inaccuracies. Human system validation is required to verify and validate your models on a regular basis.

Implement strong governance. Because ML-enabled cyber security tools process large quantities of potentially sensitive data, it’s critical for businesses to implement strong governance frameworks to establish guidelines for data management that ensure legal compliance, privacy and security.

Understand your external data sources. Data management and data security are especially important if you use a security service or tools that use shared data models and external data sources. Be sure to contractually require transparency and visibility into the efficacy of the data model.

Enable robust model training. Use a combination of supervised and unsupervised model training to improve the accuracy and efficacy of your data models. Unsupervised training is more scalable and can help you discover patterns and gain insights from large volumes of raw data. Supervised training, on the other hand, is more time consuming but can help you classify the data and make accurate predictions based on data labeled and annotated by human experts.

Empower and educate employees. Be sure to continuously educate your employees on new threats, processes and response procedures. Empower all levels of staff to question messages and other information they receive to determine validity, since ML can make fraudulent communications and data harder to identify. Employee knowledge, in fact, is becoming more critical as the frontline for cyber security shifts from an organization’s four walls to its data. This evolution requires that each department — finance, HR, operations, etc. — gathers and analyzes its own information and integrates that data across the security fabric of the organization.

At the same time, cyber criminals are adopting new ML technologies to research and design targeted and sophisticated fraud schemes. They’re using ML to automate and expedite more convincing and personalized phishing attacks, including investment scams and business email compromise. They are also using generative AI tools (e.g., search engines, chat clients and learning systems), voice-cloning software and deepfake videos to create incredibly detailed and realistic lures. (For more on deepfake technology and cyber crime, see “How to protect your business from deepfakes.”)

Chat clients and learning systems can fast-track cyber scammers’ social engineering methods and improve their effectiveness by generating customized bait messages that are based on vast amounts of personal and social data, making them much more personalized and persuasive. Natural language technologies help create complex and multifaceted phishing messages that are scrubbed of obvious grammatical errors, misspellings and oddly worded sentences. Cyber criminals are also using AI and ML tools to attack and gain unauthorized access to accounts and networks, often by analyzing behavior patterns or using ML to identify vulnerabilities.

The good news for businesses is that although these ML-enabled threats can be more convincing and sophisticated, they’re based on familiar tactics such as social engineering, so following tried and true security best practices can help protect your business.

• Verify all unsolicited communications by independently confirming sender information.
• Don’t send sensitive information to anyone whose identity you can’t confirm.
• Be careful when posting personally identifiable information on social media and be compliant with your company’s social media policies.
• Manage account and network access by using multifactor authentication and maintaining good password hygiene.

Ultimately, people — and not technology alone — form the foundation of effective cyber security. Employee cyber security awareness and training for new ML solutions presents an opportunity to refocus your organization on creating a culture of security, one in which employees have the knowledge and agency to proactively spot and then protect against cyber crimes.

For additional information on machine learning and cyber fraud, see Bank of America’s Fraud and Cyber Security resources. 

¹Kathy Haan, Forbes, “How Businesses Are Using Artificial Intelligence in 2023,” April 2023.