Building Stronger Business Defenses in the Age of the AI Arms Race
- By Joc Cing Tay, Ph.D., Gogolook
- September 22, 2024
The rapid evolution of AI has ignited an unprecedented arms race between scammers and anti-scammers. Scammers are exploiting generative AI to craft increasingly sophisticated counterfeits and forgeries, redefining the limits of deception. Meanwhile, anti-scammers are developing advanced detection tools to protect individuals, organizations, and governments.
At the recent Global Anti-Scam Summit Europe, I explored the pressing challenges businesses face in this escalating AI arms race, prompting critical questions for consumer-facing companies: How can we better navigate AI-driven scams? What strategies can safeguard our stakeholders? Most importantly, how can we stay ahead in this high-stakes game?
The concept of “security through obscurity” in cybersecurity mirrors the cat-and-mouse dynamic of the AI-driven scam battle. While defenders create detection tools, attackers constantly find ways around them, leading to a costly, never-ending cycle. However, this reactive approach seldom addresses the core vulnerabilities. A shift towards a proactive, resilient defense strategy is crucial.
Mid-Game strategies: Collaborative truth-checking
A strategic approach to combating scams involves understanding the organized structure of scam operations. Scammers often operate with a division of labor akin to legitimate businesses, including teams focused on impersonation, counterfeiting, and money laundering. Their sophisticated orchestration targets individuals across generations, necessitating that companies think beyond traditional defenses.
To effectively counter these complex scam operations, a collaborative ecosystem is essential. Disrupting scam networks requires a collective effort involving NGOs, private enterprises, cloud service providers, government agencies, and cybersecurity firms. For instance, Gogolook joined forces with the Royal Malaysia Police (PDRM) for the “Scam Free Malaysia Carnival,” utilizing PDRM’s Commercial Criminal Investigation Department (CCID) database to tag unknown calls. The initiative not only deterred Malaysians from answering scam calls but also achieved a nearly 50% reduction in scam call pick-up rates.
Similarly, ScamAdviser’s global efforts highlight the importance of ecosystems and collaboration. Working with governments and businesses across nearly 20 countries, including the United Kingdom, Netherlands, Denmark, Japan, Australia, South Africa, and the Philippines, ScamAdviser developed “CheckMyLink,” a tool that allows users to verify in real-time whether a website is legitimate or a scam. This pooling of resources and expertise enhances scam prevention on a global scale.
The recent Global Anti-Scam Summit Europe also emphasized the need for a collaborative ecosystem, uniting governments, consumer and financial authorities, law enforcement, brand protection agencies, and cross-sector businesses to share insights and coordinate efforts. By pooling resources, sharing intelligence, and developing joint strategies, these stakeholders worked together to combat the intricate networks behind online scams. This October, the GASA Singapore chapter will build on these efforts, offering a platform for collective action to strengthen protections for businesses and consumers across Asia and beyond.
Another critical strategy is developing and distributing truth checkers through APIs. By integrating these tools into online commercial platforms, organizations can apply them broadly and consistently to identify and mitigate scams. This approach helps enhance defenses against fraudulent activities and ensures more effective scam detection. However, the challenge here is ensuring adequate business models covering privacy compliance concerns and rewarding companies that provide these truth checkers, balancing social responsibilities and business needs.
For example, Brastel Corporation, a provider of cloud-based IP telephone services in Japan, has integrated an anti-scam function into its Basix service that automatically identifies suspicious callers using a comprehensive database of 2.6 billion phone numbers – one of the largest in East and Southeast Asia. This innovation allows users and business clients to instantly and automatically identify nuisance numbers and display caller information on their phone screens, eliminating the need for company personnel to register manually.
End-Game strategies: A multifaceted defense
Focusing on more comprehensive, long-term strategies is essential as we move beyond immediate countermeasures and address evolving threats. Integrating advanced technologies and robust credentialing methods will be crucial in building a multifaceted defense.
One key approach is to replace human intermediaries with AI ‘guardians.’ These AI agents can autonomously perform comprehensive checks and risk assessments, reducing the risks associated with human error and social engineering. As AI technology advances, these guardians will increasingly handle decision-making and protection against complex scams.
Another crucial strategy is ensuring the credentialing and verifiability of digital content. Content credentialing, as pioneered by Adobe’s Content Credentialing and C2PA standards, involves cryptographically signing and tracking modifications to digital assets. This helps verify document authenticity and counter misinformation, providing a solid defense against counterfeiting and ensuring transaction reliability.
The evolving AI arms race necessitates a multifaceted approach combining collaboration, advanced technologies, and robust credentialing methods. Businesses can build resilient defenses against sophisticated scams by integrating AI guardians and content credentialing. Staying ahead requires innovative and collective strategies to ensure consumer trust and authenticity in the digital age. In this evolving AI landscape, businesses can safeguard their future and inspire consumer trust by staying proactive and fostering collaboration.
The views and opinions expressed in this article are those of the author and do not necessarily reflect those of CDOTrends. Image credit: iStockphoto/dusanpetkovic
Joc Cing Tay, Ph.D., Gogolook
Joc Cing Tay, Ph.D., is the vice president of engineering at Gogolook. He holds a Ph.D. in Artificial Intelligence (AI) from Nanyang Technological University and an MBA from the National University of Singapore, providing him with a robust academic foundation.