MANILA - Cybersecurity firm Trend Micro on Tuesday said generative AI is forecast to unleash a ‘tsunami’ of phishing attacks and other scams this year.

The company said that generative AI tools have made it easier for scammers to implement impersonation, voice cloning and deepfake videos meant to trick people into giving up information that may compromise their online identities and finances.

“Basically, here, what we’re saying is that generative AI will level up social engineering lures,” said Raymond Almanon, senior security specialist at Trend Micro Philippines.

Trend Micro warned that fake but hyper-realistic audio and video content will be much cheaper to produce because of AI, which in turn will drive a surge in ‘virtual kidnapping’ and business email compromise.

Virtual kidnapping refers to a scam where the voice of a person is cloned to convince their family that they had been kidnapped and a ransom needed to be paid.

• Cybercriminals can use AI for scams, more potent malware: Trend Micro
• Doc Willie Ong denies involvement in ‘fake ads’ on Kris Aquino’s ‘miracle food’

Almanon said deepfakes are already being by fake news bloggers for misinformation and by fraudsters in the country who want to lure people into cryptocurrency scams.

He noted that Singapore has identified deepfakes as a security concern and is investing 20 million Singaporean dollars for detecting deepfakes and other types of misinformation.

Watch more News on iWantTFC

This was after Singaporean Prime Minister Lee Hsien Loong appeared in a deepfake video on social media platforms in December last year where he supposedly promoted cryptocurrencies.

“So we’re seeing that because of the advancements in AI right now, phishing will become more prominent,” Almanon said.

• News anchors targeted by deepfake scammers on Facebook

Meanwhile, Monte de Jesus, senior threat researcher at Trend Micro Philippines said AI is also helping create polymorphic malware or malicious code that can change itself to avoid detection.

AI models can also be “poisoned” by feeding it bad data according to Trend Micro.

While GenAI and LLM (large language models) datasets are difficult for threat actors to influence, specialized cloud-based machine learning models are a far more attractive target, Trend Micro said.

Validating and authenticating the datasets used to train AI will be very important, because of how expensive ML integration is for many businesses, the company added.

Aside from AI threats and threats to AI, cybersecurity professionals should also look out this year for cloud-native worm attacks, software supply chain attacks, and attacks on private blockchains, according to Trend Micro Country Manager Ian Felipe.

He said that organizations need to invest in a holistic and robust cybersecurity platform to guard against such attacks.