Cybercriminals Exploit AI Buzz to Trick Users
Cybercriminals continue to ruthlessly harness AI tools to spread malware through fake advertising on key social media platforms.
A new report from cybersecurity firm Mandiant unmasked a Vietnam-linked hacking group that was tricking people into downloading malicious software to harvest their data.
The widespread scam uses realistic-looking online ads that claim to promote popular AI platforms such as Canva, Dream Lab, Luma, and Kling AIs. A rotating set of websites and fake pages kept the scam alive.
Instead, users were redirected to fake websites designed to steal their personal information. A sample of 120 Facebook ads targeting European users alone had a combined reach of over 2.3 million people. More than ever, digital criminals are exploiting popular tech trends to deceive the public.
Sophisticated Tactics and Realistic Ads
“Criminals go where the attention is,” said Yash Gupta, a senior manager at Mandiant. “Right now, that’s AI.”
Although this scam is no longer active, attackers continue to launch new ads and websites daily. The cat-and-mouse game sees scammers constantly adjust their tactics to avoid detection as cybersecurity experts catch on.
“These attackers are tapping into the public’s growing fascination with AI to carry out digital theft,” Gupta said. “A site that looks like an exciting new AI tool could actually be stealing your passwords, credit card numbers, or social media accounts.”
Victims include both solo users and employees of businesses across several industries. “This isn’t just a consumer issue.
“These stolen credentials can give attackers access to corporate networks, making it a risk for organisations too.”
Digital Freedom Under Threat
How Fast-Evolving Threats Are Outpacing Defenses
In the first three months of 2025, global growth in fake browser update scams increased by 17 times the previous quarter’s levels. There was a staggering 466% increase in phishing (digital impersonation) reports.
These findings come from a Gen Digital report, a global leader in digital freedom, powering Norton and Avast, among other trusted brands.
“Online threats are evolving at a startling pace,” said Siggi Stefnisson, Cyber Safety CTO at Gen. “Attackers are moving away from broad, indiscriminate campaigns to highly personalised, AI-enhanced deception.
“Breached data and AI tools are giving cybercriminals just enough personal information and design sophistication to more easily manipulate people. That’s why we constantly evolve our cybersecurity solutions to be an interactive partner in fighting scams and to be one step ahead of cybercriminals.”
Data breaches are on the rise, with a 36% increase in the number of breaches faced by companies compared to last quarter. Individual breached records surged by more than 186%, revealing sensitive information such as passwords, emails, and credit card details.
Distraction Makes Us Vulnerable, Says BNZ
35% of Kiwis admit to replying to emails, texts, and notifications while in the bathroom, 41% during a face-to-face conversation, and 28% while in a meeting or webinar, according to a new BNZ survey.
“And when we’re rushed or distracted like this, we make mistakes,” says BNZ Head of Fraud Operations, Margaret Miller. “Scammers prey on the fact that when we’re rushed, distracted, or juggling multiple things, we’re more likely to click first and think later.”
BNZ now offers app-based authentication rather than texts, and an online banking lock that allows customers to disable online banking activity if they suspect a scam.
“While we all expect seamless digital experiences, we’ve learned that introducing small elements of friction at critical moments helps with focus and ultimately, keeps customers and their money safer,” says BNZ Head of Design, Donal Devlin.
“In practice, this means things like swapping button locations, adding brief pause notifications, or showing “pause and think” alerts to help customers stay focused when making higher-risk transactions or actions in their accounts.
“It’s about finding the right balance between convenience and security – adding just enough of a moment to think when the stakes are highest.”
Tips to Stay Digitally Safe
As scams become more sophisticated and personalised, staying alert online is more important than ever. Whether you’re a business or an everyday user, taking small protective steps makes a big difference. Cybersecurity experts recommend adopting a few key habits.
• Pause before clicking – especially if you’re doing something else at the same time
• Never click on links or attachments sent by someone you don’t know or that seem out of character for someone you do know
• Keep your computer and phone security software up to date
• Contact your bank immediately if you think you’ve been scammed
• Visit websites directly rather than through ads
• Double-check URLs before downloading software
• Use up-to-date antivirus protection
• Report suspicious ads to the platform
