THIS IS HOW ROBOTS WILL CHANGE THE WORLD
Aina Syahira bt Said Mat Nasir is a committed student at Universiti Teknologi Mara who is now pursuing a degree in Information Systems Management. As part of her academic path, she has participated in a variety of projects and coursework that explore the complexities of cyber fraud and the safeguards required to avoid these risks. This ebook is the product of her efforts to investigate real-world case studies, clarify key concepts, and examine legislative frameworks pertinent to Malaysian context. She hopes that this e-book will provide vital insights into how to better comprehend and battle the difficulties posed by cyber frauds and AI technology. I
This study looks into the complex relationship between cyber fraud and artificial intelligence (AI), with a specific focus on Malaysia. We begin by reading recent research publications to gain a better understanding of the complicated interactions between cyber fraud and AI technologies. Subsequently, we examine Malaysian case studies to find real-world examples of AI-driven cyber fraud affecting individuals, organisations, or government bodies. Along with these studies, we clarify key ideas and terminology linked to cyber fraud and AI by offering clear definitions and examples. In addition, we look at the regulatory frameworks and standards put in place by Malaysian authorities to manage the growing threat of AI-enhanced cyber fraud. Finally, we propose practical tactics and solutions to manage these risks in Malaysia, taking into account the considerable challenges posed by globalisation. II
III TABLE OF CONTENT NO. PAGE 1. Author profile i 2. Abstract ii 3. Table of content iii 4. Introduction 1 5. Previous research studies related to cyber scams and AI 2-3 6. Malaysian case studies on cyber scams and AI 4-5 7. Definition and examples of cyber scams and AI terminology 6-8 8. Standard of Procedure (SOP) / Guideline on cyber scams and AI. 9-10 9. Issues and challenges of cyber scams and AI technology in Malaysia. 11-12 10. Suggestions on how to combat the global rise in cyber scams in Malaysia. 13 11. Conclusion 14 12. References 15-16
First, we look at current research publications published within the last three years, using online database to find scholarly works that provide insight on the complex relationship between cyber frauds and AI. Following that, we shift our focus to Malaysian case studies, hoping to uncover real-world situations in which cyber frauds employing AI technologies have harmed individuals, organisations, or government agencies. In addition to actual research and case studies, we want to clarify essential concepts and terminology related to cyber frauds and AI technologies. By offering clear descriptions and examples of concepts such as Artificial Intelligence. Furthermore, we focus on the legislative frameworks and standards set by Malaysian authorities to manage the growing hazards posed by cyber frauds and AI. Finally, we address the enormous problems posed by the global increase in cyber frauds, suggesting practical techniques and solutions to tackle these risks in the Malaysian context. In this research, we will conduct a complex investigation into the relationship between cyber scams and artificial intelligence, with the goal of illuminating the changing 1 0.1 INTRODUCTION environment of cyber risks and their repercussions for individuals, organisations, and governments, with a special emphasis on Malaysia.
Deepfake technology refers to the use of artificial intelligence (AI) and machine learning techniques to create highly realistic fake media, such as videos, images, or audio recordings, that appear to depict real events or people. Factors to identify deepfake technology PREVIOUS RESEARCH STUDIES 0.2 RELATED TO CYBER SCAMS AND AI. The figure shows the process of creating a deepfake by combining images of a person shot from different angles and with varying facial expressions to create a video The article discusses about deepfakes and emphasizes the role of AI in addressing this issue. It discusses how deepfakes can manipulate various media formats to create false narratives. Bad lipsyncing. Abnormal skin colors Abnormal eye movement IN CONCLUSION Using deepfake software, images and videos are created to trap companies. This causes trouble, especially in global politics, where it is very hard to detect. 2
CS-FSM provides a revolutionary approach to cyber security in the financial sector, improving privacy, scalability, risk reduction, data protection, and attack avoidance. The proposed solution is a considerable upgrade over current cyber security practices for dealing with cyber threats in the banking sector. The article "Exploring the Impact of AI-Based Cyber Security Financial Sector Management" by Shailendra Mishra discusses the pressing need for more robust security measures in the financial sector to combat a wide range of network attacks. PREVIOUS RESEARCH STUDIES 0.2 RELATED TO CYBER SCAMS AND AI. Cybercriminals use AI and data poisoning, as well as model theft strategies to automate their attacks. A cyber security technique based on artificial intelligence is presented in this study for financial sector management (CS-FSM). IN CONCLUSION 3
Ads for scams that promise to help them get rich quickly, he said. Some common AI-driven scam techniques include deepfakes, voice cloning, phishing emails and text messages as well as social media manipulation, said Amirudin. Its chief executive officer Datuk Dr Amirudin Abdul Wahab said AI-powered scams are getting smarter by the day, making them harder to spot. MALAYSIAN CASE STUDIES ON 0.3 CYBER SCAMS AND AI. PETALING JAYA: Scammers are increasingly using artificial intelligence (AI) to make their scams more believable and effective, says CyberSecurity Malaysia (CSM). Comm Ramli had said AI could be used by syndicates in their illicit activities against Malaysians by as early as the middle of 2024. WHAT WHO WHY HOW WHEN 4
The regulatory agency has already warned that it will take legal action against Facebook over the fraudulent advertising Teo stated, she forwarded the video link directly to Meta, requesting that the content be removed Furthermore, she stated TikTok and Google should examine techniques for warning people whether the content generated using AI Even Fahmi Fadzil, the Minister of Communications, was a victim of impersonation in one of the scam commercials, which was referred to the MCMC for further investigation. MALAYSIAN CASE STUDIES ON 0.3 CYBER SCAMS AND AI. Teo Nie Ching, Malaysia's Deputy Communications Minister, recently warned Malaysians to be aware of legitimate social media adverts. it is time for the Communications Ministry to take a stronger stand against social media networks that have plainly encouraged scams. WHAT WHO WHY HOW WHEN 5
DEFINITION AND EXAMPLES OF CYBER 0.4 SCAMS AND AI TERMINOLOGY Scammers use chatbots with natural language processing on websites and social media . These chatbots engage consumers in seemingly genuine discussions, enticing them to share critical information like login passwords . Scammers create very convincing phishing emails. These emails are personalised using information gleaned from social media profiles or publicly available information. Deep Learning is a subset of machine learning in which artificial neural networks. Scammers use deep learning techniques to construct voice synthesis systems that mimic the sounds of humans. Malicious actors use AI algorithms to create convincing fake news articles, social media messages, and videos. Artificial intelligence (AI) Machine Learning (ML) Natural Language Processing (NLP) Deep Learning 6
Spear Phishing is a phishing attempt that is tailored to a specific individual or organisation. A spear phishing assault could involve an attacker sending personalised emails to deceive them into disclosing sensitive information. Smishing is a type of phishing that occurs through text messages (SMS). For example, the video below depicts a smishing scam that occurred in Malaysia. The Scammers claiming to be from a respectable organisation Maxis A vishing scam occurs when a scammer calls a victim, purporting to be a bank official, and asks them to verify their account information over the phone. Vishing Scam Smishing Scam Spear Phishing One of the example of Smishing Scams that happened in Malaysia 7
Chatbots are AI-powered computer programmes that mimic human conversation via voice commands or text chats. Unbeknownst to the victim, the chatbot is operated by scammers who want to steal their login credentials or financial information. Scammers use conversational AI models such as ChatGPT to launch social engineering assaults through chat platforms, social media, or email. These AI-powered bots engage people in surprisingly authentic interactions. Chatbots ChatGPT Phishing is a type of cybercrime in which someone posing as a legitimate institution contacts a target via email, phone, or text message in order to trick them into providing sensitive information. Phishing Scam 8
The National Cyber Security Policy establishes a strategic framework for addressing cybersecurity challenges in Malaysia. NACSA has published the 10 Easy Steps for Cyber Security Awareness that outlines all of the most sensible practices in cyberspace; 1) Use a password 2) Update your security software 3) Keep your information protected 4) Be aware of your cyber environment 5) Observe your ethics on the Internet 6) Beware of cyber criminals 7) Think before you click 8) Lodge a report 9) Be alert 10) Comply GUIDELINE ON CYBER SCAMS AND AI IN MALAYSIA. Become a more knowledgeable Netizen. Learn how to recognise cyber threats and prevent being a victim of viruses, scams, phishing, and ransomware. Use the simple actions to protect yourself, and share them with your family and friends. IN CONCLUSION 0.5 9
Malaysia Computer Emergency Response Team (MyCERT) was formed on January 13, 1997 and started its operation on March 1, 1997. MyCERT is a point of reference for the Internet community in Malaysia to address computer security incidents. Currently MyCERT operates Cyber999 Cyber Incident Reference Center and Cyber Threat Research Centre. Mission "To address the computer security concerns of Malaysian Internet users" Vision "To reduce the probability of successful attacks and lower the risk of consequential damage" MyCERT assist and gives advices on incidents handling such as intrusion, identity theft, malware infection, and other computer security related incidents. IN CONCLUSION 10
11 That is why, in the next part addresses the issues and challenges brought by the use of AI in Malaysia, ISSUES AND CHALLENGES OF CYBER SCAMS AND AI TECHNOLOGYIN MALAYSIA. 0.6 The Office of the Chief Registrar, Federal Court of Malaysia, stated that AI-based sentencing guidelines are intended to serve as a rapid reference and direction for Sessions Court judges and magistrates. From July 23, 2021, the AI system will be implemented in lower courts in Kuala Lumpur and Shah Alam, encompassing 20 common offences including as physical and sexual assault, theft of property, drug possession, and traffic violations. Issue on Negligence The concept of negligence in the context of cyber scams and AI technology relates to failures or oversights by individuals, or institutions. Neglect in the implementation of AI technology might have unforeseen consequences such as algorithmic prejudice, privacy issues, or security flaws.
Liability in cybercrime involves determining legal responsibility for unlawful activities conducted through digital means. Liability in Crime Establishing culpability in cybercrime frequently begins with identifying the individuals responsible for the illegal activity. This can be difficult in cyberspace, where attackers may hide their identity via anonymizing technologies such as hacking through intermediary servers. This brings us to consider the following point: how would humans be punished for the actions of AI? Where AI is found to have obeyed human instructions and committed an act that would constitute a crime if committed by a person, the AI‘s activities are often attributed to the human. If the human has the necessary mental condition, she will be found guilty. Issue on Vicarious Liability Vicarious liability is a legal concept in which one person or entity is held accountable for the conduct or omissions of another, usually in the context of an employer-employee relationship. For example, when AI systems are involved in decision-making processes, determining responsibility might be difficult if the systems cause harm or aid fraud. If an AI system takes autonomous decisions that result in a cyber fraud, the entity that installed the AI may be held accountable for its conduct. 12
To address the global growth in cyber frauds in Malaysia, a multifaceted approach that includes collaboration among government agencies, law enforcement authorities, cybersecurity organisations, industry players, and the general public is required. Here are some thoughts on how to approach this difficulty effectively. Improve Cybersecurity Awareness and Education: Create comprehensive cybersecurity awareness and education programmes for individuals and organisations. Educate the public on AI-powered technologies. Encourage best practices for responsible online behaviour. Invest in Cybersecurity Technology and Infrastructure: Set aside funds to invest in cybersecurity technology and infrastructure that will respond to cyber frauds effectively. Use AIpowered security solutions to detect and mitigate emerging cyber risks in real time. Empower law enforcement and cybersecurity agencies: Provide law enforcement and cybersecurity authorities with appropriate resources, training, and technical skills to successfully investigate and prosecute cybercriminals. SUGGESTIONS ON HOW TO COMBAT THE GLOBAL RISE IN CYBER SCAMS IN MALAYSIA. 0.7 1 2 3 13
To summarise, managing the growing number of cyber frauds and the complex aspects of AI technology in Malaysia requires a thorough and proactive approach. Understanding the complexities of vicarious liability allows organisations to design effective preventative measures and improve their cybersecurity posture. This includes adopting strong cybersecurity policies, implementing frequent training and awareness programmes and investing in sophisticated security technologies. By implementing these measures, Malaysia may boost its defences against cyber scams and AI-related security concerns, thereby protecting persons, businesses, and key infrastructure from rising cyber threats. CONCLUSION 14
Ali, A., Ghouri, K. F. K., Naseem, H., Soomro, T. R., Mansoor, W., & Momani, A. M. (2022). Battle of Deep Fakes: Artificial intelligence set to become a major threat to the individual and national security. 2022 International Conference on Cyber Resilience (ICCR). https://doi.org/10.1109/iccr56254.2022.9995821 REFERENCES Mishra, S. (2023). Exploring the impact of AI-Based Cyber Security Financial sector management. Applied Sciences, 13(10), 5875. https://doi.org/10.3390/app13105875 Daud, M. (2022). ARTIFICIAL INTELLIGENCE IN THE MALAYSIAN LEGAL SYSTEM: ISSUES, CHALLENGES AND WAY FORWARD. INSAF - The Journal of the Malaysian Bar, 39(1), 1-24. Retrieved from https://insaf.malaysianbar.org.my/ojs/index.php/jmr/article/view/13 15
National Cyber Security Agency. (n.d.). https://www.nacsa.gov.my/ REFERENCES Zainal, F. (2023, December 11). The danger of AI-powered scams. The Star. https://www.thestar.com.my/news/nation/2023/12/12/the-danger-ofai-powered-scams Rahman, S. A. (2024, March 7). AI-generated scam content is a big threat; what’s Malaysia doing to hold social media platforms accountable? Malay Mail. https://www.malaymail.com/news/malaysia/2024/03/07/aigenerated-scam-content-is-a-big-threat-whats-malaysia-doingto-hold-social-media-platformsaccountable/121912 16