TTHHEE TTHHRREEAATTSSOOFF CCYYBBEERRSSCCAAMMSS UUSSIINNGG AARRTTIIFFIICCIIAALL IINNTTEELLLLIIGGEENNCCEE ((AAII)) TTEECCHHNNOOLLOOGGYY @florencejalin The use of artificial intelligence (AI) technology by cybercriminals poses a significant threat in the rise of cyber scams. AI can be used to automate attacks, generate more convincing phishing emails, and impersonate trusted entities to steal personal information. As AI continues to advance, it is important for individuals and organizations to remain vigilant and take necessary precautions to protect themselves against these threats.
NAME: FLORENCE ANAK JALIN (2020866234) CLASS: IM2456ST1 FROM: SIBU, SARAWAK RACE: IBAN/SEA DAYAK RELIGION: CHRISTIAN The author is from Sibu, Sarawak. The author is a student from UiTM Puncak Perdana, Selangor. She has a bachelor’s in Information System Management. An open minded and humble person. Have an interest in producing something new that can attract people’s interest. Study in the field of information systems management. Like to learn something related to IT. The writer is a sea Dayak. She had previously ventured into the field of art. The writer likes to read novels to fills her spare time and has more than 6 novel books and made into a collection.
PURPOSE: To do research about the threats of cyber scams using artificial intelligence (AI) technology and topic that related to this topic. METHODOLOGY: The methods used to do this research are defining, find the articles, and find a cases studies. FINDINGS: The findings of this research are about all the information related to the topics. ORIGINALITY/VALUE: The objective of this literature survey is to show and give more information about the topics that was choose to audience. KEYWORDS: ‘Cyber Scam’ , ‘Artificial Intelligence’ @florencejalin
@florencejalin
ARTIFICIAL INTELLIGENCE As cyber attackers become increasingly advanced and utilize specialized techniques, relying solely on technology is insufficient for identifying and preventing their attacks. To effectively defend against these threats, it's necessary to equip your organization with preemptive and proactive defense capabilities. Ensign's Cyber Threat Intelligence services can provide highly localized and industry-specific intelligence, enabling you to adopt a predictive cyber stance and effectively counter advanced and targeted threats. A scam refers to a deceitful scheme aimed at deceiving someone, typically involving financial gain. Cyber scams, on the other hand, are scams that occur on the internet, which can involve fraudulent emails, websites, or phony social media accounts. Cyber scammers may reach out to you through various channels, such as email, text, phone calls, or social media, and they may impersonate trusted individuals or organizations to gain your trust. Numerous scams are circulating on the internet, making it crucial to be aware of what to watch out for. These scams can be disguised as a notification of winning a contest, an email from your bank, or a text message containing health-related information. INTRODUCTION
PREVIOUS RESEARCH STUDIES RELATED TO CYBER SCAMS A Article 1: An intelligent cyber security phishing detection system using deep learning techniques This article explain Phishing attacks have become a major concern for public internet users, as well as for governments and businesses. To combat this issue, this paper proposes to provide a comprehensive overview of what Machine learning is and how phishers use different techniques to deceive unsuspecting users. Based on a survey, phishing emails have been found to be the most effective form of attack on targeted users and sectors, which will also be compared. Hence, there is a pressing need for more effective technology to detect and prevent the growing threat of phishing emails. This paper discusses the use of Machine learning algorithms and technical solutions for mitigating the problem of phishing and emphasizes the importance of user awareness to detect and prevent phishing scams. The proposed detection model uses Machine learning techniques by dividing the dataset into training and test data to capture inherent email text characteristics and other features to classify them as phishing or non-phishing using three different datasets. After comparing the results, the most accurate and efficient outcomes were achieved by using a large number of features, with boosted decision tree algorithm accuracy being the best at 0.88, 1.00, and 0.97 consecutively for the applied datasets. Phishing email attacks have become increasingly common in recent years, and they involve deceiving victims into providing important information through well-crafted social engineering techniques. Young users are more susceptible to such attacks, as are individuals with agreeable personality traits. Women are also more likely to fall for phishing scams, and this relationship is influenced by internet usage behavior. Therefore, it is important to be able to detect phishing emails. While there are several techniques for detecting such emails, their accuracy is often low, as the content may be similar to that of legitimate emails. To address this issue, machine learning techniques were used in this study to achieve better results. The study aimed to capture inherent characteristics of email texts and other features to classify emails as phishing or non-phishing. The research led to higher accuracy in detecting phishing emails, as evaluated based on three supervised datasets, and a comparison between classifiers was conducted. The results showed that using an algorithm based on multiple features (50) yielded the highest accuracy, whereas using fewer features (20) produced a high level of accuracy but was not effective enough to detect phishing emails. One limitation of this study was the difficulty in finding a predefined dataset.
Article 2: Artifcial intelligence applications and ethical challenges in oral and maxillo-facial cosmetic surgery: a narrative review These networks can extract and process the basic characteristics of an image, making them useful in the diagnostic process for medical images and facial photos. AI algorithms have assisted surgeons with diagnosis, therapeutic decisions, preoperative planning, and outcome prediction and evaluation. These algorithms complement human skills, minimizing shortcomings through their abilities to learn, classify, predict, and detect. It is important to clinically evaluate these algorithms rigorously and conduct ethical reflections on issues such as data protection, diversity, and transparency. The use of 3D simulation models and AI models can revolutionize the practice of functional and aesthetic surgeries. Simulation systems can improve planning, decisionmaking, and evaluation during and after surgery, and a surgical AI model can perform challenging tasks for surgeons. Artificial intelligence (AI) refers to the use of technology to mimic human cognition in solving specific problems. The healthcare industry has seen significant advances in AI, thanks to the improvement in computing speed, data production, and routine data collection. In this article, we examine the current applications of AI in oral and maxillofacial (OMF) cosmetic surgery to equip surgeons with the necessary technical knowledge to leverage its potential. AI is becoming increasingly important in OMF cosmetic surgery, and its usage raises ethical concerns. Machine learning algorithms and convolutional neural networks (a type of deep learning) are commonly used in OMF cosmetic surgeries.
Case Study 1: Malaysians suffered RM2.23 billion losses from cyber-crime frauds Malaysian Case Studies on Cyber Scams AI Malaysians have suffered losses of around RM2.23 billion due to cyber-crime frauds since 2017, with a total of 67,552 cyber-crime cases reported to the police during that period, according to statistics. E-commerce scams were the most common type of cyber-crime, with 23,011 cases, followed by illegal loans (21,008) and investment scams (6,273). To combat this problem, the Commercial Crime Investigation Department (CCID) and Facebook Malaysia, along with government agencies, industry players and consumer associations, have launched a nationwide #TakNakScam awareness campaign to educate the public on how to identify, check and report against scammers.. @florencejalin The campaign aims to address the increase in cyber-crime, which has risen in tandem with the development of ecommerce. The Ministry of Domestic Trade and Consumer Affairs recorded a total of 11,511 (33.2%) complaints on online transactions last year, an increase from 5,416 (24.7%) in 2019. Cyber-crime cases have been steadily increasing, with online scams accounting for the highest number of complaints received by the Malaysian government's Domestic Trade and Consumer Affairs Ministry. n 2020, there were 11,511 complaints about online transactions, a 112% increase from the previous year. By June 2021, online scams accounted for 45.2% of total complaints received by the ministry. I To address this issue, the government and private sectors must collaborate and take a holistic approach. The #TakNakScam awareness campaign, launched by the Commercial Crime Investigation Department and Facebook Malaysia in partnership with other agencies and associations, aims to educate the public on how to identify, check, and report fraudulent activities. Malaysians are encouraged to play an active role in preventing cyber-crimes and reporting suspicious activities to the CCID Scam Response Centre. Through the campaign, various partners will share educational videos and tips on how to tackle and report fraudulent activities.
Case Study 2: Police: 11,367 cybercrime cases reported from January to July this year Malaysian Case Studies on Cyber Scams AI According to Senior Assistant Commissioner Victor Sanjos, the Commercial Crime Investigation Department's deputy director for cybercrimes and multimedia, there were 11,367 cases of cybercrime reported between January and July 2022. This is in comparison to 18,510 cases of commercial crime reported during the same period. The percentage of cybercrime cases has risen from 39% in 2016 to 61% in July 2022, based on trends. Six categories of scams exist, including Macau Scam, e-commerce crimes, non-existent loans, non-existent investments, 419 scams or love scams, and phishing. The Macau Scam, with 4,912 instances, led to a loss of RM199.8 million, while e-commerce crimes resulted in 5,397 cases and a loss of RM71.6 million. E-financial fraud or phishing resulted in 543 cases and a loss of RM40.5 million. @florencejalin During a webinar titled “Duit dalam akaun bank anda lesap. Apakah puncanya dan langkah mencegahnya”, Senior Assistant Commissioner Victor Sanjos, the deputy director (cybercrimes and multimedia) of the Commercial Crime Investigation Department (CCID), stated that instances of money disappearing from bank accounts typically occur due to phishing and other online activities outside of the banks’ online services. Scammers often create websites that resemble legitimate bank websites or create “app scams” that trick users into providing their names, passwords, and other information. Once the user has uploaded the app scam, the application will ask to take over the role of the SMS, which allows scammers to carry out their activities more easily. Victor Sanjos noted that scammers often use advertisements on social media platforms to carry out app scams, and there were 39 cases of such scams reported from January to July 2022, resulting in losses of RM721,728.69.
Definition and examples of AI Intelligence Artificial intelligence (AI) refers to the replication of human intelligence in computer systems and machines. This technology encompasses a wide range of applications, such as natural language processing, speech recognition, expert systems, and machine vision. There are some types of artificial intelligence: Reactive machines - This refers to reactive machines, which are AI systems designed to perform a specific task and do not have the ability to retain past experiences or learn from them. Limited memory - These AI systems are equipped with memory, allowing them to use past experiences to make informed decisions in the future. Theory of mind - When referring to AI, the concept of "theory of mind" relates to the ability of the system to understand and interpret human emotions and social behaviors. 1. 2. Machine learning is a technique used by computer programs or systems to learn and improve their performance over time. DEEP LEARNING It involves using algorithms to identify patterns and then applying them to make predictions or decisions in the future. Three primary types of machine learning algorithms are used to determine how machine learning operates: supervised learning, unsupervised learning, and reinforcement learning. Automotive researchers are utilizing deep learning to automatically recognize objects such as traffic lights and stop signs in automated driving. Deep learning is utilized in the aerospace and defense industry to identify objects from satellite imagery, which helps locate areas of interest and recognize safe or unsafe zones for troops. Deep learning has the ability to achieve recognition accuracy at higher levels than ever before, which is significant in meeting user expectations for consumer electronics, as well as in safety-critical applications such as driverless cars. Phsing Scam Email phsing scam - Even if only a small percentage of the recipients fall for the scam, an attacker who sends out thousands of fraudulent messages can still obtain significant information and amounts of money. Phishing refers to a form of online fraudulent activity where a deceptive email is sent to a user, appearing to be from a reputable source such as a bank, an internet service provider, or a mortgage company, with the aim of luring the recipient into revealing sensitive information or clicking on a link that could lead to malware or a fake website. Machine Learning (ML)
VISHING SCAM Definition and examples of cyber scams and AI terminology ChatGPT is an advanced chatbot developed by OpenAI in 2022, which utilizes the OpenAI GPT-3 engine to generate natural and smooth responses to user inputs. The acronym stands for Chat Generative Pre-trained Transformer, and it uses machine learning and reinforcement techniques to learn from interactions and improve over time. The chatbot is designed to automate chat tasks and is capable of adapting to various situations and contexts, providing personalized and effective communication with users. CHATBOT SMISHING SCAM SPEAR PHSING Vishing is a type of scam where fraudsters contact potential victims over the phone, pretending to be a reputable company, and attempt to convince them to share personal information. A financial institution alert scam involves a perpetrator contacting the victim, claiming to be from their bank or another institution, and informing them of an issue with their account or credit card. The scam may also begin with a false alert sent through SMS, prompting the victim to call a number to resolve the supposed issue. Smishing is a type of phishing scam where attackers use convincing text messages to deceive recipients into clicking on a link, downloading malware onto their smartphone, or sharing sensitive information. WWW.REALLYGREATSITE.COM Spear phishing is a type of phishing scam where an attacker targets a specific individual or organization. The goal is to trick the target into revealing confidential information or downloading malware by clicking on a link or attachment. This can give the attacker access to the victim's computer system and other sensitive information. A spear phishing attack involves a targeted email or message that appears to be from a trusted source, such as a friend, colleague, or business associate. The message is personalized and often contains specific information that the attacker has gathered about the recipient. A chatbot is a program designed to simulate and process human conversation, either through written or spoken language. Its purpose is to enable people to interact with digital devices as if they were communicating with a real human. Chatbots come in varying levels of complexity, ranging from basic programs that provide brief responses to simple questions, to advanced digital assistants that continuously learn and adapt to offer personalized experiences as they gather and analyze user information. CHATGPT
STANDARD OF PROCEDURES (SOP) / GUIDELINE ON CYBER SCAMS AND AI. From this website, i found the SOP/guideline on cyber scams and AI. In this website, there is handbook that offers guidelines on how to manage ICT security and implement basic security measures. It covers management safeguards, common operational and technical issues, and legal implications. The appendices contain useful templates for security policies, compliance plans, incident reporting mechanisms, checklists, and procedures. The handbook is advisory and suggests that readers refer to current best practices if the information contained is outdated. The five major elements of ICT security management safeguard are ICT security policy, ICT security management programme, ICT security risk management, planning and incorporation of ICT security into the ICT systems life cycle, and establishing ICT security assurance. MALAYSIAN ADMINISTRATIVE MODERNISATIONAND MANAGEMENT PLANNING UNIT (MAMPU) The purpose of this handbook is to guide government employees in the essential components of ICT security, and it is intended to be the main reference for safeguarding government ICT assets. The handbook covers a wide range of topics and is useful for anyone interested in ICT security. It is organized into five chapters, divided into three levels: Essential, Intermediate, and Advanced. The handbook also explains technical security, which involves hardware and software safeguards, and briefly discusses legal matters related to Malaysian cyber laws and criminal investigations. The appendices contain samples of frameworks, plans, checklists, and forms to aid in the ICT security management process.
STANDARD OF PROCEDURES (SOP) / GUIDELINE ON CYBER SCAMS AND AI. The Essential level, comprising Chapters 1, 2, and 5, provides fundamental knowledge on ICT security and is suitable for chief executives and managers in the public sector. Chapter 3, the Intermediate stage, is intended for general ICT users and provides guidance on basic operational security safeguards. Chapter 4, the Advanced stage, is proposed for more experienced ICT administrators and managers and offers guidance on technical details to ensure confidentiality, integrity, and availability of public sector ICT systems. National Cyber Security Agency (NACSA) In February 2017, the National Cyber Security Agency (NACSA) became the national lead agency for cyber security matters in Malaysia. Its main objectives are to secure and enhance the country's resilience against cyber attacks by coordinating the expertise and resources of the nation's best cyber security professionals. Additionally, NACSA is responsible for developing and implementing national-level cyber security policies and strategies, protecting Critical National Information Infrastructures (CNII), countering cyber threats, promoting cyber security awareness, building capacity and culture in cyber security, combating cyber crimes, advising on organizational cyber risk management, optimizing shared resources among agencies, and fostering regional and global networks of entities with common interests in cyber security. In NASCA website found that some legal and laws for cyber scams. The one law or legal is the Copyright (Amendment) Act 1997, which modified the Copyright Act 1987, became effective on April 1, 1999. The amendments established that transmitting copyrighted works over the Internet without authorization is a copyright infringement. It is also a copyright infringement to bypass technological measures that restrict access to copyrighted works. These changes were made to protect the intellectual property rights of companies involved in content creation within the ICT and multimedia environment. The aim was to ensure sufficient protection against copyright infringement in this digital landscape.
I S SUES OF CYBER SCAMS AND AI TECHNOLOGY IN MALAYS IA Issues 1: Perak setting up inter-agency task force to tackle online scams In this news website "THE STAR" , there are issue about cyber scam that occur in Perak. The government of Perak in KAMPAR is planning to establish a task force consisting of multiple agencies to tackle the issue of online fraud cases in the state. The task force will include the police, Malaysian Communications and Multimedia Commission (MCMC), and Information Department, among others. The relevant agencies will be consulted to discuss ways to reduce incidents of online scams. State communications, multimedia and NGO committee chairman Mohd Azlan Helmi highlighted the seriousness of the situation, stating that such cases frequently occur and cause losses amounting to millions of ringgit. According to Perak police chief Datuk Seri Mohd Yusri Hassan Basri, there were 564 cases of online fraud in the state within the first three months of this year, resulting in losses totaling RM14.6mil. Large-scale information sessions aimed at raising awareness of online scams among people at all levels of society would be held, he said. "I believe if this effort is done continuously, we can minimise the number of fraud cases," he added. – Bernama Combating a global rise in cyber fraud also one of the issue about cyber scam and AI technology. Over the past year, instances of digital fraud have increased globally, with a rise in mobile transactions correlating with a rise in fraud on mobile channels. According to a report by LexisNexis Risk Solutions, while the number of Malaysians using mobile or digital wallets for payment increased from 8% in 2019 to 20% in 2022, mobile fraud increased from 23% to 31%. During the same period, Malaysians reportedly lost over RM1.6 billion to online fraud, with the majority of cases being related to online purchases (18,857 cases) and non-existent loans (15,546 cases) out of a total of 51,631 cases. The report, called '2022 True Cost Of Fraud APAC Study' , found that as Covid-19 restrictions are loosened and economies reopen, fraudulent and scam attacks continue to increase across various industries. The report pointed out the risks associated with various aspects of online and mobile banking, such as the interception of SMS One Time Passwords (OTPs) by fake mobile apps, difficulties in verifying the identity of newly created online or mobile banking accounts, and the need to quickly identify fraud attempts. According to Thanh Tai Vo, director of fraud and identity for LexisNexis Risk Solutions in the Asia Pacific region, Malaysian authorities have taken steps to address digital fraud in recent years. The existing regulatory frameworks focus on cybercrime and financial fraud in general, but more specific requirements have been introduced or proposed, including electronic Know Your Customer and SMS One Time Password (OTP) authentication. Additionally, public initiatives have been implemented, such as the National Scam Response Centre, to educate consumers on the risks of digital fraud and scams. Issues 2: Combating a global rise in cyber fraud
CHAL LENGES OF CYBER SCAMS AND AI TECHNOLOGY IN MALAYS IA Challenge 1: Over 10,000cyber security incidents reportedin Malaysia in2021 –KPMG The pandemic has accelerated digital transformation and demonstrated that a lack of preparation can be as damaging to organizations as an actual cyberattack. The rapidly changing landscape and multiple evolving threat vectors are creating new cyber threats that will increase cyber risks globally in 2022 and beyond, according to the Cybersecurity Considerations 2022 report by KPMG. Navigating this environment will require a mindset shift towards enabling a balance between security and ensuring that "security is everyone's job." This shift acknowledges the importance of building and maintaining trust with customers, clients, and stakeholders. In 2021, Cyber999, the cyber security incident response center operated by MyCERT (Malaysia Computer Emergency Response Team), received a total of 10,016 reports of cyber incidents from January to December. A report cited in the Malaysia Cyber Security Strategy 2020-2024 has suggested that cyber security incidents in Malaysia could cause losses of up to RM51 billion, or more than 4% of the country's gross domestic product. Last year, there were over 10,000 cyber security incidents reported to MyCERT, with 71% of them related to fraud, while intrusion attempts and malicious codes were the top three threats reported. As criminals continue to exploit new technologies, the nature of cybercrime is evolving, which requires a corresponding evolution in Malaysia's approach to cyber security, according to Ubaid Mustafa Qadiri, Head of Technology Risk & Cyber Security at KPMG in Malaysia. Communications and Digital Deputy Minister Teo Nie Ching has stated that Malaysia is experiencing an increase in both frequency and severity of cybersecurity threats. In the previous year, there were various serious cyber attacks including ransomware attacks, cyber espionage attempts, data leaks, and cyber scams. As per the statistics reported by Cyber Security Malaysia (CSM), Malaysia recorded 4,741 cases of cyber threats last year, while this year, 456 fraud cases were recorded until February 2023. Teo Nie Ching also mentioned that the National Scam Response Centre (NSRC) had received a total of 3,482 genuine calls with losses of RM27 million recorded in January and February this year alone. She stated this after launching #BeCyberSmart, a cybersecurity campaign and Protect 360, an all-in-one network security solution application in Sepang. The campaign aims to promote cybersecurity best practices and Protect 360 complete security, privacy, and identity protection on devices, including protection against malware, phishing, and hacking attempts. The Deputy Minister mentioned that the National Scam Response Centre (NSRC) received over 4,000 calls each month, but not all calls were genuine. She highlighted that cyber attacks can have severe consequences, such as financial losses, personal information breaches, and disruption of essential services. The unity government recognizes the importance of cybersecurity and cybercrime and is looking to implement multiple initiatives aimed at protecting its citizens and national security. The 2023 Budget allocated RM10 million to NSRC to upgrade its equipment and launch an awareness campaign while promoting the NSRC's 997 hotlines. Challenges 2:Cybersecurity threats in Malaysia on the rise, deputy minister warns
HOW TO COMBAT THE GLOBAL RISE IN CYBER SCAMS IN MALAYSIA The global rise in cyber scams has become a growing concern in Malaysia, with an increasing number of individuals, businesses, and government agencies falling victim to cybercrime. To combat this issue, there are several steps that can be taken. Firstly, awareness and education are key to preventing cyber scams. The Malaysian government can launch national campaigns to educate the public on the latest scams, how to identify them, and how to protect themselves from falling victim. Secondly, increased investment in cybersecurity infrastructure and technology can help prevent cyber scams. This includes deploying firewalls, intrusion detection systems, and other security measures to protect against malware, phishing, and hacking attempts. Cybersecurity training and certification programs can also be introduced to develop a highly-skilled cybersecurity workforce. It is also important for businesses and government agencies to educate their employees on cybersecurity best practices, such as not clicking on suspicious links, keeping software up to date, and using strong passwords.
HOW TO COMBAT THE GLOBAL RISE IN CYBER SCAMS IN MALAYSIA Thirdly, implementing regulatory frameworks and laws can help deter cybercriminals from carrying out scams in Malaysia. The Malaysian government can introduce tougher penalties and fines for cybercrime, which will serve as a deterrent for criminals. The government can also work closely with international organizations, such as Interpol and Europol, to share intelligence and collaborate on cybersecurity initiatives. Lastly, collaborations between government agencies, businesses, and cybersecurity experts can help combat cyber scams in Malaysia. Sharing information on the latest scams, exchanging best practices, and collaborating on research and development can help to stay ahead of cybercriminals.
In conclusion, the rise of cyber scams in Malaysia and globally is a significant concern that needs to be addressed urgently. As technology continues to advance, criminals are using more sophisticated methods to perpetrate cyber scams, including the use of AI and machine learning. This makes it even more challenging to detect and prevent these scams. To combat the threats of cyber scams using AI technology, it is essential to stay updated on the latest cybersecurity threats and take appropriate measures to protect ourselves. This includes using strong passwords, enabling two-factor authentication, keeping software up to date, and avoiding suspicious emails, links, and attachments. Moreover, organisations and governments should also invest in advanced cybersecurity solutions that leverage AI and machine learning to detect and prevent cyber scams in real-time. This may include using behavioural analytics to identify abnormal activities and predictive modelling to anticipate potential threats. In summary, cyber scams using AI technology pose a significant threat to individuals and organisations. It is vital to remain vigilant and take proactive measures to protect ourselves and our businesses. By staying informed and leveraging advanced cybersecurity solutions, we can combat these threats effectively and ensure a safer online environment for everyone.
@florencejalin