T H R E A T S U S I N G A R T I F I C I A L I N T E L L I G E N C E ( A I ) T E C H N O L O G Y L E T ' S T A L K A B O U T CYBER SCAMS BY FATIN NURIN ALIA BINTI FADZUL 2022819896 | CDIM2456B
Introduction Chapter III Definition and examples of cyber scams and AI terminology Chapter I Previous research studies related to cyber scams and AI Chapter IV Standard of Procedure (SOP) / Guideline on cyber scams and AI Chapter II Malaysian case studies on cyber scams and AI References 02 07 - 10 03 -04 11 - 12 05 -06 13 - 14 CONTENTS Chapter V Issues and challenges of cyber scams and AI technology in Malaysia Chapter VI Suggestions on how to combat the global rise in cyber scams in Malaysia 15 Conclusion 16 17 Abstract 01
FATIN NURIN ALIA BINTI FADZUL Hi, I'm Fatin Nurin Alia Binti Fadzul, and is a dedicated student currently pursuing a degree in Bachelor of Information Science (hons.) Information System Management at Universiti Teknologi Mara (UiTM) Puncak Perdana Branch. Due to a keen curiosity in cybersecurity and the evolving function of artificial intelligence, I carried out a research on the influence of AI technology on cyber frauds. This eBook intends to increase awareness regarding the growing dangers in the digital environment and emphasise the importance of being well-informed and protected. ABOUT THE AUTHOR
This Ebook delve into the intricate interplay between cyber scams and artificial intelligence (AI) within Malaysia, examining their impact, dynamics, and mitigation strategies. Synthesize previous research findings, analyzing evolving tactics employed by cybercriminals and the role of AI in facilitating malicious activities. Through Malaysian case studies, illustrate the tangible consequences of cyber threats on individuals, businesses, and national security. Establish a foundational understanding with clear definitions and examples of key cyber scams and AI terminology. Present a standardized procedure and guideline for addressing cyber scams and AI threats, providing a practical framework for effective cybersecurity governance. Identify pressing challenges and propose targeted strategies to enhance cybersecurity measures. Conclude with actionable recommendations for combating the global surge in cyber scams, fostering collaboration, raising awareness, and embracing innovative solutions to fortify Malaysia's cybersecurity landscape. ABSTRACT 01
INTRODUCTION 02 In this Ebook is based on a research of the intersection between cyber scams and artificial intelligence (AI) in the Malaysian context. Begin by examining existing research studies shedding light on the intricate relationship between cyber scams and AI, synthesizing insights into evolving tactics employed by cybercriminals and the role of AI in facilitating malicious activities. Analyze notable case studies within Malaysia, illustrating the tangible impact of cyber threats on individuals, businesses, and the nation. Lay a solid foundation with clear definitions and examples of key terminology related to cyber scams and AI, ensuring a common understanding as more complex concepts are explored. Outline a standardized procedure and guideline for addressing cyber scams and AI threats, providing a practical framework for stakeholders to navigate the complexities of cybersecurity and AI governance effectively. Delve into pressing issues and challenges posed by cyber scams and AI technology within Malaysia, identifying these challenges to formulate targeted strategies to mitigate risks and enhance cybersecurity measures. Offer actionable suggestions and recommendations on combating the global rise in cyber scams within the Malaysian landscape, fostering collaboration, raising awareness, and embracing innovative solutions to build a resilient cybersecurity ecosystem protecting the interests of all Malaysians.
CHAPTER I PREVIOUS RESEARCH STUDIES RELATED TO CYBER SCAMS AND AI 03 Considerations for Using Artificial Intelligence to Manage Authorized Push Payment (APP) Scams The paper explores the utilization of ChatGPT to engage scammers via email, effectively wasting their time and resources. By exchanging multiple emails with scammers, AI demonstrates its potential in deceiving scammers for prolonged periods. The study raises ethical and research considerations regarding the application of AI in combating scams, emphasizing the need for further experimentation and automation to enhance scam detection and response. The research paper demonstrates the effectiveness of using ChatGPT to engage scammers via email, leading to prolonged interactions and resource wastage. Results indicate that AI, particularly ChatGPT, can successfully exchange multiple emails with scammers, with one interaction lasting up to 27 days. The study provides a preliminary quantitative assessment of the AI-based approach's efficacy in combating mail-based scams. Future work involves expanding experimentation and automating the framework to enhance scam detection and response mechanisms. The methodology includes utilizing a mail account to interact with scammers and generating replies using ChatGPT, showcasing the potential of AI in scam mitigation. The paper also raises ethical and research questions regarding the deployment of AI in combating scams, emphasizing the need for thorough design and engineering phases in cybersecurity practices. By Fei, K. W., MA, Dhot, T., & Raza, M.
The study found that using ChatGPT to generate email messages was effective in engaging scammers and wasting their resources. Results showed that the AI was able to exchange up to 18 emails with a single scammer and deceive attackers for up to 27 days. While the experimentation was limited to a proof of concept application with a single mail account, the findings highlighted the potential of AI as a valuable tool in countering mailbased scams and the need for thorough design and engineering phases when deploying AI-based scam mitigation 04 CHAPTER I Scamming the Scammers: Using ChatGPT to Reply Mails for Wasting Time and Resources By Cambiaso, E., Caviglione, L The paper discusses the utilization of ChatGPT to engage scammers via email, effectively wasting their time and resources. It demonstrates the potential of AI in prolonging interactions with scammers and raises ethical considerations in employing AI for scam mitigation. Future work includes expanding the study and automating the process. The research was supported by the EU - NGEU funded project SERICS under the NRRP MUR program.
CHAPTER II MALAYSIAN CASE STUDIES ON CYBER SCAMS AND AI 05 Recent Cyber Breaches in Malaysia and Possible Countermeasures By Thiruchelvam, V., Tham, K. F., Hasan, M. S., Bastaki, B. B., & Bosakowski, T. Cybercrimes such online scams, denial-of-service attacks, web defacement, malware, ransomware, and cryptojacking have been reported in Malaysia. It discusses how data breaches affect individuals and organisations, emphasising the necessity for online attention and understanding to prevent cyberattacks. The article also recommends regular backups and cybersecurity best practices to reduce risks. Cybersecurity awareness, cyber threats in Malaysia, and proactive cybersecurity defences are major topics. The main findings highlight the need for prevention and preparedness to address Malaysia's increasing cybercrimes. Recently, Malaysian cyber breaches have affected individuals, organisations, and government entities. Individuals risk financial losses and identity theft, while organisations risk data breaches and reputational damage. Incident response and cybersecurity recommendations are vital for government bodies like MyCERT. This 2014–2019 case study shows the development of cybercrimes such online frauds, ransomware, and malware, emphasising the necessity for cybersecurity knowledge. The study analyses MyCERT and other data to identify risks, their effects, and solutions including regular backups and vigilant online behaviour to strengthen Malaysia's cybersecurity.
The case study covers common cybercrimes and government actions such awareness campaigns and Cyber Security Malaysia. We evaluate effectiveness, problems, and propose strategies. Research highlights public awareness, government importance, and policymaker advice, contributing to global cybersecurity conversation. In reaction to cyber risks, #TakNakScam and CyberSafe have evolved. Historical backdrop shows global and local cybercrime growth controlling legislative and institutional action. Recently conducted qualitative study analyses government efficacy and provides methods in changing cyber landscapes. Qualitative analysis mitigates data reliability and access limits for full government cyber response insights. The case study addresses the Malaysian government's response to phishing, hacking, frauds, identity theft, and cyberbullying. It highlights government cybersecurity education efforts, ads, and the CyberSafe programme. It also highlights cybercrime difficulties and suggests better government intervention, such as KPDNHEP's #TakNakScam campaign and Cyber Security Malaysia. The article highlights the government's cyber threat education, regulation, and international cooperation. 06 CHAPTER II The Efficacy of the Malaysian Government’s Response towards Cybercrime By Mohamad, A. R. B., Yaakop, M. R., & Razif, M. a. B. M. Cyber Security Malaysia and awareness initiatives fighting cybercrime in Malaysia. Cyber Security Malaysia, which organises cybersecurity activities and responds to cyber incidents, the Royal Malaysian Police, which investigates and prosecutes cybercrimes, and the public, who benefits from government cybercrime initiatives, are important stakeholders. Government awareness efforts and firms like Cyber Security Malaysia teach people to defend themselves and report suspicious conduct. To improve national cybersecurity, Cyber Security Malaysia supervises, provides resources, and responds to cyber crises. Police investigate and prosecute hackers for justice and deterrence.
Social media accounts Maps & navigation Banking Examples Artificial intelligence, or AI, is technology that enables computers and machines to simulate human intelligence and problem-solving capabilities Artificial intelligence, in some form, is something with which we interact every single day. To help prove our point and show that artificial intelligence is only going to continue advancing and growing, we’ve collected eight of our favorite examples of artificial intelligence in real life. DEFINITION AND EXAMPLES OF CYBER SCAMS AND AI TERMINOLOGY. CHAPTER III 07
Machine learning (ML) is a branch of artificial intelligence (AI) and computer science that focuses on the using data and algorithms to enable AI to imitate the way that humans learn, gradually improving its accuracy. When the average person thinks about machine learning, it may feel overwhelming, complicated, and perhaps intangible, conjuring up images of futuristic robots taking over the world. As more organizations and people rely on machine learning models to manage growing volumes of data, instances of machine learning are occurring in front of and around us daily—whether we notice or not. MACHINE LEARNING (ML) 08 CHAPTER III
Natural Language Processing (NLP) Natural language processing (NLP) is a branch of artificial intelligence (AI) that enables computers to comprehend, generate, and manipulate human language. Natural language processing has the ability to interrogate the data with natural language text or voice. This is also called “language in.” Most consumers have probably interacted with NLP without realizing it. Deep learning is a method in artificial intelligence (AI) that teaches computers to process data in a way that is inspired by the human brain. Deep learning models can recognize complex patterns in pictures, text, sounds, and other data to produce accurate insights and predictions. 09 CHAPTER III Examples Deep Learning
10 CHAPTER III
The National Cyber Security Policy establishes a strategic framework for addressing cybersecurity challenges in Malaysia CHAPTER IV STANDARD OF PROCEDURE (SOP) / GUIDELINE ON CYBER SCAMS AND AI 11 NACSA has published the 10 Easy Steps for Cyber Security Awareness that outlines all of the most sensible practices in cyberspaces: use a password update your security software keep your information protected be aware of your cyber environment observe your ethics on the internet beware of cyber criminals think before you click lodge a report be alert comply
CHAPTER IV STANDARD OF PROCEDURE (SOP) / GUIDELINE ON CYBER SCAMS AND AI 12 Cyber Scams MyCERT advises internet users to be cautious of bogus blackmail scam emails demanding payment in bitcoin. These emails falsely claim the recipient's device has been hacked and compromising footage recorded, when in reality this is not true. Recommendations to prevent falling victim to such scams include: Don't open attachments from unknown senders Turn off and cover webcams when not in use Scan devices with reputable antivirus software Report incidents to authorities like MyCERT MyCERT has also observed scammers impersonating officials from CyberSecurity Malaysia, MCMC, police and other agencies via phone calls. They falsely accuse the victim's phone number of illegal activities and pressure them to report to distant police stations. Users should not panic, click suspicious links, or share personal details if they receive such calls. They should file a police report and contact relevant authorities like MyCERT for assistance AI-Related Incidents MyCERT's website and the provided search results do not contain any specific information about guidelines or procedures for handling AI-related cybersecurity incidents. The advisories focus on common scams, phishing, and data breaches, without mentioning AI threats. In general, MyCERT advises users to stay updated on the latest security announcements, follow best practices like using strong passwords, and report any suspicious activities to the authorities. However, more specific guidance on emerging AI-based attacks is not provided.
Furthermore, the anonymity associated with AI technology complicates attribution and investigation efforts, hindering effective law enforcement responses. As such, there is a pressing need for enhanced public awareness and education initiatives to empower individuals with the knowledge and skills necessary to identify and mitigate potential risks associated with AIdriven cyber scams CHAPTER V Issue 1: Sophisticated Cyber Scams Exploiting AI Technology: A prominent challenge in Malaysia is the proliferation of sophisticated cyber scams facilitated by AI technology. Cybercriminals leverage AIpowered tools to orchestrate social engineering attacks, manipulating individuals into divulging sensitive information or engaging in compromising activities. For instance, AI-driven chatbots simulate human interactions to deceive users, particularly in phishing scams conducted via social media, messaging platforms, or email. These deceptive tactics, coupled with the anonymity afforded by AI, pose considerable challenges for law enforcement agencies and cybersecurity experts tasked with identifying and apprehending perpetrators. ISSUES AND CHALLENGES OF CYBER SCAMS AND AI TECHNOLOGY IN MALAYSIA. 13
In Malaysia, financial institutions and e-commerce platforms are primary targets for AI-powered fraud schemes. Fraudsters utilize AI algorithms to generate fake identities, manipulate transaction data, or create sophisticated chatbots to facilitate fraudulent transactions. These activities undermine consumer trust and confidence in online transactions, posing significant economic risks to businesses and the digital economy as a whole. CHAPTER V Issue 2: AI-Powered Fraudulent Activities: Another critical issue arises from the misuse of AI technology to perpetrate fraudulent activities in Malaysia. Cybercriminals leverage AI algorithms to automate fraudulent operations, ranging from identity theft to financial fraud. For example, AI-driven malware can adapt to evade detection by traditional cybersecurity measures, while AIpowered phishing attacks exploit vulnerabilities in security systems to deceive users and extract sensitive information. ISSUES AND CHALLENGES OF CYBER SCAMS AND AI TECHNOLOGY IN MALAYSIA. 14
Strengthening laws, enhancing reporting mechanisms, and partnering with financial institutions can improve regulatory responses. Promoting advanced security software, two-factor authentication, and regular software updates can bolster technological defenses. Collaboration between government, private sector, and international organizations, along with a dedicated cybersecurity task force, will enhance coordinated efforts. Practical tips like verifying sources, using strong passwords, and monitoring financial statements, coupled with community involvement through digital safety programs and support groups, can further protect individuals from cyber threats. CHAPTER VI To combat the global rise in cyber scams in Malaysia, a comprehensive approach involving public awareness, regulatory measures, technological solutions, and collaboration is essential. Nationwide campaigns, workshops, and educational materials should be used to raise public awareness about cyber scams. SUGGESTIONS ON HOW TO COMBAT THE GLOBAL RISE IN CYBER SCAMS IN MALAYSIA 15
"BUILDING A SAFER TOMORROW, ONE CLICK AT A TIME." In conclusion, the exploration of cyber scams and artificial intelligence (AI) within Malaysia underscores the critical importance of proactive cybersecurity measures in safeguarding against emerging threats. By synthesizing insights from previous research and analyzing real-life case studies, valuable perspectives on the evolving landscape of cyber threats and the pivotal role of AI technology therein have been gained. Through a standardized procedure and guideline, stakeholders have been provided with a practical framework for navigating the complexities of cybersecurity governance. However, the journey does not end here. As pressing challenges and vulnerabilities are confronted, it is imperative that vigilance, collaboration, and adaptability characterize our approach to cybersecurity. By embracing innovative solutions, raising awareness, and fostering partnerships, a resilient cybersecurity ecosystem can be built, one that protects the interests of all Malaysians. Together, let this ongoing journey towards a safer and more secure digital future be embraced. CONCLUSION 16
REFERENCES 17