Experts have issued advice on how to compete with the rapidly sophisticated AI Pratiodan scams.
Cyber security expert Kodi Barrow recommends installing secret passwords with close contacts.
Bairo, the chief executive of the cyber security firm Eclectic and a former advisor to the US government, has warned that the rise of easily available AI technology has simplified the construction of deepfec, making it easier for malicious actors to affect the loved ones.
By creating and using shared secret phrases or passwords, individuals can quickly verify the authenticity of the person with whom they are communicating with a significant layer of protection against potential fraud.
He told the PA news agency that the AI cyber criminal was helping to “reduce the barrier in entry”, and required additional precautions beyond basic online security to combat it.
“AI is very big. It is not just publicity. It is very easy to dismiss it in this way, but it is not really,” said Mr. Bairo.
“My wife and I were really discussing it – in recent months, we have used a secret code that we use only really or real I will know, so that if any of us receives a facetime video or WhatsApp video, which we see and feel, ask for money, ask for help – we can use the code that we can use the right person.
“So the fact that I am doing what I think about it indicates that it’s okay? I think it is very real.
“We will see that to create deep-sack to fool people, it is very easy to write a fishing email, which looks real. So I think it reduces the barrier to entry. It can also open the door to non-English-speaking danger actors.”
Mr. Bairo said that such an approach was necessary because the sheer number of data violations in recent years meant that most people would have compromised their personal details online at a point, so additional security was required.
He said that making secret passwords between friends and family was particularly important for older and small users who could not have the best digital skills.
Mr. Bairo said: “It may look dramatic here in May 2025, but I am confident that within many years, if not in months, people will look back and say, exactly yes, I should have done this, and I think everyone should do this, especially if you either have members of the older family – because we have many young people who do not actually understand this goods.
“Just about every person who has used computers or internet, has an old email account, which has been compromised at some level when they had a non-safe password, which probably most people still do, and that email was compromised and someone stole their contact list.
“Then from the contact list, it is not difficult to produce malicious tooling that can mimic the similarity of someone in the list and then send you some kind of scam that really looks at the person.
“So I feel very much that everyone should have a secret password.”
Mr. Barrow’s warning comes in view of a wire of cyber attacks on Britain’s retailers, including Marx and Spencer and Co-Oop.
Earlier this week, M&S stated that it was violated by “human error”, as hackers were able to get access through third party after using social engineering – human error or misunderstanding to get into the retailer’s system.
Mr. Bairo said that in this attack, hackers were likely to take advantage of the fact that they are reportedly native English speakers who help in scaming their way in the M&S system.
But he also warned that predictable safety set-ups to use two-factor authentication can also help cyber criminals in creating a realistic looking scam.
He said, “Now the scenario we are seeing is that we are seeing that many people are really immune and are used for safety procedures that they have to follow,” he said.
“They are used to enter their phone authentic codes and do all the signals. And so it was relatively trivial for this danger actor who speaks the native English, in fact people to undergo multi-faced certification to go through the motions and go to these outlets.”