The telltale markers of internet fraud—grammatical errors, poor image quality, suspicious accents—have largely disappeared. Generative artificial intelligence has armed scammers with tools that create flawless copy, professional-looking websites, and remarkably convincing digital personas. The days when spotting a scam relied on finding obvious red flags are increasingly behind us. The FBI reported last month that cybercriminals defrauded Americans of nearly US$21 billion in the previous year, with approximately US$893 million in losses directly attributable to AI-powered schemes. As these technologies become cheaper and more accessible, the sophistication of fraudulent operations has accelerated dramatically, presenting a growing challenge for both individuals and regulators across Southeast Asia and beyond.
The transformation is striking. A few years ago, victims could identify scams by looking for indicators of poor quality or legitimacy. Today, the approach must invert entirely. "Instead of looking for indicators of what's bad, now you need to be verifying if it's good," explained Mark Beare, a general manager at Malwarebytes, an internet security firm. This fundamental shift reflects how AI has democratized the tools of deception. Low-cost chatbots and image generators enable criminals to construct websites virtually indistinguishable from genuine retail outlets. The author nearly fell victim to this tactic while scrolling through TikTok, encountering an advertisement for Hoka sneakers at an 80 percent discount. The site appeared authentic, complete with professional layout and product imagery. Only after adding items to the cart and conducting a quick internet search did the scam reveal itself—other users on Reddit had already documented losses, and Hoka had issued a public warning about counterfeit stores trading on its brand name.
Look-alike e-commerce sites represent only one category of AI-fuelled fraud proliferating online. Social media platforms have become primary distribution channels for these schemes, and the volume has overwhelmed their moderation efforts. Meta faces mounting legal pressure from consumer advocates and state authorities over its handling of scam advertisements. The Consumer Federation of America filed a complaint alleging that Meta misrepresented its commitment to combating fraudulent content, pointing to widespread scam ads peddling baby gear and phones. Santa Clara County in California launched a similar lawsuit. In response, Meta disclosed that it removed 159 million scam advertisements last year and disabled nearly 11 million accounts linked to known fraud operations on Facebook and Instagram. The platform claims to be investing in new detection technology, though critics question whether investment has matched the scale of the problem.
TikTok and other platforms have made comparable commitments. A TikTok spokesperson stated that the company prohibits deceptive advertising and fraudulent activities, and reported that in the fourth quarter of 2025, the platform removed 97 percent of violating spam content before users even flagged it. Yet the persistence of scam advertisements across all major platforms suggests that technological defences remain inadequate against AI-generated content. For Malaysian users and those across Southeast Asia accustomed to purchasing through international platforms and social commerce, the implications are significant. The region's rapidly growing digital economy depends on consumer confidence in online transactions. When scams become harder to distinguish from legitimate commerce, that trust erodes.
Beyond fabricated storefronts, criminals have weaponised AI to impersonate individuals known to potential victims. This personalised approach exploits the emotional and social vulnerabilities that algorithmic targeting has made easier to identify and exploit. Consider the common text message from an unknown number: "It's been a long time. How have you been?" Historically, responding to such messages might lead to a request for money after brief conversation. Today, fraudsters employ AI-powered video technology to conduct real-time video calls where the scammer's appearance and voice are digitally transformed to resemble someone the victim knows. According to Andrew Yoon, a researcher at CivAI, a nonprofit organisation focused on educating the public about artificial intelligence capabilities, such deception is now remarkably simple and inexpensive to execute. "It's very easy and very cheap to do a real-time Zoom call with whole body replacement and voice changing in a way that's completely realistic," Yoon observed.
The vulnerability cuts across demographics and circumstances. A lonely individual may be convinced that an attractive former acquaintance wishes to reconnect. A job seeker might be deceived by a fake interviewer into performing work for a nonexistent company. Elderly relatives, already at heightened risk from traditional scams, now face threats from deepfakes impersonating family members requesting money. The accessibility of personal information online—phone numbers, names, family relationships—combined with the ease of spoofing phone numbers means these attacks can be disturbingly targeted. A mother might receive a message appearing to come from her son's phone number, followed by a video call featuring an AI recreation of his face and voice, with the impersonator demanding urgent financial assistance.
Yoon advocates for a surprisingly low-technology defence: family conversations. Vulnerable relatives, particularly those less experienced with digital technology, should be briefed on the possibility of receiving calls or messages from impersonators. He recommends establishing a pre-agreed secret phrase or "safe word" that can be used to verify someone's identity when doubt arises. This old-fashioned approach acknowledges that no technological solution can match the effectiveness of human connection and established trust protocols. For Malaysian families with members working or studying abroad, or maintaining transnational relationships, implementing such strategies could provide crucial protection against sophisticated social engineering.
Celebrities and public figures have become favourite targets for scammers deploying deepfake technology. The proliferation of videos and images available online provides abundant training data for artificial intelligence models to generate convincing facsimiles. Fraudsters have created deepfake videos of celebrity chef Gordon Ramsay endorsing cookware giveaways, convincing victims that they could receive free frying pans by paying a nominal shipping fee—which actually meant surrendering credit card details to criminals. Similar schemes have targeted Richard Branson, founder of the Virgin Group, with deepfake videos promoting fraudulent investment opportunities. The scams repeated with such frequency that Branson felt compelled to post an Instagram video educating followers on detection methods. His core advice remains sound: verify information through official channels only. For brand founders like Branson, this meant consulting Virgin.com. Blue verification checkmarks on social media platforms offer false reassurance and should not be treated as definitive proof of authenticity.
The proliferation of scam advertisements across social media stems from the same targeting infrastructure that legitimate marketers employ. Scammers purchase advertising space on TikTok and Instagram to reach individuals most likely interested in their offerings. Beare notes that criminals can afford these advertising expenditures precisely because they have no actual inventory to ship or fulfil. Unlike legitimate retailers, their entire business model depends on the initial transaction defrauding the customer. The economic model inverts traditional e-commerce: instead of acquiring customers to build a sustainable business, scammers spend on advertising solely to extract immediate payment. This makes them willing to bid aggressively for ad placement targeting interest categories—bicycles, sneakers, electronics—that would align with products they purport to sell.
Detecting counterfeit e-commerce sites requires due diligence but remains feasible. A straightforward approach involves searching for the website address on Google and reviewing what others have said about it on platforms like Reddit. More sophisticated methods leverage AI itself as a defence tool. Malwarebytes recently partnered with OpenAI and Anthropic to integrate free scam-detection capabilities into ChatGPT and Claude. Users can paste website URLs and screenshots into these chatbots and request analysis of whether a site is legitimate. The technology essentially turns powerful language models into authentication assistants, using their ability to access and synthesise information about known scams and legitimate businesses. However, such tools require effort and technical literacy that not all users possess.
For most people, the simplest and most reliable principle remains unchanged by technological advancement: if an offer appears too good to be true, it almost certainly is. A pair of premium sneakers discounted 80 percent, a job paying exceptional wages for minimal work, a long-lost acquaintance suddenly reappearing with emotional appeals for assistance—these scenarios should trigger scepticism. The specific mechanics of fraud may have evolved with artificial intelligence, but the underlying psychological vulnerabilities they exploit are ancient. For Malaysian consumers navigating an increasingly digital marketplace, maintaining healthy scepticism while learning to distinguish between legitimate marketing and fraudulent deception has become an essential digital literacy skill. The responsibility to protect oneself has shifted from passive observation of obvious red flags to active verification of claims and sources. Organisations, platforms, and governments must simultaneously strengthen their defences, but individual awareness and caution remain the first line of protection in an era when AI makes nearly perfect imitation possible.
