Brett Johnson spent over a decade hacking into systems, stealing identities, and selling stolen credit cards on the dark web. He stole millions of dollars, often earning more than $100,000. hole. per month thanks to tax refund fraud.
He then worked with the Secret Service and private companies as a consultant, helping to combat the types of crimes he himself had once committed. In a recent interview, he told Business Insider's Carter Thallon that the criminal world he helped create is mutating into something harder to detect — and almost impossible to stop.
Read also in BUSINESS INSIDER
Cybercrime is becoming more and more organized — and as he points out — it's a problem. The next wave of cybercrime will come from entire AI-powered operations, where machines will write scams, falsify evidence, and even talk to victims in real time.
Here are the three growing cyber threats that most alarm us.
1. The deepfake problem is just beginning Brett Johnson warns that there may be a future where we won't be able to trust anything on the internet.
|
Brett Johnson (private archive)
Johnson said deepfakes, which convincingly imitate real people, will become a key element of online fraud. Criminals are already using them to spoof voicemails and pretend to be live video calls. This technology will soon make it impossible to trust what we see or hear on the internet, Johnson said.
“To deceive you, I have to make you trust me,” says the former hacker. But deepfakes allow criminals to bypass the effort to gain trust, by impersonating an already credible person, which significantly speeds up the process of turning you into a victim.
Last year, for example, a finance employee was defrauded into approving foreign transfers worth more than $25 million. The employee was given instructions during a video call that turned out to be full of deepfakes recreating his real colleagues, including the organization's CFO.
— We're getting to the point where we can no longer trust anything we see or hear online, and it's getting really dangerous. says Johnson.
The threat is compounded by the speed of AI tools that can mimic speech patterns, create realistic faces, and write messages tailored to the victim's personality.
See also: The original idea for this game got out of hand. The perverse history of Monopoly
2. Scam farms operating like corporations
As Brett Johnson says, gone are the days when fraudsters operated alone. Scam farms are becoming the new norm.
Fraud farms are buildings full of workers – often victims of human trafficking or forced labor – who run multiple frauds simultaneously.
Some of such operations specialize in the so-called Pig butchering, i.e. long-term romance scams that empty victims' savings.
This is what happened to Ahmet Tozal, who recently told BI's Matthew Loh about the relationship he allegedly built with a woman he met online.
Over the course of several weeks, the woman convinced him to invest the equivalent of over a year's earnings in a cryptocurrency that did not exist. Eventually, he had to leave Turkey for Uzbekistan to find a better-paid job and support his family.
These fraud farms operate like organized businesses, with employees rotating in shifts and supervisors keeping an eye on them. — We haven't seen anything like this before — Johnson says of the times he scammed people in the 1990s and early 2000s.
— Back then, you saw criminals cooperating and networking on a cooperative basis. But today it's much more organized, he adds.
3. The rise of synthetic identities
The same automation that powers deepfakes is taking identity theft to a new level.
Johnson calls synthetic identity fraud — a mixture of real and false personal information used to create a new digital persona — the No. 1 form of identity theft in the world.
This is particularly disturbing because, he says, “synthetic frauds are almost invisible because such a person does not actually exist”. He adds that “this is 80% of all new account opening frauds, 20% of all credit card chargebacks, 5% of all credit card debt” – The scale is huge – he emphasizes.
Once a false identity builds a credit history, it can be used to open bank accounts, apply for loans or facilitate money laundering. Banks often discover fraud only after accounts disappear. If synthetic identities continue to grow, fraud detection could become exponentially more difficult.
How to protect yourself against fraud?
Fraud is easier to carry out today than ever before. – The criminal no longer needs to understand any aspect of the crime. He can instantly buy tutorials, take live classes, buy everything he needs online, and immediately start committing crimes efficiently and profitably says Johnson.
That's why it's important to know how to protect yourself. From the statements of Johnosn and other experts, we can create some basic advice:
- Practice situational awareness online: understand that there are predators on every online platform.
- Reserve your PESEL and set alerts wherever possible: this will allow you to react immediately
- Follow good password practices: never use the same password for different accounts
- Enable multi-factor authentication: when combined with other tools, it can significantly increase security
- Be careful what you share on social media: Fraudsters can easily obtain sensitive information such as your date of birth or mother's maiden name and use it to attempt a hack.
The above text is a translation from American edition of Business Insider
