PARIS: Breakneck evolution of AI tools able to generate convincing text, images and even live video is enabling ever smarter and more targeted scams, cybersecurity experts said, urginginternet users to raise their guard.

In recent weeks a high-profile `romance scam` in France, in which a woman forked over 830,000 euros ($840,000), or fake donation drives for Los Angeles fire victims show `absolutely everyone, private individuals or businesses, is a target for cyberattacks,` said Arnaud Lemaire of cybersecurity firm F5.

One of the best-known forms of cyberattack is phishing, the sending of emails, texts or other messages under false pretences.Most try to get users to take an action like click a link, install a harmful programme or divulge sensitive information.

Phishing and its social-engineering cousin `pretexting` together accounted for more than 20 per cent of almost 10,000 data breaches worldwide last year, reported to US telecoms operator Verizon for the 2024 edition of its industry-staple Data Breach Investigations Report.

AI chatbots powered by large language models (LLMs) save attackers time and allow for more elaborate fake messages, Lemaire said. They also mean that `if someone is writing a phishing email... he can make the clues completely vanish` that might give away a non-native speaker of thetargetlanguage.Butthe textgenerators are just the tip of the AI iceberg.

For instance, AI can `take advantage of allthe datathathasbeenbreachedoverthe last few years to automate the creation of highly personalised scams,` Steve Grobman, Chief Technical Officer at security software maker McAfee, told reporters on Thursday. This is `something that just a few years ago would not be possible without an army of humans`.

`Safe word` Rather than going for a quick score, attackers often aim to gain the trust of select individuals at target firms over months or years. If an employee is success-fully tricked, attackers `might wait until this person becomes very influential or there`s a good chance for them to extort money` before exploiting the connection, said Martin Kraemer of cybersecurity training firm KnowBe4.

The stakes were on display in Feb 2024, when scammers swindled $26 million out of a multinational firm in Hong Kong.

Police said a finance worker believed he was videoconferencing with the company`s CEO and other staff all in fact AI-generated deepfakes. `The latest generation of deepfake video has got to a point where almost no consumers are able to tell the difference between an AI-generated image and a real image,` Grobman said.Internet users need to start applying the same scepticism to video as many now do to still images where `photoshop` has become a verbhe added. Faced with a purported news video online, that could be as simple as checking against a trusted source.

In personal communications, `I almost want to say it`s like BDSM, bondage, where you have a safe word,` F5`s Lemaire joked.

`You say to yourself, here`s the CEO asking me to make a $25 million bank transfer, I`ll bring something personal in to make sure it`s him.` Other tricks include asking a video caller to pan their camera around something AI for now has difficulty recreating, Lemaire said.-AFP