(Image source: microsoft.com)

Microsoft recently released a report titled 'Cyber Signals' revealing 'AI-Based Fraud Methods: Evolving Threats and Response Strategies.' This report discusses how artificial intelligence technology is advancing cybercrime methods, and how Microsoft is establishing multilayered security strategies to combat them.

According to Microsoft, they have blocked approximately $4 billion worth of fraud attempts from April 2024 to April 2025, and prevented an average of 1.6 million automated bot account creation attempts per hour. They also stated that they rejected 49,000 false partner registration requests, safeguarding the integrity of their platform.

AI has become an easy tool for cybercriminals, lowering technical barriers. Criminals use AI to create convincingly disguised phishing messages, fake online shops, and false job postings quickly and easily, designing sophisticated social engineering attacks. For example, attacks disguised as organization employees or executives after automatically collecting and analyzing specific company information are becoming increasingly natural and persuasive. When combined with deepfake videos, voice synthesis, AI chatbots, victims can be lured into scam scenarios without even realizing the manipulation.

E-commerce and job search platforms are primary targets of these attacks. Fraudulent e-commerce sites meticulously mimic real brands, gaining consumer trust through AI-generated reviews, product descriptions, and customer feedback. AI chatbots handling customer service delay refunds or provide responses to appease victims' complaints, masquerading the scam site as a legitimate seller.

In job search platforms, fake job postings combined with AI-generated HR profiles and automated email campaigns mislead job seekers into believing they are genuine opportunities. Even deepfake interview videos are used, leading victims to unknowingly hand over personal and financial information to scammers.

Microsoft introduces various security technologies integrated into their services to counter these threats. Microsoft Edge browser supports features such as deep learning-based fraud domain detection, typo prevention, and scareware blocking to protect users from fraudulent websites.

Defender for Cloud conducts vulnerability assessments and threat detection across the Azure environment, while Microsoft Defender SmartScreen provides cloud-based security features to preemptively block phishing sites and malicious file downloads.

Scams impersonating technical support remain a serious threat. Microsoft reports instances of cybercrime organization 'Storm-1811' exploiting Microsoft's remote support tool 'Quick Assist' to impersonate IT personnel and remotely access victims' computers. This social engineering attack, based on user trust, can cause significant harm even without direct AI involvement.

Microsoft responds to such attacks by blocking suspicious Quick Assist connection attempts in real-time, preventing around 4,400 connections daily. They have also added a feature to display security alerts when a full-screen sharing request is made, increasing awareness of suspicious access attempts.

In corporate environments, Microsoft recommends using the more secure 'Remote Help' feature, which operates only within approved tenants within the organization, making it safer than Quick Assist. Additionally, a system incorporating AI-based digital fingerprint recognition technology is in operation to detect and block fraudulent connections in advance.

Microsoft adopts a security strategy called 'Fraud-resistant by Design,' which includes structural designs for fraud prevention from the early stages of product development. Starting from January 2025, all product development teams are required to conduct security evaluations and implement control mechanisms for fraud detection.

In this report, Kelly Bissell, Vice President of Microsoft's security organization, stated, "Cybercrime has surpassed the realm where individual companies can handle it alone," emphasizing the need for Apple, Google, and Microsoft to share information and technology, forming partnerships to combat cyber threats together.