As generative AI continues to advance, fraudsters are taking full advantage of its capabilities with AI-powered fraud techniques that are faster, more convincing, and harder to detect than ever before. This was the topic of a recent DataVisor webinar, “AI Tools Fraudsters Use in 2025.”
During the webinar, DataVisor cybersecurity and fraud prevention experts Qing Han and Antenor Neto discussed how malicious actors are weaponizing AI across a range of schemes – from voice cloning to phishing-as-a-service. The session explained how easily today’s technology can be manipulated for fraud.
“We’re not just talking about hypothetical threats anymore,” said Neto, Product Marketing Manager at DataVisor. “These tools are being used right now, and they’re incredibly effective.”
Here, we break down the seven most sophisticated AI tools fraudsters are using and how they're reshaping the fraud landscape.
1) Voice Cloning: The Perfect Impersonation
Using AI-generated speech models, fraudsters can clone voices with astonishing accuracy. Tools like ElevenLabs allow bad actors to replicate someone’s tone, cadence, and speech quirks based on just a short audio clip.
In one example from the webinar, an AI-generated voice impersonated a man named Carter and called his own mother to request her driver’s license number. She was fooled and complied with the request. By cloning voices, scammers can now bypass voice-verification systems – even your parent! – to impersonate executives and manipulate employees into transferring funds.
2) Deepfake Videos: Face-to-Face with a Fraudster
Deepfake video technology has become accessible and surprisingly easy to use. Tools like FaceFusion 3.1.2 and DeepFaceLive allow fraudsters to swap faces into pre-recorded videos or even in real time.
During the webinar, Neto demonstrated how fraudsters can use these tools to insert an actor into a fake company welcome video. Deepfakes can also be used to impersonate CEOs on video calls, create fake security camera footage, or manipulate media narratives.
“I couldn’t perform this operation in real time due to a lack of computing power – converting video at 25 frames per second requires a significant amount of processing,” Neto said, adding that it would be no problem for an organized, well-funded crime ring to accomplish this task. “They can easily invest in high-performance GPUs to carry out these activities at scale.”
3) Synthetic Identities: Fake People, Real Damage
Synthetic identities are manufactured personas built using a mix of real and fabricated data. These can include realistic names, addresses, social security numbers, and even AI-generated faces.
In one example, a fraudster used Google’s Gemini to generate fake consumer data formatted for a machine learning model. This information could easily be scaled for brute-force attacks.
Even more concerning: fraud-as-a-service (FaaS) platforms like OnlyFake now sell high-quality fake IDs. Journalist Joseph Cox reportedly passed a crypto exchange’s identity verification process using one of these fakes.
“The tech is improving, and it’s working in real life,” said Qing Han, DataVisor’s Data Science Manager.
4) Social Listening: Targeting with AI Precision
By scraping social media, forums, and public databases, fraudsters use AI to identify vulnerable individuals based on recent life events such as job loss, divorce, or bereavement. For example, a fraudster may pose as a recruiter and target job seekers with requests for recruiting fees. These attacks are more likely to succeed because they’re tailored, timely, and emotionally manipulative.
Unlike traditional phishing blasts, social listening allows for surgical targeting. AI makes this process faster and more scalable than ever before.
5) Romance Scams and Social Media Impersonation
AI-generated content is fueling a new generation of social engineering scams: fraudsters are creating fake digital profiles complete with AI-generated headshots to lure victims into romantic relationships or professional networking traps.
DataVisor’s webinar referenced the infamous "Fake Brad Pitt" romance scam, where a woman lost thousands to a con-artist who tricked her with AI-generated images and messages.
Even tools like ChatGPT can be abused. “I asked [ChatGPT] to generate an image of Leonardo DiCaprio holding a sign that said ‘Kate, I miss you,’” Neto said. “It did it in seconds – and the result could absolutely be used in a romance scam.”
6) Phishing-as-a-Service: No More Typos, No More Limits
Phishing emails used to be easy to spot because of bad grammar, weird phrasing, generic intros and other red flags. Not anymore! Large language models (LLMs) can now generate polished, hyper-personalized emails at scale.
Tools such as WormGPT offer uncensored versions of ChatGPT that generate phishing emails, malware code, and even deep fake scripts. These are often sold as monthly or annual subscriptions.
Even more concerning, phishing-as-a-service (PhaaS) platforms now offer brand impersonation features, customizable templates, and real-time attack optimization. “There’s no longer a language barrier,” said Neto. “These emails look like they’re coming from a local team member or trusted partner.”
7) Behavioral Cloning and Identity Crisis
Beyond static data, fraudsters are beginning to mimic people’s behavior – and this is where things get even more complicated.
“As tools get cheaper and better, we’re seeing what we call an identity crisis,” said Neto. “It’s no longer enough to verify who someone is; you have to understand how they behave.”
“Static ID checks at onboarding aren’t enough anymore,” said Han. “What matters is continuous behavior monitoring to detect suspicious activity after the fact.”
In one instance, three synthetic accounts passed ID checks and sat idol for a full month before testing the system with small transfers. Later, larger transactions were completed using stolen cards. The behavior was deliberately spaced out to avoid detection.
When analysts connected the dots between various signals such as IP subnet, patterns, and duplicate recipient names, the fraud was exposed; but it took a network-wide behavior analysis to spot it.
Fighting Fire with Fire
So how can organizations keep up? AI may be the problem, but it’s also part of the solution.
“To prevent AI-driven fraud, we must treat it as a long-term challenge that starts during the customer onboarding phase,” Han said. However, she added that fraud prevention doesn’t stop at onboarding. “Unlike static ID verification, behavioral analysis is dynamic and ongoing, and ultimately, more effective.”
AI-powered fraud management solutions like DataVisor can help organizations stop fraud by:
- Detecting new and emerging fraud patterns
- Automatically generating and optimizing fraud rules in real time
- Integrating quickly into fraud systems for faster response
- Reducing manual work and accelerating investigation timelines
These capabilities can give fraud teams the edge they need and help shift their mindset from static identity checks to dynamic behavior analysis.
“AI-related fraud is challenging, but we have ways to overcome it,” said Han. “With the right approach, we can fight fire with fire.”
Go Deeper into AI-Powered Fraud, with DataVisor
Watch the full webinar, “AI Tools Fraudsters Use in 2025,” for deeper expert insights and examples into how AI is transforming the fraud landscape.
Interested in how AI can help you prevent fraud? Learn how DataVisor is helping organizations use AI to outsmart modern fraud threats.







