AI-powered fraud generates 4.5 times more profit, Interpol finds
TL;DR: Criminals using generative AI for fraud earn 4.5 times more than those relying on traditional methods, according to a new Interpol assessment. AI has transformed phishing, deepfakes and social engineering from crude operations into polished campaigns. Interpol warns that agentic AI could eventually enable fully autonomous fraud operations from reconnaissance through to ransom demands.
Generative AI has turned financial fraud into a significantly more lucrative operation for criminal networks. Interpol’s Global Financial Fraud Threat Assessment, published this week, found that criminals deploying AI tools generate 4.5 times the profit of those using conventional techniques.
The most immediate impact has been on phishing. Before AI, phishing emails were often easy to spot through poor grammar and awkward phrasing, typically produced by non-native speakers. Generative AI eliminates those tells, producing polished, brand-accurate communications that make traditional proofreading an unreliable defence.
Beyond phishing: deepfakes on demand
The threat extends well past email. Interpol’s report documents a growing market in deepfake-as-a-service kits on the dark web, enabling criminals to create convincing voice clones from minimal source material. These kits have lowered the barrier to impersonation fraud to a matter of dollars, putting sophisticated social engineering within reach of small-scale operators.
“Digital technology and AI, in particular, have dramatically transformed social engineering techniques and victim profiling, enabling fraudsters to construct highly persuasive fraud environments,” the report states.
Over the past two years, AI-enhanced fraud has allowed criminal networks to scale operations with minimal investment, targeting victims with personalised attacks that would previously have required significant manual effort.
Agentic AI: the next threat
Interpol’s most concerning finding relates to agentic AI systems capable of autonomously planning and executing complete fraud campaigns. These tools could handle every stage from initial reconnaissance and target profiling through to ransom demands, without human intervention.
This capability has not yet reached widespread criminal adoption. As Interpol notes, agentic AI has not yet fully delivered on its promise even in legitimate business applications. But the trajectory is clear, and the gap between proof-of-concept and operational deployment appears to be narrowing.
Looking forward
For UK businesses, the 4.5x profitability figure should recalibrate expectations about the sophistication of incoming threats. Traditional fraud detection training, particularly advice to look for spelling errors and unusual formatting, is increasingly outdated. Organisations need AI-aware security measures that match the tools being used against them.