Digital fraud has never been this sophisticated, and artificial intelligence plays a central role in this shift

If you still think you can spot a scam by asking for a video call, that method is already outdated. Cybersecurity experts warn that roughly half of all digital fraud now involves some type of AI tool, including deepfake technology capable of transforming anyone’s face in real time using apps that anyone can download on their phone.

A demonstration by CBS News California Investigates made this crystal clear: in just a few minutes, investigative reporter Kristine Lazar was visually transformed into Taylor Swift using a regular consumer app. The result was convincing enough to fool anyone who didn’t know Lazar personally and couldn’t recognize her natural mannerisms.

Pretty wild, right?

But the problem goes way beyond funny or viral videos on social media. This same technology is being actively used by criminals to:

• Steal the real identities of rideshare drivers
• Create extremely convincing fake documents
• Set up fictitious companies to obtain bank loans and credit cards
• Clone legitimate websites to capture login credentials and financial data
• Trick video-based identity verification systems
• Impersonate public figures like Elon Musk in social engineering scams

And the most concerning part is that traditional methods for detecting scams simply don’t work anymore.

Understanding how all of this works is the first step toward protecting yourself. 🔍

How deepfakes became the go-to tool for digital scammers

Deepfake technology initially emerged as a tech curiosity, something researchers used to experiment with image and video synthesis. As artificial intelligence models advanced, especially the generative neural networks known as GANs (Generative Adversarial Networks), this technology left the labs and landed in the palm of anyone with a smartphone. Today, free apps available in digital stores can overlay faces onto videos with a disturbingly realistic quality, without requiring any technical knowledge from the user. What used to take hours of processing on powerful computers now happens in real time with a front-facing camera and a decent internet connection.

Soups Ranjan, CEO of fraud prevention company Sardine, doesn’t mince words when describing the current landscape. According to him, AI-generated fraud is going to be the greatest growth industry of all time. He went on to say that creating a deepfake video of someone else these days is really easy. The statement isn’t an exaggeration. During the demonstration conducted by the Sardine team alongside CBS News, it was clear that all it takes is a few minutes and a consumer-grade app to produce a convincing visual forgery.

This technological leap opened a massive window for criminals who saw deepfakes as the perfect tool for carrying out identity fraud at scale. The process works in a relatively straightforward way: the scammer collects public images or videos of a person, easily pulled from social media, and feeds that material into an AI model. In no time, the system learns that person’s facial features and can replicate them in a live video, fooling verification cameras, facial recognition apps, and even other people on a video call. The result is a forgery so convincing that automated security systems have an incredibly hard time detecting the inconsistency.

The most alarming scenario is that this technology is being combined with other AI tools to create increasingly elaborate fraud schemes. Beyond faking faces, criminals also use voice cloning, automated generation of fake documents, and even cloned websites that look identical to the originals. All of this together forms a sophisticated digital arsenal that turns identity theft into something practically invisible to the victim, who often doesn’t discover the scam until it’s too late.

Fake documents created with tools anyone can access

One of the most alarming points revealed by the CBS News demonstration is that creating fake identity documents no longer requires access to the dark web or advanced graphic design skills. Matt Vega, chief of staff at Sardine, showed during the demonstration how a fabricated passport was generated using software publicly available on the regular internet. The document was filled with a mix of fake and real personal information, making the forgery even harder for verification systems to detect.

Vega explained that it’s a rapidly growing site used essentially to create fake digital identity documents. And the scariest part is the success rate of these documents. According to him, you can create a very realistic-looking document that can pass verification processes nearly 100% of the time.

But how do scammers get the real personal information that makes these documents so convincing? This is where things get even more troubling. Even people who take extra precautions to protect their data online can be vulnerable. Vega gave a pretty illustrative example during the demonstration: even if someone has removed their date of birth from every public profile, all it takes is a friend posting a birthday message on Facebook years ago, on the right or wrong date, for a scammer to uncover that information.

This type of digital footprint is combined with data obtained from information breaches, the kind that happen when companies get hacked and have their customer databases exposed. Combining these sources allows criminals to build complete profiles of their victims, including name, date of birth, address, and even document numbers, all without any direct interaction with the person being targeted.

Websites cloned in minutes: the perfect replica that steals your data

Cloning legitimate websites is another attack vector that has gained insane efficiency with the help of artificial intelligence. The process described by the Sardine experts is straightforward: the scammer takes screenshots of a real website, feeds those images into an AI tool, and within minutes has a nearly identical replica up and running. This fake site is then used to capture login credentials, credit card information, personal data, and anything else the victim enters while believing they’re on the real site.

Matt Vega was emphatic in stating that it doesn’t matter what security system the original site is using. With AI, you can essentially create a replica copy of it in a matter of minutes. This means that even bank websites, payment platforms, and government services can be replicated convincingly enough to fool even the most attentive users.

What makes this type of scam particularly dangerous is the combination with social engineering techniques. Criminals don’t just create the fake site; they also send emails, text messages, or social media links directing victims to these cloned pages. And since AI is also used to generate persuasive, grammatically flawless text, the messages accompanying these links are much harder to identify as fraudulent than they were a few years ago.

Why traditional online security can’t keep up anymore

For years, online security advice was more or less the same: be suspicious of emails with spelling errors, don’t click on sketchy links, ask for a video call to confirm someone’s identity. These methods worked because scams were more rudimentary, relying on visible human mistakes and limited technology. But the advancement of artificial intelligence has completely changed the game, and a lot of the guidance we learned about staying safe online no longer applies the same way.

The CBS News California report made this reality painfully clear. The classic advice of requesting a video call to verify whether someone was who they claimed to be, the famous anti-catfishing test, has simply lost its validity. With current deepfake tools, scammers can transform into anyone they want during a live call, with a level of realism that fools human eyes and automated verification cameras alike.

Identity verification systems are also being put to the test. Many financial platforms, fintechs, and even government agencies have adopted facial recognition-based authentication processes as an extra layer of security. The problem is that these systems were developed before deepfakes became as accessible as they are today. Researchers have already demonstrated in public studies that it’s possible to fool several of these systems using AI-generated video, which means the protection many people rely on may have serious gaps that developers haven’t fully patched yet.

Another critical issue is the speed at which scams evolve compared to the speed at which defenses are updated. While cybersecurity companies like Sardine work to train real-time deepfake detectors, the AI models used by criminals also evolve, making fake videos increasingly difficult to identify. It’s a constant technological arms race, and the average user is stuck in the middle of this battlefield without necessarily having the tools or knowledge needed to protect themselves effectively.

Tools we use daily

Translation

Text Inspection & Clipping

Social Media

Search & Research

Recruitment

Programming

Productivity & Organization

Operations

Marketing & Sales

Finance & Investment

Education

Design & Media

Data & Analytics

Content & Writing

Automation

Warning signs and how to strengthen your digital protection

Even with all this sophistication, there are still ways to better protect yourself against deepfake-based fraud and digital identity theft. The first step is shifting your mindset: no visual verification on its own is sufficient proof of identity in a digital environment. If someone reaches out asking for personal data, financial transfers, or account access, the best move is to end that conversation and contact the company or person directly through an official channel you looked up yourself, never through the link or number sent in the suspicious message. This simple behavior alone eliminates a huge chunk of the most common risks.

The experts who participated in the CBS News demonstration also pointed out some details that deepfakes still tend to get wrong, even the most advanced ones:

• Eye movements that appear slightly out of natural rhythm
• Facial edges with slight blurring or flickering
• Lip sync that’s slightly off from the audio
• Inconsistent lighting between the face and the surrounding environment
• Absence of blinking or blinking at an irregular frequency
• Momentary visual glitches that appear especially during live streams

These errors are becoming rarer as the technology evolves, but in many cases they still show up, especially during live streams where real-time processing demands more from the AI and leaves room for noticeable flaws.

Beyond that, strengthening your online security layers goes way beyond having a good password. Enabling two-factor authentication on all important accounts, using different passwords for each service, keeping apps and operating systems up to date, and regularly monitoring your data through identity protection services are practices that significantly reduce the attack surface available to criminals.

The race between attack and defense isn’t slowing down

What the demonstration conducted by CBS News California Investigates made clear is that we’re living through a turning point in digital security. The same artificial intelligence driving incredible innovations in healthcare, education, and productivity is also being exploited by scammers to create fraud at a level of sophistication never seen before. Companies like Sardine are developing real-time deepfake detection solutions, but the race between attackers and defenders is constant and shows no signs of slowing down.

For the average user, the most important takeaway is that active vigilance needs to be part of your digital routine. It’s not about being afraid of technology, but about understanding that the landscape has changed and that precautions need to keep pace with that change. Artificial intelligence can be a powerful weapon in the wrong hands, but information and conscious digital habits remain the most effective defenses anyone can adopt. 🛡️