Cyber Monday is the ultimate digital shopping event. But this year, the stakes are higher than ever – and it’s all thanks to artificial intelligence (AI).
While the 2024 online holiday sales have already leaps north $10 billion, a different, more nefarious increase is happening in the background as cybercriminals ramp up their arsenal of AI-driven scams and frauds.
And the AI-driven escalation of the cyber threat landscape has kept some of the world’s largest companies on their toes. CJ Moses, Amazon’s Chief Information Security Officer (CISO), said that in the last six months alone, the e-commerce giant has seen hacking attempts increase sevenfold, from 100 million to 750 million per day.
The reason? Moses reports that this is largely due to AI. Indeed, as businesses focus on sales and operations this holiday season, cybercriminals are leveraging advanced AI tactics to exploit vulnerabilities at unprecedented speed and scale.
The increase in cyber threats is not unique to Amazon either. Financial institutions like JPMorgan have also reported a substantial increase in hacking attempts, with the bank observing tens of billions of attempts daily, a volume of attacks that has doubled year on year.
From spear phishing campaigns to fake vendor portals, bad actors target businesses with precisely crafted attacks that can disrupt operations, compromise sensitive data, and erode customer trust.
Learn more: As AI advances, so do cyberthreats to commerce
The evolving threat landscape for businesses
In the past year alone, AI-powered cyberattacks have become increasingly sophisticated. Traditional threats like phishing and malware have been empowered by AI, allowing hackers to create more realistic emails, fake vendor websites, and fraudulent payment portals. Unlike consumer scams, these attacks often aim for larger gains, targeting financial data, intellectual property and business systems.
An October report from ChatGPT maker OpenAI has revealed that fraudsters are using the company’s AI systems to create malware and carry out cyberattacks. One group even targeted OpenAI directly with tactics exploiting the company’s own products.
“The barrier to entry has never been lower since threat actors“, Discover® Global Network Information Security Manager Sunil Mallik told PYMNTS in July.
Some of the top cyber risks businesses face include AI-based phishing, fake supplier portals, ransomware, and compromised supply chains.
Thanks to advances in AI, personalized phishing emails that impersonate trusted vendors, partners, or internal employees are increasingly difficult to detect and increasingly easier to deploy at scale. These messages often exploit urgency or routine payment processes to trick recipients into sharing their credentials or approving fraudulent transactions.
Likewise, it is increasingly easy for cybercriminals to deploy AI and replicate vendor websites or B2B platforms, tricking businesses into making payments to fraudulent accounts or downloading malware disguised as invoices or contracts. And perhaps most importantly, AI enables the automation of ransomware campaignsincreasing their frequency and reducing the detection window. Once inside, these attacks can cripple business operations.
Taken together, these threat vectors expose and target weak links in B2B supply chains, using smaller suppliers or their subsidiaries as entry points to penetrate larger companies.
Learn more: As supply chains go digital, cybersecurity must be the strongest link
Building Resilience Against AI-Driven Cybercrime
For businesses, the consequences of a cyberattack go beyond financial losses. Downtime, reputational damage and disrupted partnerships can have long-term consequences. In a context of dynamic threats, there is a growing need for continued advancements in defense mechanisms to protect against increasingly sophisticated attacks.
After all, AI isn’t just for scammers. Businesses are also embracing modern technology as they seek to fight fire with fire. This is why it is important for B2B companies to ensure their e-commerce or procurement platforms meet the latest security standards, including encrypted transactions and compliance with global cybersecurity frameworks.
For B2B companiesAutomated accounts payable (AP) and accounts receivable (AR) systems are also essential to help flag unusual payment requests or changes in supplier account details.
“In the past you could only notice the fraud after it has happened – like when a check was forged or the money was sent to the wrong place,” Chris Wyattdirector of strategy at Finexiotold PYMNTS. “Now AI tools can prevent fraud before it happens by identifying suspicious activity in real time. »
But to benefit from these benefits, businesses must first embrace AP modernization. Searching for PYMNTS Intelligence and Finexio underlines the scale of the problem, showing that 36% of companies have not yet automated any part of their AP processes.
Ultimately, by prioritizing proactive defenses, leveraging AI-based cybersecurity solutions, and fostering a culture of vigilance, businesses can work to thwart cybercriminals and protect their operations.