Artificial intelligence (AI) has changed how we work, communicate, and even manage our finances. While AI is helping employers work smarter and faster, it’s also giving fraudsters powerful tools to scam people and steal information. One of the fastest-growing threats? AI-driven account takeover fraud.
In fact, about 1 in 4 Americans have already fallen victim to account takeovers, according to Security.org, and that number only continues to grow. As bad actors become more sophisticated in their attacks, it’s important to understand where the risks lie in order to protect employees, plan participants, and your business.
What Is AI-Driven Account Takeover Fraud?
Criminals are using generative AI (Gen AI) to create ultra-realistic content like text, audio, and even fake IDs. This tech is impressive, but in the wrong hands, it can be used to trick people and break into accounts.
Here are a few ways fraudsters are getting into accounts:
- Social Engineering Scams
AI-enhanced phishing attacks can scan social media or public info to create emails or texts that look legitimate and might even come from what seems like a trusted source to trick people into clicking dangerous links or sharing passwords.
- Voice Cloning
Gen AI can clone someone's voice with just a few seconds of recorded speech. That means a scammer could sound like your boss, bank, or even a loved one, convincing you to take action or share sensitive info.
- Fake ID Documents
Gen AI can also generate realistic fake documents. These can be used to open fraudulent accounts or verify unauthorized access without raising any red flags.
How Can Employers Protect Plan Participants?
Education is key. People are the first and best line of defense against fraud, and the more they know, the safer their accounts will be.
If you are a Consumer Driven Health Plans (CDHP) client with Medcom, we partner with Alegeus for their WealthCare Administration (WCA) platform, which includes several layers of built-in protection, like:
- Multifactor authentication
- Blocking multiple failed login attempts
- Strong password requirements
Pro-tip: Encourage participants to opt into account alerts through the WealthCare Participant Portal to help stop fraud before it starts.
We’re always striving for new ways to keep participants' PHI safe.
Stay Smart. Stay Secure.
Fraudsters are evolving, and so are we. With smart tools, ongoing education, and a little extra vigilance, we can help stop account takeover fraud in its tracks.
Have questions or want help sharing this info with your participants? Contact us today; we’re here to help!
Resource: Alegeus.
