AI-Powered Cyber Attacks, Why Yesterday’s Defenses Aren’t Enough.

Last year, a UK engineering firm made a routine (so they thought) transfer of millions of dollars, following a video call with "senior management." It was later revealed that the employee who authorized the transfer had been communicating with someone posing as their manager. As a result, the employee was deceived into sending $25 million to cyber criminals.¹

This cyber-attack used psychology and sophisticated deepfake technology. While this was an extreme case, similar incidents are occurring with growing frequency.

The widespread availability of AI technology, combined with the ease of manipulating video calls, makes phone and Zoom calls susceptible to exploitation by threat actors. We have yet to see this become as frequent as Ransomware as a Service (RaaS) i.e. ransomware sold as a product for third parties to hold others to a ransom, but it could be the next big thing.

How can you prevent these attacks?

• Using tokens, OTPs, or app-based verification for all sensitive systems which do not rely solely on voice or facial recognition.
• Extreme measures - biometric detection systems
• Code words or questions for high risk or larger approvals
• AI detection software
• Awareness programs
• Vendor and supply chain screening
• Secure communication channels
• Strict authorization protocols
• And many more, consult your cyber security/IT team regularly

Underwriters are adapting to this trend by closely scrutinizing cybercrime controls like the ones listed above. If you have not already reviewed your security protocols, now is the time to ensure they are consistently applied to every transaction. Strong cybersecurity measures can help reduce premiums, prevent costly wire fraud losses, prevent uninsurable losses or coverage denials.

While cyber insurance typically covers direct cyber attacks, many policies limit or exclude social engineering losses. To mitigate this risk, some carriers require specific security measures, such as callback provisions, as a condition of coverage. A callback provision requires policyholders to have defined authentication procedures in place when transferring funds, typically by contacting the requester through a pre-approved phone number before payment is released. If a cyber insurance policy has a callback provision in place, the insurer may only provide coverage for a social engineering claim if the insured has followed the necessary procedures. Failure to follow these procedures can result in a denied claim.

As AI-enabled fraud continues to evolve, organizations must treat cyber security and financial verification controls as business-critical risk management tools, not just IT functions. Proactive awareness, disciplined procedures and alignment between internal teams and insurance partners can significantly reduce exposure before a loss occurs. In an environment where one convincing interaction can lead to devastating consequences, preparedness is no longer optional.