International

Cybersecurity experts warn of rise in AI impersonation scams and urge use of secret passwords

Monday, 26 May 2025 12:21AM UTC

As AI-powered impersonation scams escalate, cybersecurity chiefs like EclecticIQ's Cody Barrow call for simple yet effective protective measures such as secret passwords among trusted contacts to combat sophisticated digital fraud.

As advancements in artificial intelligence continue to reshape various sectors, their implications for personal security have become increasingly concerning. In recent discussions surrounding the rise of sophisticated AI impersonation scams, cybersecurity experts have issued urgent warnings and advice on protective measures that individuals can take to safeguard their identities.

Cody Barrow, the chief executive of the cybersecurity firm EclecticIQ and a former advisor to the US government, emphasises the urgency of the situation. He notes the alarming ease with which cybercriminals can now create realistic deepfakes, leveraging readily available AI technology. Speaking candidly, Barrow highlights the unsettling reality that “AI is huge. It’s not just hype.” With a heightened risk of impersonation scams, he advocates for establishing secret passwords or phrases amongst friends and family. This relatively simple measure can serve as a crucial verification tool when facing potential AI-generated communication, especially in situations involving requests for money or personal assistance.

Barrow's insights resonate within a broader context of rising data breaches and cyberattacks. Recent incidents affecting prominent UK retailers, such as Marks and Spencer, have illustrated vulnerabilities that can be exploited through human error. Marks and Spencer reported that their breach was a result of social engineering tactics that took advantage of third-party access. According to Barrow, hackers often capitalise on predictable security setups, such as standard two-factor authentication, making it easier to manipulate unsuspecting individuals into compliance.

Further recommendations from cybersecurity experts reinforce Barrow's message. Research underscores the importance of establishing a family safe word to enhance identity verification when unexpected circumstances arise. This suggestion is echoed across multiple platforms, including advice from organisations like CSIRO and Seacoast Bank. In the face of evolving cyber threats, maintaining a heightened awareness of personal information shared online and regularly updating security measures is essential.

As the landscape of digital communication evolves, the tactics employed by scammers are becoming increasingly sophisticated, with AI-enabled voice cloning services used to replicate unsuspecting individuals’ voices. This has raised alarm, suggesting that even the most cautious individuals can be caught off guard. A simple yet effective strategy—creating and utilising a shared secret word—can provide an additional safeguard, allowing people to confirm their identities in potentially compromising situations.

The situation calls for not only personal vigilance but also a collective effort to enhance cybersecurity measures across the board. As noted by insights from various cybersecurity experts, many individuals may not realise that they have previously been victims of data breaches, leaving them susceptible to future scams. Given the statistics indicating that a significant proportion of the population have had their personal information compromised at some stage, implementing these straightforward yet powerful practices can help mitigate the ongoing risks associated with AI-driven fraud.

In the face of rapidly changing technology and its implications, it is more important than ever for both young and older individuals—who may possess varying levels of digital savvy—to remain informed and proactive about their online security.

Reference Map:

Paragraph 1 – ^[1], ^[4]
Paragraph 2 – ^[1], ^[3]
Paragraph 3 – ^[2], ^[5], ^[6]
Paragraph 4 – ^[5], ^[7]
Paragraph 5 – ^[1], ^[4]

Source: Noah Wire Services

More on this

https://www.independent.co.uk/news/uk/home-news/ai-scam-password-warning-uk-b2757694.html - Please view link - unable to able to access data
https://www.csiro.au/en/news/all/articles/2024/december/cybersecurity-top-tips - This article from CSIRO provides five cybersecurity tips to protect against scams and deepfakes. It emphasizes the importance of having a family safe word to verify identities, advises not to hesitate in hanging up on suspicious calls, recommends enabling multi-factor authentication, suggests turning on banking push notifications, and highlights the need to be aware of personal information shared online. These measures aim to enhance personal security in the face of evolving cyber threats.
https://corporate.visa.com/en/sites/visa-perspectives/security-trust/executive-impersonation-scams.html - Visa's article discusses the rise of executive impersonation scams facilitated by AI-generated deepfakes. It offers top tips to avoid such scams, including being skeptical of unusual communications, verifying identities through official channels, avoiding clicking on unknown links, securing sensitive data with strong passwords and multi-factor authentication, reporting suspicious activity, and staying informed about emerging threats. The piece underscores the importance of vigilance and proactive measures in cybersecurity.
https://www.scientificamerican.com/article/a-safe-word-can-protect-against-ai-impostor-scams/ - This Scientific American article highlights the increasing use of AI voice-cloning services in impostor scams. It recommends establishing a safe word with family and friends to verify identities during unexpected communications, especially when requests for money are involved. The piece emphasizes the effectiveness of this simple yet powerful strategy in preventing AI-infused phone scams and protecting personal and financial information.
https://www.seacoastbank.com/resource-center/blog/ai-a-new-tool-for-scammers - Seacoast Bank's blog post discusses how scammers are leveraging AI to replicate voices and deceive individuals. It provides protective measures such as creating a safeword with family and friends to authenticate phone calls, strengthening passwords with two-factor authentication, and allowing unknown calls to go to voicemail to verify identity. These strategies aim to safeguard personal information from AI-driven scams.
https://www.keepersecurity.com/blog/2023/06/21/how-cybercriminals-are-using-ai-for-cyberattacks/ - This Keeper Security blog post explores how cybercriminals are utilizing AI for cyberattacks. It offers guidance on staying safe from AI-enabled cyberattacks, including securing accounts with strong, unique passwords and multi-factor authentication, regularly backing up data, keeping software and devices up to date, and creating a safe word with family to prevent AI vishing scams. The article emphasizes proactive measures to enhance cybersecurity.
https://nationalcybersecurity.com/ai-hacking-scams-are-on-the-rise-heres-how-to-protect-your-money-points-and-miles-hacking-cybersecurity-infosec-comptia-pentest-hacker/ - This article discusses the rise of AI hacking scams and offers protection strategies. It advises having a family verification method, such as a secret family password, to confirm identities during unexpected communications. The piece also recommends setting up two-factor authentication on accounts and considering the use of passkeys for secure digital verification. These measures aim to protect personal and financial information from AI-driven scams.

Noah Fact Check Pro

The draft above was created using the information available at the time the story first emerged. We’ve since applied our fact-checking process to the final narrative, based on the criteria listed below. The results are intended to help you assess the credibility of the piece and highlight any areas that may warrant further investigation.

Freshness check

Score: 8

Notes: The narrative is recent, published on May 25, 2025. However, similar advice on using safe words to combat AI impersonation scams has been available since at least May 6, 2024, as reported by Scientific American. ([scientificamerican.com](https://www.scientificamerican.com/article/a-safe-word-can-protect-against-ai-impostor-scams/?utm_source=openai)) The Independent's report may be building upon this existing information. Additionally, the article references previous incidents involving UK retailers, indicating that the topic has been discussed in the media for some time. Therefore, while the article provides timely coverage, the core advice is not entirely new. The presence of a press release suggests a high freshness score, but the recycled nature of the content slightly lowers it.

Quotes check

Score: 7

Notes: The article includes a direct quote from Cody Barrow, chief executive of EclecticIQ, emphasizing the ease with which cybercriminals can create realistic deepfakes using readily available AI technology. This quote appears to be original to this report, as no earlier instances of this exact wording were found. However, similar sentiments have been expressed by other experts in previous reports, such as those from Scientific American and CSIRO. The originality of the quote is moderate, as it aligns with existing discussions on the topic.

Source reliability

Score: 9

Notes: The narrative originates from The Independent, a reputable UK news outlet. The inclusion of a press release indicates that the information is officially sourced, enhancing its credibility. However, the reliance on a single source for the core advice slightly reduces the overall reliability score.

Plausability check

Score: 8

Notes: The claims made in the narrative are plausible and align with known cybersecurity threats involving AI-driven impersonation scams. The advice to establish secret passwords with close contacts is consistent with recommendations from other cybersecurity experts and organizations. However, the lack of new, detailed information or unique insights in the article suggests that it may be reiterating existing knowledge without significant additions.

Overall assessment

Verdict (FAIL, OPEN, PASS): OPEN

Confidence (LOW, MEDIUM, HIGH): MEDIUM

Summary: The narrative provides timely coverage of AI impersonation scams and the use of secret passwords to combat them. While the core advice is not entirely new, the inclusion of a press release and the recent publication date suggest a moderate level of freshness. The originality of the quotes is moderate, and the source reliability is high. However, the lack of new, detailed information or unique insights in the article indicates that it may be reiterating existing knowledge without significant additions.

AI scams
cybersecurity
identity theft
deepfake
data breach