Generative AI financial scammers are getting very good at duping work email

To join the CNBC Technology Executive Council, go to cnbccouncils.com/tec

More than one in four companies now ban their employees from using generative AI. But that does little to protect against criminals who use it to trick employees into sharing sensitive information or pay fraudulent invoices.

Armed with ChatGPT or its dark web equivalent, FraudGPT, criminals can easily create realistic videos of profit and loss statements, fake IDs, false identities or even convincing deepfakes of a company executive using their voice and image.

The statistics are sobering. In a recent survey by the Association of Financial Professionals, 65% of respondents said that their organizations had been victims of attempted or actual payments fraud in 2022. Of those who lost money, 71% were compromised through email. Larger organizations with annual revenue of $1 billion were the most susceptible to email scams, according to the survey.

Among the most common email scams are phishing emails. These fraudulent emails resemble a trusted source, like Chase or eBay, that ask people to click on a link leading to a fake, but convincing-looking site. It asks the potential victim to log in and provide some personal information. Once criminals have this information, they can get access to bank accounts or even commit identity theft.

Spear phishing is similar but more targeted. Instead of sending out generic emails, the emails are addressed to an individual or a specific organization. The criminals might have researched a job title, the names of colleagues, and even the names of a supervisor or manager.

These scams are nothing new, of course, but generative AI makes it harder to tell what's real and what's not. Until recently, wonky fonts, odd writing or