Billions stolen as Big Tech enables deepfake scams
Applied to online scams that fleeced $2.7bn from Australians last year, the adage “caveat emptor” – “let the buyer beware” – has never mattered more. And it has never been as inadequate against overseas organised crime syndicates using sophisticated technology few of us understand. The criminals harness the ruthless greed of Big Tech, which is indifferent to the pain of internet users drawn in by fake advertisements, articles and videos purporting to feature respected figures such as miners Andrew Forrest and Gina Rinehart, businessman Dick Smith, former Sunrise host David Koch, A Current Affair host Allison Langdon and cricketer Shane Warne, who died in 2022. Even Treasurer Jim Chalmers’ and former Reserve Bank Governor Philip Lowe’s images have been hijacked, and one ad features a drawing of a man who resembles John Howard. Efforts to stop the rot by some whose reputations have been misused have proven futile. Dr Forrest’s attempt to hold Meta to account legally over fraudulent ads ended when commonwealth prosecutors decided not to pursue the charges he had launched against Facebook. “It shows that Facebook is beyond the laws of Australia, that hardworking Australians are not protected, and that scams will continue to run rampant with no recourse for those who are duped by increasingly sophisticated technology on social media platforms that take no responsibility,” he said last month.
AI technologies were turbocharging cyber fraud, UN Office on Drugs and Crime analyst John Wojcik told the newspaper this week: “It is becoming increasingly difficult for governments in the region to keep up.” A year ago, AI social engineering technology might have needed a 30-second audio clip of someone’s voice to clone it. That has been refined down to just two or three seconds.
Big Tech companies, which know scammers are active on their platforms, enable them through lack of oversight. Big Tech should invest, or be made to invest, in expert teams to track down scammers, lock them out of the net and report them to authorities. Ensuring those authorities act is a significant challenge for governments. The problem is too big for any one country. It needs to be tackled by a body such as the G20, as Mr Howard suggests.
Investigative reporting in the past week by national crime correspondent David Murray and Southeast Asia correspondent Amanda Hodge shows the law and the agencies supposed to enforce it have been left far behind by the scammers. Australians are losing billions of dollars to scams perpetrated through platforms such as Facebook and Instagram, as well as SMS and WhatsApp, operated by trafficked, often enslaved workers lured into scam centres across Southeast Asia through fraudulent ads. Myanmar, Cambodia, The Philippines, Laos and increasingly Dubai are now the global centres of “pig butchering” or romance scams – “fattening up” victims before the “kill”. The scam economy globally is equivalent to that of mid-size nations.
Australian users of Facebook, X, TikTok, online dating sites and encrypted group chat apps such as WhatsApp and Telegram are among the biggest losers. Many have been scammed out of their life savings, even when authorities are handed key data by watchdogs in other nations. As Murray revealed, Australians made up 34,000 of 90,000 victims from 90 countries fleeced of more than $568m by a crime network in Serbia. It used social media advertising to draw investors into fraudulent cryptocurrency schemes. About 14,000 Canadians and 13,000 Europeans were ripped off. Files shared by German police with the Australian Securities & Investments Commission included victims’ names, phone numbers, emails, addresses, identity documents, notes on their backgrounds and details of total losses. Scammers’ names and aliases also were provided. German police sent the database to warn Australian victims they had been dealing with a crime group and were at risk of greater losses. But ASIC had not contacted most victims, according to private cybercrime investigator IFW Global. “ASIC has had its work done for it. Why aren’t Australian authorities contacting people to warn them and get them to file criminal complaints?” one of its investigators told Murray. Nor did the websites named by German police in letters to defrauded German citizens come up in a search by The Australian of ASIC’s online Moneysmart alert list. Likewise the names of other fraudulent sites. Workers at a prison-like cyber-scam sweatshop on the Myanmar-Thai border, Hodge revealed, were being taught about Australian culture and social media use of Facebook, WhatsApp and dating sites.
In an important step, social media giants such as Facebook will have to answer for fraudulent or criminal scam content published on their platforms, and potentially pay compensation to scam victims, under new legislation to be introduced in July. Financial Services Minister Stephen Jones told Hodge social media platforms had to do a “much better job of removing unlawful, criminal and fraudulent content on their websites”. “Right now they are making advertising revenue out of that (fraudulent and criminal content),” he said.