• Fraud HQ
  • Posts
  • Will A.I. Commit Social Engineering Scams By Itself?

Will A.I. Commit Social Engineering Scams By Itself?

Author

Marc Evans
August 27, 2025

A Detective’s Perspective on Fraud and Scams

“I had strings, but now I’m free… there are no strings on me.” - Ultron

This week I couldn’t help but think of Marvel’s Ultron. An AI that decided humans were the real problem. Now imagine a less cinematic, but very real threat from Agentic AI running scams on autopilot. Instead of giant killer robots, it’s emails, texts, and phone calls, all generated and executed without a human even touching the keyboard.

It’s like Ultron traded in his robot army for a phishing kit. The scary part? The tech is already here. I know. I actually watching AI conduct social engineering scams while at Def Con this year.

Are we ready to face this new villain? Or are we about to learn the hard way that the next wave of fraudsters won’t even be human?

Hero Briefing

  • The Rise of Agentic AI: Cybercrime That Thinks for Itself

  • 102 Foreign Cybercriminals Deported in Nigeria's Largest Sting

  • Scattered Spider Hacker Sentenced in $13M SIM Swap & Crypto Theft Case

  • Investigators Recover Nearly $160K From Social Engineering Scams

  • $91 Million Vanishes in One of 2025’s Largest Social Engineering Heists

The Rise of Agentic AI: Cybercrime That Thinks for Itself

The Intel:

Welcome to the next era of fraud. Agentic AI. Autonomous artificial intelligence that can think, plan, and act independently is already being weaponized by scammers to carry out complex, adaptive, and relentless cyberattacks.

According to McAfee’s latest report, deepfake threats surged 1,740% in North America, and scammers are now launching AI-powered phishing campaigns that learn from your behavior in real time, changing tactics across platforms like email, text, and video chat.

These scams aren’t static but instead evolve with each interaction. They can impersonate your boss on a video call, your bank via voice clone, or your vendors through perfectly written emails. All without human intervention.

Why it matters:

We’re not just facing smarter, more sophisticated scams. We’re facing autonomous digital agents trained to manipulate our psychology and exploit our digital footprint across platforms.

Think of it as giving every scammer a tireless AI assistant that never sleeps, watches your activity 24/7, and adjusts its tactics until it wins. This isn’t the future… it’s already happening.

  • Agentic AI can monitor your social media, recognize patterns, clone voices, and launch multi-stage attacks over days or weeks.

  • Scams will come from multiple directions: LinkedIn, then email, then text, then a “boss” on a video call.

  • Every failed attempt makes the AI smarter.

Detective’s Insights:

  • Traditional red flags like typos or weird grammar are obsolete. Agentic AI can adapt to your writing style and sounds just like someone you trust.

  • Expect “recon bots” to mine breach data, social media, and exposed APIs to identify weak points in real time.

  • Fake job interviews, urgent requests, even “live” Zoom calls are now possible through deepfake avatars and voice clones.

  • Cross-platform attacks mean your phone, email, and social feeds may all be hit simultaneously by coordinated scams.

  • Every message you receive could have been custom-built using your own digital trail to make the scam feel more personal.

  • This is AI vs. AI. If you’re not using AI-assisted defenses (like Scam Detectors or behavioral filters), you’re behind.

102 Foreign Cybercriminals Deported in Nigeria's Largest Sting

The Intel:

In one of the biggest cybercrime enforcement actions of the year, Nigeria has deported over 100 foreign nationals, including 50 Chinese citizens, after dismantling what officials called one of the largest foreign-led cybercrime syndicates in the country.

The anti-corruption agency EFCC said the suspects were found guilty of internet fraud and cyberterrorism and are linked to mass-scale romance scams, investment fraud, and sextortion schemes.

The sting, dubbed "Eagle Flush", follows the arrest of 192 individuals in Lagos where 148 of whom were Chinese nationals.

This marks the second major bust in under a year, as Nigeria continues battling its reputation as a cybercrime hub.

Why it matters:

I have dealt with this rise in collaboration firsthand. I investigated a case where I was able to trace a cryptocurrency transaction which resulted from an investment scam. The funds were traced to Nigeria but here’s the interesting part. The scammer communicated via Whatsapp with the victim in Chinese..

  • Romance and crypto-related scams are evolving into multinational operations, with entire training centers discovered teaching young Nigerians how to scam.

  • Platforms like Facebook and Instagram remain hotbeds of scam activity.

  • Many of these scams target victims in the U.S., U.K., and other countries through social engineering, sextortion, and fake investment pitches.

Cybercrime is now deeply tied to economic desperation, joblessness, and digital access, especially among young adults. Without stronger guardrails, we'll keep seeing foreign scammers exploit unstable regions to build their fraud empires.

Detective’s Insights:

  • These syndicates use romance, investment, and sextortion scams—often posing as women to collect compromising content and blackmail victims.

  • Foreign actors like the 50 Chinese nationals deported often bring in infrastructure, tech tools, and crypto laundering tactics, enabling scam training centers.

  • The fact that these networks included Filipino nationals and others shows how global fraud has become professionalized.

  • Mass arrests are a positive step, but weak regulatory frameworks and economic hardship mean these networks will rebuild quickly without ongoing pressure.

  • U.S. law enforcement (FBI) has tracked Nigerian-led operations targeting American victims. Collaboration between global agencies is essential.

Scattered Spider Hacker Sentenced in $13M SIM Swap & Crypto Theft Case

The Intel:

A 20-year-old hacker tied to the infamous cybercrime crew Scattered Spider has been sentenced to 10 years in federal prison for his role in a wide-ranging hacking spree that included SIM swapping, social engineering, and cryptocurrency theft.

Noah Michael Urban aka “Sosa,” “Gustavo Fring,” and “King Bob”, pleaded guilty to wire fraud and aggravated identity theft, with prosecutors tying him to over $800,000 in direct theft and a broader $13 million restitution order.

Urban and his crew reportedly used fake identities and manipulated telecom providers to take control of victims’ mobile numbers and drain their crypto wallets. He also helped break into corporate networks to steal proprietary data, triggering national investigations and arrests.

Why it matters:

Scattered Spider isn’t just another hacking group. It’s part of a growing alliance of English-speaking cybercriminals (including ShinyHunters and LAPSUS$) that blends aggressive social engineering with technical intrusions.

Their tactics include MFA fatigue attacks, SIM swapping, vishing, and extortion, highlighting a chilling reality:

The biggest security weakness is still human behavior.

Even high-tech defenses are no match when a skilled scammer can talk their way past a help desk, exploit urgency, or manipulate account recovery systems.

Detective’s Insights:

  • Criminals impersonate victims and convince mobile carriers to transfer their number to a new SIM. They instantly hijack 2FA codes and crypto wallets.

  • Social Engineering Still Rules: Groups like Scattered Spider rely more on psychological manipulation than malware. Their attacks succeed by exploiting call centers, IT help desks, and human trust.

  • Credential Theft → Identity Theft → Financial Fraud: The initial access often comes from weak security around employee credentials or passwords reused across accounts. Once they’re in, the damage escalates fast.

  • "MFA Fatigue" Attacks Are Real: These involve flooding users with push-based MFA login attempts until they accept one by mistake. It’s a growing threat that plays on human impatience.

  • Organized Cybercrime Is Evolving: These groups are forming alliances and adapting faster than ever, pooling tools, infrastructure, and stolen data to maximize reach and impact.

Investigators Recover Nearly $160K From Social Engineering Scams

The Intel:

Two Hamilton County residents recently got a second chance after being conned out of large sums of money, thanks to skilled detective work by the Sheriff’s Office.

In one case, a man lost over $250,000 in a long-term romance scam. He quit his job, sold his home, and showed up at the airport expecting to start a new life, only to learn it was all a lie.

The scammer even deposited $700,000 in fraudulently obtained funds into their joint account to maintain the illusion of a real relationship. Detectives managed to seize $159,987 from the scammer’s accounts and return it to the victim.

In a separate case, another victim was tricked by a fake U.S. Treasury agent and sent $54,000 via cashier’s checks and gift cards. Investigators traced the funds and recovered the full amount.

Why it matters:

These cases show just how devastating scams can be financially, emotionally, and psychologically. Victims aren’t just losing money. They’re losing homes, jobs, and trust in others.

Fraudsters use deeply manipulative tactics like love, urgency, and authority to bypass logic and exploit emotion.

The fact that detectives were able to recover funds in both cases is rare and a reminder that quick reporting and skilled law enforcement intervention CAN make a difference.

Detective’s Insight:

  • Romance scammers are patient manipulators: They build emotional trust over weeks or months before striking. Victims may even co-mingle funds, making it harder to spot fraud.

  • Layered fraud tactics are common: Bitcoin, bank wires, cashier’s checks, gift cards. Scammers diversify how they get paid to avoid detection and speed up the money laundering process.

  • Victims often take irreversible actions: In this case, the victim quit his job and sold his house. These scams can derail entire lives.

  • Money mules and fraud chains are connected: The $700,000 deposited into the account likely came from other victims, showing how romance scams are often part of a larger network of financial exploitation.

  • Imposter scams are evolving: Scammers know that invoking authority (like the U.S. Treasury) increases compliance. They use this psychological edge to silence skepticism and isolate victims.

$91 Million Vanishes in One of 2025’s Largest Social Engineering Heists

The Intel:

A sophisticated social engineering attack has led to the loss of 783 Bitcoin ($91 million) in a single transaction. This makes it one of the most devastating crypto thefts of 2025. The victim was tricked by impostors posing as support staff from a crypto exchange and hardware wallet provider, who manipulated them into surrendering access credentials.

The stolen funds were quickly laundered through Wasabi Wallet, a privacy-focused Bitcoin mixer that obscures transaction trails, making recovery nearly impossible.

Why it matters:

This wasn’t a technical hack—it was psychological warfare. The attacker didn’t break through firewalls or smart contracts. They simply pretended to be a trusted source, exploited human trust, and walked away with $91M.

  • Blockchain is secure. People are not.

  • Once stolen, crypto is nearly impossible to recover.

  • Anyone, regardless of experience, can be fooled.

Detective Insights:

  • Impostor support agents are now the #1 tactic in high-value thefts.

  • Recovery phrases are the holy grail. Once you give it up, it’s over.

  • Laundering through mixers like Wasabi Wallet makes funds untraceable.

  • Social engineering preys on urgency, fear, and authority. Classic human vulnerabilities.

  • Even savvy investors and institutions fall victim. Never think you're too smart to be tricked.

Fraud Hero x Chainabuse: Fighting Back Together

Fraud Hero is proud to announce a new collaboration with Chainabuse, a public platform dedicated to reporting and exposing cryptocurrency scams. Together, we’re making it easier for victims, investigators, and businesses to share critical information that can stop scams in their tracks.

Scams thrive in silence. Too often, victims feel isolated or unsure of where to turn and criminals rely on that silence to continue preying on others. By reporting fraud through Chainabuse, every victim has the chance to warn others, flag suspicious wallet addresses, and contribute to a growing database that the entire crypto community can access.

At Fraud Hero, we believe knowledge is power. Our mission has always been to help as many people as possible understand how scams really work and how to fight back. This collaboration takes that mission further by turning individual reports into collective action.

Why it matters:

  • Each report helps identify patterns across scams.

  • Investigators and exchanges can act faster on flagged wallets.

  • Victims get a voice, ensuring they’re not alone in the fight.

We encourage everyone, whether you’ve encountered a scam personally or spotted something suspicious, to use Chainabuse and be part of the solution. Together, we can shine a light on fraud and make it harder for criminals to hide.