McAfee’s predictions for 2025 highlight emerging threats that consumers may encounter as cybercriminals exploit advanced AI technology. From hyper-realistic deepfakes and live video scams to AI-driven phishing, smishing, and malware attacks, these predictions reveal how cybercriminals are using AI-powered tools to craft increasingly sophisticated and personalized cyber scams.
“As AI continues to mature and become increasingly accessible, cybercriminals are using it to create scams that are more convincing, personalized, and harder to detect,” said Abhishek Karnik, Head of Threat Research, McAfee. “From deepfakes that blur the line between real and fake to AI-driven text message, email, social, and live video scams, the risks to trust and safety online have never been greater.”
Scammers are using artificial intelligence to create highly realistic fake videos or audio recordings that pretend to be authentic content from real people. As deepfake technology becomes more accessible and affordable, even people with no prior experience can produce convincing content. With easy-to-use AI tools and accessible tutorials, scammers are finding it easier than ever to manipulate trust and deceive people in digital interactions..
AI is giving cybercriminals the ability to easily create more personalized and convincing emails and messages that look like they’re from trusted sources, such as banks, employers, or even family members. They can craft these scams quickly and with precision, making them more difficult to detect and increasing their success rate. As AI tools become more accessible, these types of attacks are expected to grow in sophistication and frequency.
Hidden dangers in your pocket
Scammers are increasingly embedding harmful software into apps that appear legitimate, often targeting apps downloaded from unofficial sources. With the growing reliance on mobile apps, the opportunities for exploitation are growing rapidly. These malicious apps can disguise themselves as harmless tools, games, or even productivity aids, making it easier for hackers to trick unsuspecting consumers.
As cryptocurrency values climb and hype around the alternative currency increases, scammers are zeroing in on consumers’ digital wallets with fake investment schemes, phishing attacks, and malware designed to steal wallet keys, sell bogus crypto investments, or “pump and dump” – when scammers trick others into buying a cryptocurrency by hyping it up to inflate its price and then sell their shares for a profit when the price is high – causing the value to crash and leaving other investors with worthless assets.
The decentralized nature of cryptocurrency, while appealing to users, also makes it nearly impossible to recover stolen funds, further enticing cybercriminals to exploit this space. With new malware capable of intercepting transactions or using AI to target victims more effectively, these scams are expected to grow in sophistication.
As contactless payments become increasingly popular, scammers are finding new ways to exploit vulnerabilities in Near Field Communication (NFC) technology. They may intercept payment credentials, bypass authentication, and complete unauthorized transactions. The growing reliance on mobile wallets and tap-to-pay systems has expanded the potential for these attacks, making them an attractive target for scammers.
The rising demand for weight-loss drugs like Ozempic and other expensive or hard-to-find health treatments has opened the door for scammers to sell counterfeit or unsafe products. With more people turning to online pharmacies and social media ads for convenience, scammers are exploiting this trend. Falling for these scams can result in financial loss, or worse, harmful side effects from counterfeit or unregulated medications.
Scammers send fake invoices to steal payments
Scammers are increasingly sending fake invoices or impersonating customer service representatives to steal payments or personal information. As payment platforms like PayPal, Venmo, and others grow in popularity, cybercriminals are finding more opportunities to exploit these systems with convincing schemes. Falling these scams can result in financial loss and compromised personal information.
Not only can scammers use AI-powered tools to create deepfake videos, but they’re also now able to impersonate people during live video calls. Tools like DeepFakeLive.ai make this technology accessible, enabling bad actors to mimic facial expressions and voices with great accuracy, increasing the believability of these scams.
Scammers are increasingly embedding malicious code into popular software or app updates, a tactic that allows them to infect millions of devices in one fell swoop. The increased reliance on third-party code and AI-assisted development tools is making these types of attacks more frequent and harder to detect, which poses significant risks to both consumers and businesses.
The consequences of this type of attack can be severe; updating a favorite app might unknowingly install malware that compromises your personal data or device security.
Cybercriminals are using AI-powered tools to create smarter, more adaptive malware that can increase its effectiveness. Advanced tools like OCR (Optical Character Recognition) technology – which scans images or documents and turns the text in them into editable and searchable digital text – can now extract sensitive information, such as cryptocurrency wallet keys, directly from screenshots or documents.
As AI capabilities grow, so does the sophistication of these threats, making them more effective and dangerous.