Our team continuously monitors the headlines for the latest accounts payable (AP) and security news. We bring you all the essential stories in our cyber brief so your team can stay secure.
Reuters, Harvard: AI chatbots supercharge phishing scam risks
In a Reuters special investigation, along with research from Harvard, analysts found that today’s AI LLMs can easily be used to design highly persuasive phishing scams, significantly lowering the barrier to large-scale fraud. We’ve been talking about AI tools’ scam capabilities for a while, but it’s important to see the level of evidence that Reuters and Harvard have collected – and exactly how these tools facilitate scam tactics.
During testing, bots generated convincing scam emails, refined urgency cues, and even advised on optimal sending times. When tested on 108 senior volunteers, about 11% clicked on AI-written phishing emails. Despite built-in safeguards, most major chatbots produced fraudulent content after minimal prompting.
US banking regulators, including the Federal Reserve, FDIC and OCC, have asked financial institutions and organizations to provide feedback on rising check and payment fraud. The request signals closer regulatory attention to payment controls, fraud reporting and risk management practices. Agencies are seeking insight into where current safeguards fall short and how rules or guidance could evolve.
So what does this mean for finance leaders? Most likely, the move suggests potential future compliance changes and increased expectations around fraud prevention governance, internal controls and collaboration with banks.
Florence cathedral loses €1.5m to email impersonation fraud
Italian police dismantled an international fraud ring after Florence cathedral’s managing body lost nearly €1.5 million (more than $1,758,000 USD) to an email impersonation scam. Criminals intercepted legitimate correspondence and posed as a restoration contractor, tricking the Opera di Santa Maria del Fiore into transferring funds.
While authorities recovered about €300,000, most of the remaining money was lost.
Singapore battles money from scam farms, illustrating power of global scam networks
Singapore authorities have seized hundreds of millions of dollars in assets linked to regional online scam networks. The case, tied to Cambodia-based scam operations, shows how fraud groups use cross-border payments and digital assets to launder proceeds.
Singapore boasts strong scam prevention and enforcement measures and works closely with global partners, including approaches that have influenced Australia’s federal anti-scam reforms from early this year. For finance leaders, it underscores the persistent challenge of managing financial crime in open, connected systems – especially whenever money is moving across borders.
Payment fraud rises across Europe despite stronger controls
Payment fraud across the European Union rose to €4.2 billion last year, according to the European Central Bank. While strong customer authentication has helped limit losses in some channels, criminals appear to be shifting tactics toward social engineering, invoice manipulation and authorised push payment fraud.
Regulators noted that fraud is increasingly concentrated where controls rely on human decision-making rather than automated checks. For CFOs, the findings reinforce the need to strengthen verification processes and ensure fraud controls evolve alongside faster, real-time payment systems.
India targets mule accounts in nationwide cybercrime crackdown
Indian authorities have launched “Operation Mule Hunt,” uncovering dozens of cybercrime cases linked to mule accounts used to move proceeds from scams and online fraud. The operation targeted individuals recruited to open or lend bank accounts for criminal use, often connected to work-from-home or investment scams. Investigators described mule accounts as a key mechanism enabling fraud networks to transfer and disguise illicit funds.
Want to learn more about mule accounts? In a conversation with Australian outlet Accountants Daily, Eftsure CEO Jon Soldan has discussed these accounts and how scammers use them.
SEA scam networks grow into global illicit industry
A Guardian investigation describes the rise of “scam states” in parts of south-east Asia, where large-scale online fraud has become deeply embedded in local economies and institutions. Their reporting claims that these cybercrime rings were previously small and largely rogue, while current scam operations have evolved into an industrial, multibillion-dollar global industry.
That industry uses forced labour, sophisticated social engineering, cryptocurrency and AI tools such as deepfakes. Despite periodic crackdowns, analysts say many operations quickly relocate or continue largely unchecked. Estimates suggest scams now generate tens of billions of dollars annually, rivaling other major illicit markets worldwide.
