Microsoft Tackles Cyber Scams With AI-Powered Defences

Cybercriminals are weaponising AI to automate scams and create deepfakes, forcing Microsoft and cybersecurity teams to develop equally advanced cyber defences.

The democratisation of AI has triggered an escalating arms race, with criminals and defenders locked in a battle where machine learning (ML) tools are wielded on both sides.

Although enterprises are investing heavily in AI to boost cybersecurity, fraudsters are also repurposing commercial and open-source AI tools to outwit traditional security measures.

Barriers that once required extensive coding expertise have now crumbled, as individuals with minimal technical skills can exploit AI-assisted tools to launch convincing attacks.

This new environment has exposed gaps in conventional cyber strategies, highlighting the need for AI-driven defences that can match the speed and scale of these threats.

The new face of cyber scams: AI-enhanced deception

Microsoft has recorded a sharp increase in AI-enabled cyber scams, where cybercriminals use Gen AI to produce deceptive content at scale.

According to the company's Cyber Signals report, Microsoft blocked US$4bn worth of fraud attempts over the past year. The report also details the rejection of 49,000 fraudulent partnership applications and the blocking of around 1.6 million bot signup attempts every hour.

Fraudsters are now deploying a blend of deepfakes, voice cloning, phishing emails and authentic-looking websites to launch attacks with greater efficiency and believability.

AI tools can scan and scrape the internet for company information, allowing cybercriminals to build detailed profiles of employees and create targeted lures with remarkable accuracy.

Microsoft’s Anti-Fraud Team has identified China and Europe as the main origins of AI-powered scams, with Germany standing out due to its size within the European Union’s e-commerce sector.

Kelly Bissell, Corporate Vice President of Anti-Fraud and Product Abuse within Microsoft Security, explains: "Cybercrime is a trillion-dollar problem, and it's been going up every year for the past 30 years.

"I think we have an opportunity today to adopt AI faster so we can detect and close the gap of exposure quickly."

Microsoft’s cyber tools: AI at the heart of defence

In response to these cyber threats, Microsoft has fortified its cybersecurity portfolio with AI-led tools and enhancements across its platforms.

Microsoft Defender for Cloud now offers vulnerability assessments and threat detection across Azure virtual machines, container registries and endpoints.

Meanwhile, Microsoft Edge has been upgraded with deep learning-based typo protection and domain impersonation protection to prevent users from inadvertently visiting fraudulent sites.

Edge also features a machine learning Scareware Blocker designed to stop fake pop-ups claiming system compromise.

Kelly notes: "Now we have AI that can make a difference at scale and help us build security and fraud protections into our products much faster."

Outside the browser, Microsoft's Quick Assist and Remote Help tools have seen safety upgrades to counter tech support scams.

Observations by Microsoft Threat Intelligence in April 2024 highlight Storm-1811, a cybercriminal group abusing Windows Quick Assist to impersonate IT support. These attacks primarily use voice phishing (vishing), rather than AI, to manipulate victims into granting remote access.

Microsoft blocks an average of 4,415 suspicious Quick Assist connections each day, accounting for about 5.46% of all connection attempts.

Quick Assist now includes security warnings and requires users to acknowledge risks before proceeding.

Microsoft’s Digital Fingerprinting technology underpins these efforts, analysing fraud and risk signals through AI and ML.

Potential scam sessions are automatically terminated when suspicious activity is detected, ensuring another layer of cyber protection.

Building a secure future: Collaboration and innovation

To institutionalise fraud prevention, Microsoft launched a new policy in January 2025 under its Secure Future Initiative (SFI). The policy mandates fraud prevention assessments and the integration of security controls during product development.

Microsoft has also implemented domain impersonation protection at the domain registration stage and developed AI-driven fake job detection for LinkedIn.

Enhanced typo protection in Microsoft Edge further bolsters defences against fraudulent e-commerce sites and scam job listings.

Collaboration with global partners is another critical pillar of Microsoft's strategy.

Through its Digital Crimes Unit, the company works alongside public and private sector organisations to dismantle cybercriminal infrastructures, leading to hundreds of arrests related to tech support fraud worldwide.

Furthermore, Microsoft is a member of the Global Anti-Scam Alliance (GASA), an organisation committed to sharing knowledge and coordinating anti-fraud actions across governments, consumer groups, financial bodies, social media platforms and cybersecurity firms.

Kelly explains: "If I protect Microsoft, that's good, but it's not sufficient.

"In the same way, if Apple does their thing and Google does their thing, but if we're not working together, we've all missed the bigger opportunity.

"We must share cybercrime information with each other and educate the public. If we can have a three-pronged approach of tech companies building security and fraud protection into their products, public awareness and sharing cybercrime and fraudster information with law enforcement, I think we can make a big difference."

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today. 

Cyber Magazine is a BizClik brand