AI cybercrime surges as UK loses GBP £100 million to new scams

New research indicates a significant rise in AI-powered cybercrime, with scammers deploying advanced tactics such as deepfake technology and automated phishing websites to target individuals and businesses.

Norton, a Cyber Safety brand within Gen, has reported that tens of thousands of AI-generated scam websites are created each month. According to data from UK Finance, nearly GBP £100 million was lost to investment scams in the first half of 2025, much of it driven by AI deepfake videos that enhance the credibility of fraudulent schemes.

AI and deepfake-driven scams

The research highlights five principal ways scammers have used AI and deepfakes in 2025. These include deepfake voice cloning, where scammers create urgent calls that replicate a victim's family member's voice; AI-powered phishing sites, sometimes called "VibeScams", that visually emulate real brands; AI romance scams using chatbots and deepfake videos; a new generation of business email compromise tactics with cloned executive voices or faces; and fake celebrity endorsements, including deepfake videos of public figures promoting fraudulent investments.

The Q3 Gen Threat Report underscores these changes, noting substantial increases in certain scam categories targeting UK consumers. Invoice scams rose by 222%, tech support scams by 114%, and "scam-yourself" attacks-where individuals are manipulated into facilitating their own fraud-surged by 109%.

AI-built phishing factories

A core trend identified in the current quarter is the rise of AI-generated phishing sites-sophisticated web pages created in minutes that closely mimic legitimate businesses. Since January 2025, Gen has identified and blocked over 140,000 such websites, with sustained high levels of activity in the third quarter of the year. The United States, France, Brazil, and Germany have been noted as key targets.

These phishing attempts often start with deceptively authentic messages, such as fake delivery or payment notifications, prompting individuals to enter their payment details on a false site. The ease and efficiency with which criminals can now mass-produce convincing fake websites amplify the risks to personal and financial security.

Increase in breach incidents

Data breaches also experienced a marked increase, up 82% quarter over quarter. Attackers are focusing on high-value data; 83% of reported breaches contained passwords, representing a move away from breaches of basic contact information. This strategy is reflected in the pattern of identity misuse detected by Gen, where payday loans accounted for nearly a third of all financial identity theft attempts, alongside fraudulent credit card applications and unauthorised bank account updates.

Text scams and digital tracking

Text message fraud has grown in both scale and sophistication, fuelled by automated and AI-enhanced messages that are crafted to appear legitimate. Analysis by Gen Threat Labs found that the top five types of malicious SMS campaigns-including fake job offers, refund requests, and investment pitches-accounted for over a quarter of all the text-based scams monitored.

Gen's data also points to an evolving landscape for digital privacy. Despite increased efforts by consumers to protect themselves, such as clearing cookies and using privacy software, the use of device fingerprinting remains widespread. Gen's products have blocked an average of 247 million tracking attempts each month, with 37 million digital fingerprints identified monthly. These trends have prompted ongoing discussions in the UK and EU on the merits and drawbacks of encrypted communications, particularly the impact of potential backdoors that might affect data security.

Support for individuals and businesses

Cyber safety solutions continue to play a role in efforts to counter these threats. Gen researchers recently developed a free decryption tool for victims of the Midnight Ransomware strain, allowing affected parties to recover their data without making payments to cybercriminals. This development may be especially significant for small businesses and individuals who are especially vulnerable to ransomware disruptions.

"AI has changed the scale and speed of cybercrime. It is being used to mass-produce scams, tailor ransomware, and target people with precision we have never seen before. Our mission is to stay one step ahead, using AI for protection rather than deception, and to bring real-time defense to every moment people live and work online," said Siggi Stefnisson, Cyber Safety CTO at Gen. 

UK threat landscape

In the UK, malvertising remains the most prevalent threat, with deceptive online pop-ups luring users to download harmful files or visit fraudulent sites. Scams, particularly those involving invoices or technical support impersonations, have also surged. "Scam-yourself" attacks, including the rise of fake scan scams in which users are manipulated into enabling an attack themselves, increased by 23%.

Continued vigilance and education are being emphasised as key tools for individuals seeking to avoid exploitation. Gen's suite of cyber protection products, including scam detection features in Norton and Avast offerings, aim to support consumers in navigating the increasingly sophisticated landscape of cyber threats.