Cyber Monday is the ultimate digital shopping event. But this year, the stakes are higher than ever — and it is all due to artificial intelligence (AI).
While 2024’s online holiday sales have already surged north of $10 billion, there’s a different, more nefarious surge happening in the background as cybercriminals load up their arsenal of AI-powered scams and frauds.
And the AI driven escalation of the cyber threat landscape has kept some of the biggest companies on earth on their toes. CJ Moses, Amazon’s chief information security officer (CISO), said that over the past six months alone, the eCommerce giant has seen hacking attempts increase over seven-fold from 100 million to 750 million per day.
The reason? Moses reports that it’s in large part due to AI. That’s because as businesses focus on sales and operations this holiday season, cybercriminals are leveraging advanced AI tactics to exploit vulnerabilities at unprecedented speed and scale.
The rise in cyberthreats is not unique to Amazon, either. Financial institutions like JPMorgan have also reported substantial increases in hacking attempts, with the bank observing tens of billions of attempts daily, an attack volume that has doubled year over year.
From spear-phishing campaigns to fake vendor portals, malicious actors are targeting companies with precision-crafted attacks that can disrupt operations, compromise sensitive data, and erode customer trust.
Read more: As AI Advances, So Do Cyber Threats on Commerce
In the past year alone, AI-driven cyberattacks have escalated in sophistication. Traditional threats like phishing and malware have been supercharged by AI, enabling hackers to create more realistic emails, counterfeit supplier websites and fraudulent payment portals. Unlike consumer scams, these attacks often aim for larger payoffs, targeting financial data, intellectual property and enterprise systems.
An October report from ChatGPT maker OpenAI revealed that fraudsters are using the company’s AI systems to create malware and conduct cyberattacks. One group even targeted OpenAI directly with tactics leveraging the company’s own products.
“The barrier for entry has never been lower for threat actors,” Discover® Global Network Chief Information Security Officer Sunil Mallik told PYMNTS in July.
Among the key cyber risks facing businesses include AI-powered phishing, fake vendor portals, ransomware and compromised supply chains.
Thanks to advances in AI, tailored phishing emails that mimic trusted suppliers, partners or internal employees are increasingly hard to detect while becoming increasingly easier to deploy at scale. These messages often exploit urgency or routine payment processes to trick recipients into sharing credentials or approving fraudulent transactions.
Similarly, it is becoming easier for cybercriminals to deploy AI and replicate supplier websites or B2B platforms, luring businesses into making payments to fraudulent accounts or downloading malware disguised as invoices or contracts. And perhaps most crucially, AI is enabling the automation of ransomware campaigns, increasing their frequency and reducing the detection window. Once inside, these attacks can paralyze enterprise operations.
Taken together, these threat vectors are exposing and targeting weak links in B2B supply chains, using small vendors or subsidiaries as entry points to breach larger enterprises.
Read more: As Supply Chains Go Digital, Cybersecurity Must be Strongest Link
For businesses, the consequences of a cyberattack go beyond financial losses. Downtime, reputational damage, and disrupted partnerships can have long-term impacts. Against the dynamic threat backdrop, there’s a growing need for continuous advancements in defense mechanisms to protect against increasingly sophisticated attacks.
After all, AI isn’t just reserved for scammers. Businesses are embracing modern technology too as they look to fight fire with fire. That’s why it’s important for B2B firms to ensure their e-commerce or procurement platforms meet the latest security standards, including encrypted transactions and compliance with global cybersecurity frameworks.
For B2B firms, automated accounts payable (AP) and accounts receivable (AR) systems are also proving to be key in helping to flag unusual payment requests or changes in vendor account details.
“In the past, you might only notice fraud after it happened — like when a check was forged or money was sent to the wrong place,” Chris Wyatt, chief strategy officer at Finexio, told PYMNTS. “Now, AI tools can prevent fraud before it happens by identifying suspicious activity in real time.”
But to get to those benefits, businesses must first embrace AP modernization. Research from PYMNTS Intelligence and Finexio underscores the scale of the issue, showing that 36% of businesses have yet to automate any part of their AP processes.
Ultimately, by prioritizing proactive defenses, leveraging AI-driven cybersecurity solutions, and fostering a culture of vigilance, businesses can work to outsmart cybercriminals and safeguard their operations.