AI driving rapid rise in sophisticated scam emails: Eftsure

White-collar criminals have been targeting corporations through impersonation scams via email or phone for years; however, advancements in AI technology mean that greater company oversight and training are more critical than ever, the chief technology officer of Eftsure has warned.

According to the ACCC, $334.9 million was lost to scams in 2025. Information services company, Experian ANZ, found that among the 1,300 consumer respondents in its February survey, one in two (56 per cent) reported experiencing online fraud or identity theft.

Eftsure chief technology officer David Higgins (pictured) told Accounting Times that the risk of fraud businesses are experiencing via channels such as email is outstripping the risk to consumers.

Higgins has observed a rapid increase in sophistication in scam emails targeting companies, especially with the help of ready-made tools, AI, or LLMs.

“[They are also now] so much better at actually being able to get around the safeguards that we all have in there, but then also just using things like AI and other methods out there to infiltrate suppliers and then send those scam emails to companies that look really, really convincing,” he added.

With over 15 years of experience as a software developer and engineer, Higgins said that these cyber-criminals who target corporations have a good amount of information after watching over emails for a period of time. “They can then use [this information] to target those emails a lot better,” he said.

Higgins said that in addition to training, including scam identification, checks and balances, and verification, organisations can also use tools to verify bank details and ensure that phone numbers originate from reputable sources.

He warned that some verification methods are also facing breaches, including phone verification.

“It doesn’t take that much work to find the tools to fake a voice. So if it’s someone that you may be familiar with that you’ve just spoken to, said, ‘hey, I did the right thing, I rang them, I spoke to them, that was them and they were fine,’ [that is not sufficient verification, because criminal actors are] getting even more sophisticated [with] that.”

“[In terms of checks and balances], the most important thing is: are these bank details correct or are they fraudulent? Are the other accounts closed? Is this company reputable [from] the ABN and a bunch of other details? Do they all match up with who these people say they are, or is this something there that seems a bit suspicious that we might want to check out further before you actually pay for that?” he said.

For Higgins, a crucial element is for organisations to ensure that their work culture encourages speaking up. According to an Eftsure survey, only 25 per cent of workers said that they were comfortable questioning a payment request from a senior executive, and 19 per cent said that organisational hierarchy adds to this difficulty.

Higgins said that dealing with crimes of all forms shares similarities.

“There are a lot of bad people out there who would love to break into our homes, but most people fortunately don’t because we recognise that it’s a problem and we take those steps to make sure that we secure ourselves, and I think that’s the way it should be. Here is a real big problem, but you can do something about it.”