Why AI Is the Best Defense Against

AI-Enabled Fraud Attacks

Christophe Van de Weyer, CEO, Telesign,
on Fighting AI With AI
Artificial intelligence has enabled cybercriminals
to refine their tactics and modify fraud and
cyberattack tools, but the same technology
now presents itself as the best defense against
automated cyberattacks in various forms, said
Christophe Van de Weyer, CEO, Telesign.

The arrival of generative AI technologies such

as ChatGPT has driven a 1,300% rise in phishing
and made such attacks qualitatively better, said
Van de Weyer. “They are getting much more
sophisticated. Gone are translation errors; gone
are grammar errors. So, they do it much better
than I talk now - and at a greater scale. That’s
definitely one of the key threats we’re seeing now.”

He said artificial intelligence has also helped cyber

Christophe Van de Weyer
defenders track threats and identify anomalies
round-the-clock and with greater precision - Van de Weyer has extensive experience in

whether in tracking digital fraud, fraudulent login
attempts or data leakages. “We believe that we
have to use AI to fight AI. AI is a cybersecurity
worker that never sleeps,” he said.
information and communication technologies,
including an eight-year stint as part of Bain &
Company’s telecom and technology practice
leadership team and as managing director of
Benelux, where he oversaw the growth of seven
ICT subsidiaries.

In this video interview with Information Security

Media Group at RSA Conference 2024, Van de
Weyer also discussed:

• How to tackle the threat of deepfakes;

• How enterprises should protect themselves
from digital fraud;
• Why an omnichannel API-based identity
verification platform works best for enterprises.

Why AI Is the Best Defense Against AI-Enabled Fraud Attacks 2

“Getting a handle on deepfakes will be key to having
fair elections. We pay a lot of attention to investing
in how to label and block deepfakes, but we don’t
pay a lot of attention to the distribution platforms of
IT social media accounts.”
Telesign’s Mission
Tom Field: What are your immediate goals as the
new CEO at Telesign?
Christophe Van de Weyer: Our mission at
Telesign is to make the digital world a safer
place. With all the cyberattacks and threats out
there, we have a lot of work to do to offer fraud
protection solutions to our customers across the
entire customer journey.
Top Fraud Trends
Field: With the advent and adoption of generative
AI and the evolution of deepfakes, what are the
fraud trends that most have your attention?
Van de Weyer: A couple of them really stand out.
The first one is phishing emails and text. We see a
proliferation of them across the board, and that’s
driven by gen AI and the arrival of ChatGPT.
When we look at the statistics, it’s a 1,300%
increase in phishing emails. They are getting much
more sophisticated. Gone are translation errors;
gone are grammar errors. So, they do it much
better than I talk now - and at a greater scale.
Why AI Is the Best Defense Against AI-Enabled Fraud Attacks
The second one is multifactor authentication.
It’s still not a standard, and that’s striking because
multifactor authentication was not active in
99% of digital intrusions. And it’s not enough to
activate it. You have to train your employees to
work with it. For example, there was a big fraud
case very recently where fraudsters called the
IT desk to reset the multifactor authentication
devices or reset the password.
The third one is that half of companies are cutting
staff related to security or cybersecurity defense.
That is striking to me because the impact of fraud
on companies is about $6 trillion a year. That’s the
size of the third-biggest economy in the world.
Deepfakes and the Upcoming Elections
Field: What have you learned about deepfake
distribution in disrupting the delivery chain?
Van de Weyer: Deepfake is an important point
because seven of the world’s 10 largest countries
will go to the polls this year. Getting a handle on
deepfakes will be key to having fair elections.
We pay a lot of attention to investing in how to
label and block deepfakes, but we don’t pay a
3
lot of attention to the distribution platforms of IT
social media accounts. A couple of measures need
to be taken there.
The first one is: High-profile journalists and
politicians need to safeguard their accounts,
because if your account is hacked, a deepfake of
a politician could be distributed through it.
That could have a tremendous impact. And it’s
not impossible. The SEC’s X account that was
hacked. Second: Social media companies need
to make MFA a standard procedure. And third:
We need to invest in digital identity solutions
and “know your customer” processes. We need
to gather more information – email, location
and other parameters – so that they can all be
triangulated to verify the customer.
Why AI Is the Best Defense Against AI-Enabled Fraud Attacks
Digital Fraud Statistics
Field: What are some highlights from the new
research Telesign is about to unveil?
Van de Weyer: The overall key message is that
customers are even more concerned about
cybersecurity and digital fraud than they were a
few years ago. And on top of that, when they get
hacked or have digital fraud, they put even more
the blame on the enterprise, which is normal.
Digital fraud is real. Of those we surveyed, 1 in 3
users had a telephone or digital fraud in the last
year, and 2 in 3 are more concerned about digital
fraud that they used to be. That’s a huge number.
The paradox is that half of those surveyed admit
they don’t take the measures that are required to
safeguard them.
4
They are more afraid, but they don’t take the measures. That’s because
they put the responsibility on the enterprise side or on the platform or
a digital player. And when they then get digital fraud, it hampers the
brand. They become detractors and proliferate negative information
about the attack, and that has a huge brand impact. So, the digital
players and the enterprises need to protect themselves to safeguard
their brand.

Telesign’s Verify API

Field: What is the new product Telesign is launching?

Van de Weyer: Verify API. We are very excited about it because

verification is the first step when you create an account or do an account
reset. It is important to verify the identity. That has been done in a
traditional way through the one-time passcode that we all received
through SMS. But enterprises are getting a bit frustrated. The prices of
SMS are going up, and they are volatile, so users look at other channels.

With Verify API, with one API, we give the opportunity to use seven
different channels. It can be SMS, WhatsApp, RCS, Viber, Silent Verify,

Why AI Is the Best Defense Against AI-Enabled Fraud Attacks 5

 “We believe that we have to use AI to fight AI. AI is a
cybersecurity worker that never sleeps. It is constantly
analyzing signals, and we try to make those signals as
broad as possible.”

email or push notification. There is a broad range of channels. And we

can use the best channel for the customer, according to their preference
or where the cost is best for that country. That’s powerful.

There are two types of channels I’m excited about: WhatsApp, Viber and
RCS are end-to end-encrypted. And you have verified check marks so
that you know that the sender is the enterprise you want. And Silent
Verify does not require any manipulation of passcodes that you have
to transfer. It all happens in the background, so that’s very smooth. We
are also investing in a smart routing engine to analyze with AI the best
channel for a customer based on the customer segment or preference.

Fighting AI With AI

Field: How is Telesign helping customers fight AI with AI?

Van de Weyer: We believe that we have to use AI to fight AI. AI is a

cybersecurity worker that never sleeps. It is constantly analyzing signals,
and we try to make those signals as broad as possible. At Telesign, we
started with the phone number and expanded to include email, usage
patterns, IP address – scanning the dark web to see if there were data
leakages around that customer. AI and machine learning allow us to
analyze the patterns across all those data and come up with a risk
recommendation and say whether there should be more friction in the
login process. Our dream is to make the login process or account setup
process as easy as possible – but to add friction when it’s a risky profile or
a fraudster.

Why AI Is the Best Defense Against AI-Enabled Fraud Attacks 6

 About ISMG
Information Security Media Group (ISMG) is the world’s largest media organization devoted solely to
information security and risk management. Each of our 36 media properties provides education, research
and news that is specifically tailored to key vertical sectors including banking, healthcare and the public
sector; geographies from North America to Southeast Asia; and topics such as data breach prevention,
cyber risk assessment and fraud. Our annual global summit series connects senior security professionals
with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

(800) 944-0401 • sales@ismg.io

902 Carnegie Center • Princeton, NJ • 08540 • www.ismg.io