Beware the Threat of A.I. Scams in Cybersecurity

October 2025

Martha Ward, ISSMP, CISSP
VP of Technology & Digital Experience

Cybersecurity Awareness Month is here again and serves as an important reminder that cyber-attacks don’t just target computer systems, they target people. This month we’re highlighting how artificial intelligence (AI) continues to evolve and how fraud could impact you. AI has significantly changed the look and feel of cyber-attacks over the past year, making scams more convincing, scalable, and difficult to detect. Here’s what’s changed and why it matters.

Using AI powered phishing, deepfake videos, voice cloning and impersonation tactics, attackers are becoming masters of disguise. They could potentially pose as UCU employees, law enforcement, a trusted friend and even family members. Their goal is to trick you into clicking, sharing, or transferring sensitive information.  

AI-powered phishing allows cybercriminals to create fake emails, messages, or websites that look very real. AI can mimic writing styles, generate realistic content, and even tailor messages based on publicly available information about you. This makes the scam harder to recognize and more likely to succeed.

Deepfakes are videos or audio recordings that use AI to mimic real people’s voices or faces, making it seem like they said or did something they never actually did. Voice cloning is a technology that uses AI to create a digital copy of someone’s voice, to impersonate trusted individuals or family members to trick you into sharing personal or financial information. Here are a few simple ways to protect yourself:

  • Verify the Source: If you get a call or message that seems suspicious, hang up or delete it, then contact us directly using the number on our website.
  • Post Carefully on Social Media: While those quizzes asking 50 questions about your life can be fun, they also can provide criminals with the information needed to impersonate you. Make sure you are only sharing with your friends and not posting publicly.
  • Don’t Share Sensitive Info: We will never ask for your full account number, PIN, or online banking credentials via phone, text, or email.
  • Watch for Red Flags: Be cautious of messages that use urgent language, unfamiliar phone numbers, or ask you to act quickly.  
  • Enable Alerts: Use account alerts to monitor activity and catch unauthorized transactions early.
  • Sign up for e-Statements: Switch from paper statements to e-Statements for quick, secure access to monthly statements, ensuring that sensitive account information can’t be stolen from your mailbox.
  • Use Safe Words or Verification Questions: Establish a private code word or question with family members or trusted contacts. If you receive a suspicious call, ask for the code to confirm their identity.
  • Enable Multi-factor Authentication (MFA): Even if someone has your voice or password, MFA adds an extra layer of protection that can stop them from accessing your accounts.

We’re Here to Help.

If you ever suspect fraud or receive a suspicious message, contact us immediately. Our team is trained to help you navigate these situations and secure your accounts.

Click here for more info and tips on how to protect yourself from fraud and scams.