On this episode, we have Ted Mathew Dela Cruz, Andresito De Guzman, Asi Guiang, and Kayne Rodrigo joining us to discuss AI, fraud, and vibe-coded threats.

Cybercriminals are getting creative—using AI, social engineering, and “vibe-coded” online culture to launch new types of scams and attacks. This episode explores the strange but serious ways fraudsters operate today, and what IT professionals can do to keep ahead of the curve.

What exactly are “vibe-coded” threats, and how do they differ from traditional scams? (Generalization)

"Vibe-coded" threats are a new type of scam that leverages social engineering and a deep understanding of online culture to appear authentic and trustworthy. Unlike traditional scams that use generic, often poorly-written messages, vibe-coded threats are highly personalized and culturally aware. They mimic the language, humor, and social cues of specific online communities to build rapport and lower a victim's guard, making them much harder to detect with traditional security filters.

How is AI changing the way fraud is carried out—and how it’s prevented? (Generalization)

AI is a double-edged sword in the world of fraud. For attackers, it’s a powerful tool to create realistic deepfake videos, convincingly mimic voices, and write highly personalized phishing emails at scale. This lowers the barrier to entry for cybercriminals. However, AI is also a key tool for prevention. Machine learning models can analyze vast amounts of data in real-time to detect subtle anomalies in user behavior, identify fraudulent patterns, and block scams that would be invisible to traditional, rule-based security systems.

Can you share a recent story of a surprising scam or fraud attempt you encountered? (Generalization)

One surprising scam involves the use of AI to create fake resumes and professional profiles on platforms like LinkedIn. These "synthetic personas" can even pass initial screening tests and interviews, gaining access to a company's internal systems as a remote worker. The scammer isn't trying to steal money directly; they're trying to gain a foothold inside a company to sell access to malicious actors or deploy ransomware later. It’s a sophisticated and patient new form of insider threat.

How can everyday internet users protect themselves without becoming paranoid? (Generalization)

The key is to adopt a healthy sense of skepticism without becoming overly fearful. First, practice “digital hygiene,” which means using unique, strong passwords and multi-factor authentication on all critical accounts. Second, always verify requests for information, even if they seem to come from a trusted friend or colleague; a quick phone call can prevent a huge mistake. Lastly, stay educated on new threats, but focus on the fundamentals of smart online behavior—if something feels too good to be true or creates a sense of urgency, it almost always is.