AI-Generated Phishing Attacks Cause Financial Harm in Germany

The article explicitly mentions AI-generated emails, deepfakes, and voice imitations used in phishing attacks that have caused real financial harm to victims. The phishing campaign's use of AI to create convincing fraudulent communications directly contributed to the harm experienced by the individuals, including identity theft and financial loss. This meets the definition of an AI Incident because the AI system's use in the phishing attack directly led to harm to persons (financial injury) and breaches of rights (privacy and property).

The event involves AI systems generating phishing emails and deepfake voices used in active phishing campaigns that have caused direct financial harm to individuals. The article details a concrete case where AI-enabled phishing led to a large financial loss, fulfilling the criteria for an AI Incident due to harm to persons and property. The AI system's use in the phishing attacks is central to the harm described, not merely potential or hypothetical. Therefore, this is classified as an AI Incident.

The event involves AI systems generating phishing emails and deepfake voices used in fraudulent campaigns that directly cause harm to individuals by tricking them into revealing personal data. This constitutes an AI Incident because the AI-generated content is actively used in attacks that have already caused or can cause realized harm (identity theft, financial damage).

The article explicitly mentions AI-generated phishing emails and deepfakes used in fraud attempts, which are AI systems producing outputs that can deceive users and cause harm. While no actual harm event is reported, the warning from the data protection officer indicates a credible risk of harm from these AI-enabled attacks. This fits the definition of an AI Hazard, as the AI system's use could plausibly lead to incidents involving harm to individuals' data and privacy. There is no indication of a realized harm incident or a response to a past incident, so it is not an AI Incident or Complementary Information.

The article explicitly mentions AI-generated phishing emails and deepfakes used to deceive victims, which are AI systems influencing human behavior to cause harm. The described phishing campaigns have resulted in realized financial damages and identity theft, fulfilling the criteria for an AI Incident. The legal case confirms actual harm caused by such AI-enabled phishing attacks. Hence, this is an AI Incident due to direct harm caused by AI system use in phishing.