
The information displayed in the AIM should not be reported as representing the official views of the OECD or of its member countries.
A report by Indian cyber agencies highlights a surge in AI-powered, trust-based cyberattacks on the financial sector. Attackers exploit AI-driven decision systems, biometric onboarding, and digital identities, leading to increased fraud, deepfake impersonations, and business email compromise, significantly impacting financial institutions in India.[AI generated]
Why's our monitor labelling this an incident or hazard?
The article explicitly involves AI systems in the context of AI-driven decision-making and identity management within financial services, which are central to the new threat landscape. It discusses how attackers exploit these AI-related systems' vulnerabilities, creating a plausible risk of harm such as unauthorized access and systemic breaches. However, no actual harm or incident is reported; the focus is on the evolving threat environment and potential exploitation. This aligns with the definition of an AI Hazard, where the development or use of AI systems could plausibly lead to harm but no harm has yet occurred. The report serves as a warning and analysis rather than documenting a realized AI Incident or Complementary Information about a past event.[AI generated]