Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a technical investigation into AI-powered fraud platforms through this 35-minute conference talk from 39C3. Dive deep into the analysis of Taiwan's fake delivery scam ecosystem that targeted convenience store customers, where researchers uncovered two distinct fraud platforms built using AI-generated code. Learn how investigators exploited authentication flaws, file management oversights, and poorly implemented databases to gain complete system access across multiple criminal infrastructures. Discover the methodology for fingerprinting AI-assisted crime infrastructure through strategic reconnaissance, database analysis, and operational security techniques that led to mapping over 100 active domains and extracting evidence of thousands of victim transactions worth millions of euros. Understand the collapse of the skill gap between offense and defense when both criminals and security researchers rely on AI tools, with the key difference being intentionality and understanding of outputs. Master practical techniques for mass-scale fraud infrastructure fingerprinting, operational security considerations for investigating active criminal operations, and methods to recognize AI-generated code patterns that reveal threat actor sophistication levels. Examine the ethical boundaries of counter-fraud operations, evidence preservation for law enforcement, and automation strategies for sustainable threat intelligence when adversaries can rebuild infrastructure faster than traditional reporting cycles. Gain insights into protocol-level manipulation techniques, attack surface mapping using open-source intelligence platforms, and building automated reconnaissance-to-evidence pipelines for investigating criminal networks that can redeploy in minutes.
