ChatGPT's Image Generation Could Be Driving Retail Fraud 

The retail industry is already facing a huge challenge with retail fraud - and this is only set to continue as generative AI tools reach new levels of sophistication.

The recent launch of ChatGPT's enhanced image generation capabilities marks yet another significant milestone in AI development - but also one that carries some serious implications for retail security and fraud prevention.

Generative AI is of course transforming retail in positive ways such as creative workflows, content production, and business operations (as it is across all industries). However, underpinning the excitement surrounding these advancements does lie some serious concerns: the same technology available to consumers is also making fraudsters faster and even more cunning. 

The democratisation of sophisticated image generation technology, such as ChatGPT’s Image Generation, is another example of that. It has the potential to create the perfect conditions for a new wave of retail fraud - one that could make the traditional verification process redundant and not fit for purpose

How Can GenAI tools Be Used To Enable Fraud?

The latest AI image generators can create images that look like real photographs as well as imagery from simple text prompts with incredible accuracy. It can reproduce documents with precisely matching formatting, official logos, accurate timestamps, and even realistic barcodes or QR codes. 

In the hands of fraudsters, these tools can be used to commit ‘return fraud’ by creating convincing fake receipts and proof-of-purchase documentation. What makes this use even more concerning is that, unlike previous forgeries that often contained telltale signs and human errors, AI-generated fakes are much better at creating indistinguishable dupes. 

The Potential Impact Stems Far & Wide

The concerns with this new technology extend far beyond merely returning items. For example, fake proof of purchase documentation can be used to claim warranty service for products that are out of warranty or purchased through unauthorised channels. Fraudsters could also generate fake receipts showing purchases at higher values than was actually paid for - then requesting refunds to gift cards for the inflated amount. Internal threats also exist too, as employees can create fake expense receipts for reimbursement. 

This is particularly damaging for businesses with less sophisticated verification processes in place. Perhaps the scenario most concerning of all is that these tools can enable scammers to generate convincing payment confirmations or shipping notices as part of larger social engineering attacks. Of course, the financial impact is substantial - industry estimates already place return fraud costs in the billions annually, and this could significantly increase as these GenAI tools become more accessible and sophisticated.

What About The Damage To Legitimate Customers?

It's not just about the direct financial impact on retailers, but also the potential impact of a ‘seamless customer experience’ for consumers. As retailers have to implement more complex and lengthy verification processes to mitigate sophisticated fraud, honest customers could face greater friction during their returns and exchange experience.

This creates a difficult dilemma for retailers. The National Retail Federation reports that 70% of consumers say a positive return experience encourages them to continue shopping with a retailer. Yet, creating stricter return verification processes to combat risks posed by genAI will not only frustrate these valuable customers, it could also impact their brand loyalty.

Hitting Back At GenAI With AI

While ChatGPT’s image generator is the latest advancement getting attention, it’s not the first or last genAI tool with these capabilities. So, how can retailers fight back? 

The solution to these challenges doesn't lie in reverting back to manual processes or creating higher-friction customer experiences. Retailers must instead fight AI-powered fraud with AI. By examining the full customer journey rather than just the return transaction, retailers can begin to identify suspicious patterns without creating friction for legitimate customers.

Advanced AI can be used to detect subtle inconsistencies that most models, and certainly not manual reviews or rules, can spot. 

The relationship between retailers and customers has always been built on trust and today's new genAI challenge isn't all that different. The successful retailers will be the ones that work out how to strike the right balance and view fraud prevention not as a cost center but as an essential component of the customer experience.

Doriel Abrahams is Principal Technologist at Forter

Image: Ideogram

You Might Also Read: 

A New Threat To Biometric Security:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Unlocking Business Potential With Strategic IT Evaluations
Phishing Scams Put Hotel Guest Data At Risk »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Advenica

Advenica

Advenica develops, manufactures and sells innovative cybersecurity solutions for encryption and secure information exchange.

SRI International

SRI International

SRI International is a research institute performing client-sponsored R&D in a broad range of study areas including computing and cybersecurity.

herdProtect

herdProtect

herdProtect is a second line of defense malware scanning platform powered by 68 anti-malware engines in the cloud.

Custodio Technologies

Custodio Technologies

Custodio Technologies was established as a Singaporean R&D Centre of Israel Aerospace Industries (IAI) in order to spearhead R&D activities in the field of cyber early warning.

Cycura

Cycura

Cycura provide advanced, customized, and confidential cyber security services, cyber investigation services, and digital forensic services to governments, companies, and organizations.

HumanFirewall

HumanFirewall

HumanFirewall makes it possible for every individual to take part in securing their organisation. With HumanFirewall, achieving security has never been easier.

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

Swedish Board for Accreditation and Conformity Assessment (SWEDAC)

SWEDAC is the national accreditation body for Sweden. The directory of members provides details of organisations offering certification services for ISO 27001.

PeopleSec

PeopleSec

PeopleSec specializes in the human element of cybersecurity with a comprehensive set of services designed to maximize your security by educating your workforce as a whole.

RackTop Systems

RackTop Systems

RackTop Systems is the pioneer of CyberConverged data security, a new market that fuses data storage with advanced security and compliance into a single platform.

INFRA Security & Vulnerability Scanner

INFRA Security & Vulnerability Scanner

INFRA is a powerful platform with an easy interface for any kind of Ethical Hacking, from corporate monitoring and VAPT (vulnerability assessments and penetration testing) to military intelligence.

Towerwall

Towerwall

Towerwall offers a comprehensive suite of security services and solutions using best-of-breed tools and information security services.

Single Point of Contact

Single Point of Contact

Single Point of Contact is a Managed IT Services provider that helps businesses to achieve a seamless and secure IT environment.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

Ventum Consulting

Ventum Consulting

Ventum Consulting stands for digitalization, networking and agilization. We take this up on the strategic, professional and technical side and support our customers in the digital transformation.

Merlin Ventures

Merlin Ventures

Merlin Ventures is a strategic investor focused on driving growth and value for cybersecurity software companies with market-leading potential.

Xygeni

Xygeni

Xygeni is a leader in Application Security Posture Management (ASPM). Our advanced technology detects malicious code in real-time to prevent malware infections.