Resources / The Evolution Blog

The New AI Arms Race: How Darwinium is Innovating Against AI-Driven Fraud

Ben Davey

2 June 2025

The New AI Arms Race: How Darwiniumis Innovating AgainstAI-Driven Fraud

Businesses are starting to wake up to the fact they have an AI fraud problem. Cybercriminals are leveraging the latest advances in AI to continually stay one step ahead, executing more complex attacks that are currently evading detection, and making traditional security and fraud measures increasingly obsolete.

We're witnessing an "AI arms race," where the ability to detect and counter AI-driven fraud hinges on leveraging equally advanced AI solutions. At Darwinium, we believe that only better AI can fight AI-driven attacks.

The Threat Landscape: AI-Powered Attacks are on the Rise

Gone are the days of simple bot attacks and easily detectable transaction anomalies. Today's fraudsters are deploying AI-driven tactics that seamlessly mimic human behavior, making them incredibly difficult to identify. Here's a glimpse into the evolving threat landscape:

AI Model Theft & Replication: 

  • Criminals are using sophisticated techniques to steal and replicate AI models, allowing them to bypass security measures and launch targeted attacks.

AI-Powered Data Scraping & Exfiltration: 

  • AI agents are automating the process of scraping sensitive data from websites and applications, leading to massive data breaches.

Human-Like Phishing & Social Engineering: 

  • AI-generated phishing emails and deepfakes are becoming increasingly convincing, making it easier for fraudsters to deceive unsuspecting users.Fake and legitimate business communications are virtually indistinguishable.

Automated Account Takeover & Fraudulent Transactions: 

  • AI-powered bots are automating credential stuffing attacks and manipulating user interfaces to authorize fraudulent transactions.

API & Business Logic Abuse: 

  • AI algorithms are being used to automatically find and exploit API vulnerabilities and business logic flaws.

Why Traditional Security Measures Fall Short

Traditional security tools, such as bot detection, CAPTCHAs, and fraud prevention systems, often operate in silos. They protect key touchpoints in the digital customer journey, such as a login or payment event, by risk-assessing transaction data.

However, looking at specific touchpoints is a fundamentally fragmented approach leaves gaps that AI-driven attacks can easily exploit. Fraudsters launch attacks that look for unprotected touchpoints, exposed API endpoints, or vulnerabilities in the customer journey. This siloed approach to threat intelligence lacks the context and visibility of traffic behavior needed to identify complex attack patterns. 

What’s more, the rise of adversarial AI and generative AI necessitates the use of advanced AI-driven cyberfraud solutions. For example, Alphago Zero is an example of an AI system that learned to play Go – a strategic board game that originate in China - without human intervention. This demonstrates the power of AI to surpass human capabilities.

Requirements for a Cyberfraud Prevention Solution that Can Defeat AI with AI:

  • Breadth of Data: Collecting data from CDNs, APIs, web and mobile apps.
  • Depth of Data: Analyzing device, behavior, user, identity, and transaction data across the entire user journey.
  • Adaptability of Decisions: Implementing AI models that can adapt to evolving threats and use cases.

The New AI Fraud Signals

Despite this new paradigm shift, Darwinium has identified and analyzed some useful signals that businesses can be looking for when it comes to identifying AI-driven attacks:

Anomalous Traffic Patterns: 

  • Sudden spikes in API requests, login attempts, or transaction volumes.
  • Unusual geographic distribution of traffic.
  • Rapid account creation or profile updates.

Behavioral Inconsistencies: 

  • Robotic or non-human-like interactions (e.g., perfect typing speed, cohorts of similar transaction patterns that might indicate fraud farm behaviors, instantaneous form submissions, unusual journey navigations straight to key form capture pages).
  • Unnatural mouse movements or navigation patterns.
  • Rapid switching between multiple accounts or devices.

API Abuse Indicators: 

  • Excessive or unauthorized API calls.
  • Unusual traffic hitting backend API endpoints.
  • Data exfiltration or manipulation through API vulnerabilities.

Promo Abuse Indicators: 

  • Massive, automated redemption of promotional codes or discounts
  • Creation of numerous fake accounts to exploit limited time offers.

Scams and Authorized Push Payment (APP) Fraud Signals:

  • Signs of coercion, such as new presence of remote access trojans, live call detection, or unusual journey behaviors in comparison to previousbehavior.
  • Unusual payment velocities or amounts that are inconsistent with previousbehaviors.
  • Small payment tests to new beneficiaries.

Credential Stuffing for Account Takeover Attacks:

  • Rotating IP addresses
  • Using advanced CAPTCHA bypassing techniques

Darwinium's Holistic Approach: Combining User Journey Visibility and Behavioral Fingerprinting

At Darwinium, we believe that effective fraud prevention requires a holistic approach that provides end-to-end visibility into the user journey. By analyzing data from CDNs, APIs, web and mobile apps, we can detect subtle anomalies and correlate seemingly unrelated events. Our journey analysis now forms a key behavioral identifier that builds a picture of traffic intent and identifies AI-fraud risks.

Our Secret Weapon: Behavioral Fingerprinting

Darwinium's behavioral fingerprinting technology goes beyond traditional device fingerprinting, by analyzing a wide range of user behaviors. This includes:

  • Mouse movements and typing patterns: Detecting robotic or non-human-like interactions.
  • Scrolling and navigation behavior: Identifying unusual patterns that may indicate automated activity.
  • Interaction with form fields and other website elements: Detecting inconsistencies or anomalies in the way forms are filled that may indicate fraudulent or malicious intent.
  • Frequent locations: Comparing location data to accepted norms orprevious trusted patterns of interactions.
  • Journey behaviors: comparing the way traffic is traversing a website, and comparing to how trusted users interact across a series of steps in the digital journey.
  • Patterns of behavior over time: Comparing traffic behaviors to cohorts of trusted customer interactions over particular timescales.

In summary, behavioral fingerprinting enables us to connect unrelated devices and identity data purely based on behavior. This also means we can use behavior as a central pivot point when creating fraud rules, detection algorithms and in fraud investigations.

Behavioral Fingerprinting in Action

Identifying Bots Abusing New Customer Bonuses

Darwinium behavioral fingerprinting simplified the identification of bonus abuse behaviors for a global gaming company.

Fraudsters were abusing bonus play tokens by:

  • Using automated tools to sign-up for mass bonus tokens.
  • Cookie wiping / use of private browsing to bypass device recognition intended to restrict abuse of multiple new player bonuses.
  • Use of proxies / emulators to trick system into generating multiple new bonus tokens.
  • Use of a captcha solver to bypass protections in place.

Applying behavioral fingerprinting, the gaming company was able to uncover networks of linked bonus abuse behavior even when cookies were cleared, IP addresses were switched, or devices were obfuscated to look like a new user.

Building Behavioral Identity Graphs

We use behavioral fingerprinting to build behavioral identity graphs that connect identity, device, behavior, locations, and time. These graphs provide a comprehensive view of user behavior, enabling us to detect patterns that are indicative of fraudulent activity.

Unlike traditional device identity networks that are static and require exact matches, our behavioral identity graphs are dynamic and adaptive. They allow us to link otherwise unrelated devices, identities, and transactions, revealing hidden relationships and identifying coordinated attacks.

Key Darwinium Innovations that Help Businesses Better Detect AI-Driven Fraud:

  • Comprehensive Data Analysis: We analyze a wide range of data points across every touchpoint in the user journey.
  • Advanced Behavioral Analysis: Our behavioral fingerprinting technology goes beyond traditional fingerprinting methods that are being bypassed by fraudsters.
  • Dynamic Identity Graphs: Our behavioral identity graphs provide a comprehensive and adaptive view of user behavior that helps better detect AI-driven attack patterns.
  • AI-Powered Threat Detection: Darwinium uses advanced AI algorithms across every digital interaction to determine traffic intent and misuse of AI-Agents.

The Future of Fraud Prevention

As AI continues to evolve, so will the tactics of cybercriminals. At Darwinium, we're committed to staying ahead of the curve by continuously innovating and developing new AI-powered security solutions. We believe that by leveraging the power of AI, we can create a safer and more secure digital world for everyone.

Want to learn more about how Darwinium can help you protect your organization from AI-driven fraud? Contact us today for a demo.

Share

  • Share to Facebook
  • Share to Twitter
  • Share to LinkedIn