AI & Money: The Real Risks and The Rumors to Ignore

Sean McCulloch, MBA, CFP® |
Categories
Education

Artificial Intelligence, or AI, has become one of the most talked about technologies in the world, and with that attention has come an equally large wave of rumors, warnings, and alarming stories online. Some paint AI as an unstoppable threat capable of instantly draining bank accounts or perfectly impersonating someone at any time. Others dismiss concerns altogether and assume the risks are overblown.

 

As is often the case with emerging technologies, the truth sits somewhere in the middle.


There are absolutely new risks people should be aware of. AI is making certain scams more convincing, more scalable, and harder to detect than they were even a few years ago. At the same time, many of the stories circulating online are exaggerated, misunderstood, or simply false, designed to catch your attention and your clicks. Fear spreads quickly - especially when technology evolves faster than most people can comfortably keep up with.

The good news is that this isn’t the first time society has had to adapt to a new form of fraud. Every major advancement in communication has created new opportunities for scammers. Decades ago, it was fraudulent letters and sweepstakes mailers. Then came fake phone calls, phishing emails, internet pop-ups, and text message scams. AI is simply the newest tool entering a very old pattern. Understanding the difference between legitimate risks and internet mythology is one of the best ways to stay protected without becoming unnecessarily fearful.
The goal of this article is not to create fear around artificial intelligence, nor to dismiss legitimate concerns. Rather, it is to help you separate modern myths and internet rumors from the real-world risk people should genuinely understand and prepare for.

AI Myths and Rumors Worth Clarifying

"AI can instantly hack into your bank account."

This is one of the most common misconceptions surrounding AI at the moment. Artificial intelligence does not magically bypass bank security systems or automatically gain access to financial accounts. In most cases, successful scams still rely on very old-fashioned tactics: tricking people into voluntarily sharing passwords, clicking malicious links, or approving fraudulent requests.

Technology changes, but human vulnerability remains the primary target. This is why awareness and skepticism are still some of the strongest forms of protection available.

"Scammers can perfectly clone your voice from a few seconds of audio."

It’s no secret that voice cloning technology has improved dramatically in recent years, and there have been legitimate cases of scammers using AI-generated voices to imitate family members during fake emergency calls. According to McAfee’s 2023 Cybersecurity Artificial Intelligence Report (which is worth a read), it only takes three seconds of audio to create a clone of anyone’s voice.

Of the 7,000 people surveyed in this study, 1 in 4 said that they had experienced an AI voice cloning scam or knew someone who had. 1 in 10 of the people surveyed said they had received a message from an AI voice clone themselves. Of this group, 77% reported losing money as a result of the scam.

Of the people who reported losing money, 36% said they lost between $500 and $3,000, while 7% lost anywhere between $5,000 and $15,000.

So while these threats are absolutely valid, the defenses to them are fairly straightforward and tested by time:

  • Create a verbal codeword or passphrase with kids, family, and close friends. We've mentioned this before but be sure your codeword is one that only you and those closest to you know. Make sure everyone uses it in messages when they ask for help or money.
  • Skepticism is your friend. Always question the source. In addition to voice cloning tools, cybercriminals have other tools that can spoof phone numbers so they look legitimate. Even if it's a voicemail or text from a number your recognize, stop, pause, and think. Does that really sound like the person you think it is? A simple trick to thwart these attacks is to hang up, and call back at the number that you have for that person or company.
  • Think before you click Share. Who is your social media network? How well do you really know and trust them? The wider your connection, the more risk you may be opening yourself up to when sharing content about yourself.

"AI knows everything about you."

AI systems only "know" information that has been publicly shared, stolen through data breaches, voluntarily provided, or gathered through normal online tracking practices. While that can still be significant, AI is not secretly reading minds or accessing private financial records without some type of exposure point.

In reality, many of the greatest cybersecurity risks still come from weak passwords, reused credentials, compromised email accounts, and oversharing personal information online

Legitimate Threats People Should Take Seriously

While some fears are exaggerated, there are several very real ways AI is making scams more convincing and potentially more dangerous.

Threat: AI-Enhanced Phishing Emails and Texts

Traditional scam emails were often easy to spot because of poor grammar, strange wording, or obvious formatting issues. AI tools now allow scammers to generate highly polished messages that sound professional and convincing. Some messages may appear to come from banks, delivery companies, coworkers, or even family members.

Defense: Verify Outside the Message

Never rely solely on links, phone numbers, or instructions provided in an email or message. Instead:

  • Navigate directly to official websites yourself
  • Use verified phone numbers
  • Be cautious with urgent requests involving money, passwords, or account access
  • Pause anytime a message pressures immediate action

Threat: Deepfake Video Fraud

AI can now generate real-time video of a person's face and voice convincingly enough to fool an unsuspecting person on a video call. Criminals have used this to impersonate executives during internal meetings, deceiving employees into authorizing large transfers - a scheme sometimes called "CFO fraud."

Defense: Use Out-of-Band Confirmation

Any request involving a financial transaction, regardless of how the requester looks or sounds, should require a separate, pre-established approval chain. A policy of "never authorize an unexpected transfer based solely on a video or phone call" is your strongest protection.

How We're Taking Steps to Protect You

As AI and the threats it introduces continue to become more prevalent, you can rest assured that we and our strategic partners are doing everything we can to stay ahead of these threats and maintain safeguards against the threats most relevant to your money.

Supporting us behind the scenes, LPL Financial invested an astounding $500 million on cybersecurity and technology infrastructure in 2024, a 66% increase from the year prior. We expect this figure to continue to grow in the years to come.

At the level of our office, we have several long-standing internal policies in place to protect you as much as possible. We will never accept money movement instructions solely by email. Whether you're requesting to send money to an account, or have money distributed to you, we won't move anything until we can speak with you directly and verify the validity of your request.

In the unlikely situation that something still feels off, we go beyond standard verification. Even if a caller sounds completely familiar, we're aware of the threat of voice cloning, so we won't hesitate to ask questions that only the real you would know (what we discussed in our last meeting, a recent life event you mentioned, or details you've shared about your family or travel plans).

A scammer armed with your name and account numbers can't replicate a genuine relationship. That shared history is one of our strongest tools for making sure we're always protecting the right person.