A British investment group is warning consumers about the proliferation of “cloning scams.”

As The Investment Association (IA) said in a report last week, these scams happen when a criminal sets up an almost-identical version of a genuine website, email or social media account, leveraging a company’s brand and logo, to trick people into giving them money. 

In the latter half of last year, there were 478 reports of investment management firms being impersonated by fraudsters, the report said, adding that 23% of these attempts were successful, with consumers losing £2.7 million ($3.5 million).

“Criminals will use a variety of means to trick people into parting with their money, whether that’s impersonating genuine investment managers, stealing card details, or fraudulently logging into a person’s account,” Adrian Hood, the association’s regulatory and financial crime expert, said in a news release.

“That’s why we’re urging consumers to stay vigilant. With cloning scams topping the list of threats, consumers should double-check whether websites or emails are legitimate before transferring any money. The growth of AI [artificial intelligence] is likely to see increasingly sophisticated scams, with criminals better able to mimic legitimate firms.” 

PYMNTS explored this phenomenon last week, writing that generative AI, which includes technologies like deepfakes and advanced voice synthesis, now functions as “a double-edged sword in payments and cybersecurity.”

Last year, a finance worker in Hong Kong transmitted $25 million to fraudsters following a video call with what appeared to be the company’s chief financial officer and other executives, all of them the product of deepfake technology.

This business isn’t alone. Research by PYMNTS Intelligence shows that 90% of firms in the United States reported being targeted by cyberfraud in 2024. Business email compromise attacks impacted 63% of companies, up 103% from the prior year.

“Still, the deepfake incident underscores a chilling reality. Generative AI has transformed financial fraud, making it more sophisticated and harder to detect,” PYMNTS wrote. “While businesses harness its capabilities for efficiency, cybercriminals exploit it to craft convincing fraudulent schemes.”

In addition to cloning, the IA report warned consumers against card fraud, in which criminals use false or stolen debit card details to invest. In the second half of 2024, there were 17 reports of this kind of fraud. 

The IA also warned against account takeover scams, in which criminals use information they have gained about a person to change the address or payment details of an account and cash in on an investment. The report noted 132 instances of fraud in the second half of 2024.