Cyber-Criminals Exploiting AI In ‘Sophisticated’ New Wave of Financial Fraud

Cyber-criminals are using artificial intelligence and highly sophisticated techniques to exploit public trust, forcing the Bank of Mauritius to issue a fresh public warning amid a sharp rise in digital scams.

Feyçal Caunhye, the central bank’s Chief Communications Officer, has sounded the alarm over a worrying surge in fraudulent emails, unsolicited phone calls, and targeted digital fraud.

The spike in cyber-crime, which mirrors broader regional and international trends, prompted the central bank to issue its latest public alert on 13 May 2026.

Mr Caunhye revealed that scammers have evolved beyond basic phishing emails into highly convincing, targeted communications.

Fraudsters are now deliberately spoofing phone numbers, compromising email addresses, and using advanced social engineering to impersonate licensed banks, regulatory bodies, and specific individuals.

Human Error Exploited

Despite stringent technological defenses, the central bank stressed that scammers primarily rely on psychological manipulation.

Investigations show that a majority of victims have unfortunately compromised themselves by voluntarily handing over their One-Time Passwords (OTPs) and login credentials to fraudsters.

“Technology alone is not enough to guarantee total protection,” Mr Caunhye stated, pointing out that many fraudulent operations originate from abroad.

This international footprint complicates investigations and exposes the country to cross-border threats, making financial fraud a global challenge that no nation can resolve in isolation.

The Bank of Mauritius reiterated that neither itself, nor commercial banks or financial institutions, will ever contact a customer to request personal data, PIN codes, fund transfers, or OTPs via unsolicited calls, emails, or messages.

Members of the public receiving any suspicious requests are urged to verify them directly with their financial provider before responding.

Regulatory Enforcement and Defenses

To counter these systemic risks, the Bank of Mauritius has taken several regulatory and educational steps:

• Cyber-security Directives: Since 2023, the central bank has enforced strict guidelines on technological and cyber risk management. This framework legally requires banks to invest in tailored cyber-defenses and increases the direct governance accountability of boards and executives. Compliance is strictly monitored via on-site inspections.
• National Coordination: A continuous multi-agency strategy is in place involving licensed banks, telecom operators, and national cyber-security authorities like CERT-MU, which plays a central role in publishing fraud trend alerts.
• Public Education: Over the last 12 months, the Bank of Mauritius Museum has reached more than 10,000 people through information sessions. Additionally, over the last eight months, four specialized workshops were rolled out alongside FinTech stakeholders to educate university students, SMEs, taxi drivers, and hotel operators.

Future Infrastructure and Strategy

Looking forward, the central bank is currently developing a mobile application designed to give the public instant access to anti-fraud advice and prevention information.

Mr Caunhye emphasized that the speed and efficiency of institutional collaboration must continually evolve to keep pace with rapid criminal innovation.

To fully protect consumers and safeguard the nation’s reputation, the bank is calling for strict verification procedures by telecom operators and banks, immediate inter-agency information sharing, early financial education in schools across Mauritius and Rodrigues, and close cooperation with the media to maintain continuous public awareness.

Source: Defi Media