ChatGPT's Image Generation Could Be Driving Retail Fraud 

Uploaded on 2025-04-15 in TECHNOLOGY-Key Areas-Artificial Intelligence, NEWS-Cybersecurity News, FREE TO VIEW

The retail industry is already facing a huge challenge with retail fraud - and this is only set to continue as generative AI tools reach new levels of sophistication.

The recent launch of ChatGPT's enhanced image generation capabilities marks yet another significant milestone in AI development - but also one that carries some serious implications for retail security and fraud prevention.

Generative AI is of course transforming retail in positive ways such as creative workflows, content production, and business operations (as it is across all industries). However, underpinning the excitement surrounding these advancements does lie some serious concerns: the same technology available to consumers is also making fraudsters faster and even more cunning. 

The democratisation of sophisticated image generation technology, such as ChatGPT’s Image Generation, is another example of that. It has the potential to create the perfect conditions for a new wave of retail fraud - one that could make the traditional verification process redundant and not fit for purpose

How Can GenAI tools Be Used To Enable Fraud?

The latest AI image generators can create images that look like real photographs as well as imagery from simple text prompts with incredible accuracy. It can reproduce documents with precisely matching formatting, official logos, accurate timestamps, and even realistic barcodes or QR codes. 

In the hands of fraudsters, these tools can be used to commit ‘return fraud’ by creating convincing fake receipts and proof-of-purchase documentation. What makes this use even more concerning is that, unlike previous forgeries that often contained telltale signs and human errors, AI-generated fakes are much better at creating indistinguishable dupes. 

The Potential Impact Stems Far & Wide

The concerns with this new technology extend far beyond merely returning items. For example, fake proof of purchase documentation can be used to claim warranty service for products that are out of warranty or purchased through unauthorised channels. Fraudsters could also generate fake receipts showing purchases at higher values than was actually paid for - then requesting refunds to gift cards for the inflated amount. Internal threats also exist too, as employees can create fake expense receipts for reimbursement. 

This is particularly damaging for businesses with less sophisticated verification processes in place. Perhaps the scenario most concerning of all is that these tools can enable scammers to generate convincing payment confirmations or shipping notices as part of larger social engineering attacks. Of course, the financial impact is substantial - industry estimates already place return fraud costs in the billions annually, and this could significantly increase as these GenAI tools become more accessible and sophisticated.

What About The Damage To Legitimate Customers?

It's not just about the direct financial impact on retailers, but also the potential impact of a ‘seamless customer experience’ for consumers. As retailers have to implement more complex and lengthy verification processes to mitigate sophisticated fraud, honest customers could face greater friction during their returns and exchange experience.

This creates a difficult dilemma for retailers. The National Retail Federation reports that 70% of consumers say a positive return experience encourages them to continue shopping with a retailer. Yet, creating stricter return verification processes to combat risks posed by genAI will not only frustrate these valuable customers, it could also impact their brand loyalty.

Hitting Back At GenAI With AI

While ChatGPT’s image generator is the latest advancement getting attention, it’s not the first or last genAI tool with these capabilities. So, how can retailers fight back? 

The solution to these challenges doesn't lie in reverting back to manual processes or creating higher-friction customer experiences. Retailers must instead fight AI-powered fraud with AI. By examining the full customer journey rather than just the return transaction, retailers can begin to identify suspicious patterns without creating friction for legitimate customers.

Advanced AI can be used to detect subtle inconsistencies that most models, and certainly not manual reviews or rules, can spot. 

The relationship between retailers and customers has always been built on trust and today's new genAI challenge isn't all that different. The successful retailers will be the ones that work out how to strike the right balance and view fraud prevention not as a cost center but as an essential component of the customer experience.

Doriel Abrahams is Principal Technologist at Forter

Image: Ideogram

You Might Also Read: 

A New Threat To Biometric Security:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Unlocking Business Potential With Strategic IT Evaluations
Phishing Scams Put Hotel Guest Data At Risk »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Ixia

Ixia

Ixia provides testing, visibility, and security solutions to strengthen applications across physical and virtual networks.

Cybraics

Cybraics

Cybraics nLighten platform implements a unique and sophisticated artificial intelligence engine that rapidly learns your environment and alerts security teams to threats and vulnerabilities.

Threat Intelligence

Threat Intelligence

Threat Intelligence is a specialist security company providing penetration testing, threat intelligence, incident response and training services.

Zix

Zix

Zix offers secure email encryption, threat protection, archiving, DLP and BYOD security for hospitals, financial services, government, and more.

Bunifu Technologies

Bunifu Technologies

Bunifu Technologies is an Information Security and Custom Software Development Company.

RATEL (SRB-CERT)

RATEL (SRB-CERT)

RATEL has been appointed as the National Center for the Prevention of Security Risks in ICT systems of the Republic of Serbia (SRB-CERT).

Authomize

Authomize

Authomize aggregates identities and authorization mechanisms from any applications around your hybrid environment into one unified platform so you can easily and rapidly manage and secure all users.

NetSPI

NetSPI

NetSPI is an information security penetration testing and vulnerability assessment management advisory firm.

ThreatReady Resources

ThreatReady Resources

ThreatReady reduces an organization’s risk by delivering cyber security awareness training based on the latest, state-of-the-art learning science to effectively drive long-term cyber-safe behavior.

ProLion

ProLion

ProLion provides Data Integrity solutions that ensure organisations’ data remains secure, compliant, manageable and accessible.

Analygence

Analygence

ANALYGENCE is your trusted partner for mission support, cyber solutions, and management services.

Apollo Information Systems

Apollo Information Systems

Apollo is a value-added reseller that provides our clients with the complete set of cybersecurity and networking services and solutions.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

Infosys

Infosys

Infosys is a global leader in consulting, technology and outsourcing solutions.. Services include IT strategy, technical architecture and operations including cybersecurity.

Quatrro Business Support Services (QBSS)

Quatrro Business Support Services (QBSS)

QBSS is a tech-enabled outsourcing firm that’s changing the way companies think about finance, accounting, human resources and technology services.

CyberMaxx

CyberMaxx

At CyberMaxx, our approach to cybersecurity provides end-to-end coverage for our customers – we use offense to fuel defense.