JAKARTA - In the midst of the increasingly strong digital security system, cyber criminals are increasingly targeting humans rather than trying to penetrate technological systems. The perpetrators are now utilizing various modes such as social engineering, phishing, to the misuse of artificial intelligence (AI) technology through deepfake and voice cloning to gain access to assets and user personal data.
The report from NordStellar notes that discussions on Deepfake-as-a-Service (DFaaS) services on dark web forums increased by about 39% from January to May 2026 compared to the same period the previous year. The findings indicate that deepfake technology is increasingly accessible and used by cyber criminals to carry out various forms of identity-based fraud.
On the other hand, the development of AI voice cloning technology now makes it possible to clone voices that are very similar to their original owners with only an audio sample lasting about 10 seconds, making various digital fraud modes increasingly difficult to be recognized by the public, including the closest people who are victims of voice cloning.
This view was conveyed by INDODAX Chief Information Security Officer (CISO), Ledy, in the Beyond Code: The Human Side of Crypto Security discussion session held by INDODAX together with blockchain developers, the crypto community, and industry players. Carrying the theme Security Starts With You, this forum discusses how the human factor is one of the most crucial points in maintaining the security of digital and crypto assets.
Ledy explained that the development of security technology has changed the pattern of threats in the crypto asset ecosystem. If previously perpetrators tried to exploit system weaknesses, now various incidents occur precisely because perpetrators target the psychological aspect of users which are designed to affect how someone makes decisions.
"Many people still think the biggest threat comes from hacking the system on the exchange. In fact, in some of the cases that have occurred recently, the perpetrators actually gained access because the victim unknowingly provided important information or clicked on a dangerous link that resembles an official service," he said, quoted Monday, June 29.
He explained that the development of AI makes various modes of fraud appear more convincing. In addition to deepfake and voice cloning, perpetrators are now also using fake ads on social media such as Facebook, manipulating search results (AI search engine repositioning), to impersonating official Customer Support (CS) through instant messaging applications such as WhatsApp.
"At INDODAX itself, we do not have an official WhatsApp Customer Support number. All services can only be accessed through phone numbers, emails, and official company channels. Therefore, the public needs to get used to verifying and even researching independently (DYOR) in digesting information before making decisions," he added.
According to Ledy, the change in threat patterns shows that digital security is no longer enough to rely on technological sophistication alone. Building security or cyber hygiene through the habit of verifying information, maintaining the confidentiality of personal data, and recognizing various manipulation formats is essential in strengthening user protection.
"Platforms can provide various security layer systems. But in the end, every decision remains in the hands of the user. Therefore, we always remind the public not to easily believe and always verify before providing information or making decisions related to digital assets," he concluded.
INDODAX assesses that increasing digital security literacy needs to go hand in hand with technology strengthening. As various AI-based fraud modes develop, education on how to recognize social engineering, phishing, deepfake, and digital identity abuse is becoming increasingly important to strengthen user protection.
As a regulated crypto exchange in Indonesia, INDODAX continues to strengthen the security standards of the platform while presenting relevant education so that the public can operate in the crypto asset ecosystem more safely, wisely, and responsibly.
The English, Chinese, Japanese, Arabic, and French versions are automatically generated by the AI. So there may still be inaccuracies in translating, please always see Indonesian as our main language. (system supported by DigitalSiber.id)
