Artificial intelligence does not only accelerate business, education and technological development. It also makes fraud faster, more scalable and more convincing. In the past, fake messages were often easier to identify because of poor language, suspicious design or strange links. Today, AI can help criminals generate natural-sounding text, create websites that closely imitate real companies, personalize messages and produce communication that ordinary users are more likely to trust.
Global examples show that criminal groups are already using AI to create fake websites at scale. In one reported case, more than 8,000 phishing websites were connected to the theft of millions of credit-card numbers and billions of dollars in losses. This is not only an American problem. Similar schemes can easily spread to any country where consumers actively use mobile banking, online payments, telecom services, reward points, online shopping and quick links.
For Georgia, this issue is especially important because digital services have spread quickly, while consumer cybersecurity education is still not strong enough. Georgian consumers regularly receive messages in the name of banks, telecom companies, couriers, online stores, tax services, lotteries or bonus programs. In the AI era, such messages will become more convincing.
BTUAI assesses that the main conclusion is clear: in the age of AI, consumer protection is no longer only a technical issue. It is also an issue of education, trust, digital hygiene, business responsibility and public oversight.
What is happening
Fraudsters are increasingly using AI to create websites that imitate real companies. A consumer receives a message saying they have reward points, a gift, an unpaid fee, a courier delivery problem, a banking alert or an account-security warning.
The user is then asked to click a link. The link opens a website that visually resembles a known company – a bank, telecom provider, payment system or online service. The user enters personal data, card details, a one-time code or account information. The fraudster can then steal money, use the card or sell the data through other criminal networks.
AI strengthens this process in three ways.
First, the text becomes more natural. Fraudulent messages no longer look like poorly translated text. They can be clear, short, persuasive and adapted to the local language.
Second, website creation becomes easier. AI can generate code, imitate page design, create forms and build fake website logic without requiring deep technical expertise from the criminal.
Third, scale increases. One criminal group can quickly create hundreds or thousands of versions: for different companies, different countries, different languages and different messages.
This means that AI makes fraud not only smarter, but also cheaper and more scalable.
Why this matters for Georgia
Digital services have expanded rapidly in Georgia. Consumers use mobile banking, electronic payments, online shopping, courier services, telecom applications, tax platforms, card payments and social-media commerce every day.
At the same time, many users still do not check link addresses, cannot easily distinguish real websites from fake ones, quickly trust urgent messages and sometimes share one-time codes with third parties.
AI-generated fraud makes these weaknesses more dangerous. If a message is written in correct Georgian, resembles a company’s design and refers to a familiar issue – such as a blocked card, a stopped delivery or expiring bonus points – the probability of deception increases.
Several areas are especially risky for Georgia:
- banks and mobile banking;
- telecom services;
- courier and postal messages;
- online stores;
- sales through Facebook and Instagram;
- imitation of tax and public services;
- fake hotel and tourism booking links;
- fake grants, contests or job offers.
How fake-website fraud works
AI-amplified fraud often follows several steps.
The first step is attracting attention. The message may arrive by SMS, WhatsApp, Messenger, email or a social-media advertisement. It often creates urgency: “points are expiring,” “your account will be blocked,” “your parcel is on hold,” “payment failed,” “confirm your information.”
The second step is building trust. The message uses the name, logo, colors, format or familiar language of a known company.
The third step is the link. The link may look very similar to the real address, but it may include one changed letter, an added symbol, a strange ending or a shortened URL.
The fourth step is requesting data. The fake website asks for card details, personal identification data, passwords, one-time codes, account recovery or “security confirmation.”
The fifth step is theft of money or data. The criminal can use the card, access an account, sell the data or use it in another fraud scheme.
Because of AI, this process is becoming faster, more convincing and more varied.
How consumers can identify a fake website
Identifying fake websites is not always easy, but several warning signs should be checked.
- The link address
The first thing to check is the website address. Fraudulent pages often use addresses that look very similar to real ones, but contain small differences.
There may be an added word, a changed letter, an unusual ending or a shortened link. Consumers should be especially careful with links that come from unknown numbers or unknown accounts.
- Urgent language
Fraudsters often create psychological pressure: “confirm now,” “last chance,” “your account will be closed,” “points expire in 10 minutes.” Such language pushes users to act quickly and without thinking.
A real company rarely asks users to enter card details or passwords through an urgent link.
- Requests for personal and card data
If a website asks for a full card number, expiration date, security code or one-time SMS code in exchange for a gift, points or confirmation, this is a major warning sign.
A one-time code should almost never be entered into a page opened from a suspicious link unless the user has independently entered the official app or official website.
- Design may look real
Today, fake websites cannot be identified by design alone. AI and simple code-generation tools allow criminals to quickly create pages that resemble real brands. Consumers should not trust only logos, colors or visual design.
- An offer that looks too good to be true
Free phones, headphones, bonuses, large discounts, quick financial rewards or “today only” offers are often used to deceive users.
In the AI era, such offers may look more professional, but the logic remains the same: the user is pressured into quickly entering data.
What consumers should do
Georgian consumers should follow several simple rules.
Do not open links from unknown SMS messages or unknown accounts.
If a message appears to come from a bank, telecom company or courier, the user should independently open the official app or website, not the link inside the message.
Do not enter card details to receive gifts, points or “confirmation.”
Do not share one-time codes with third parties or suspicious pages.
Use two-factor authentication where possible.
Verify suspicious messages through the company’s official channels.
If data has already been entered, contact the bank immediately, block the card and change passwords.
What businesses should do
Business responsibility does not end with warning consumers. Banks, telecom companies, online stores, courier companies and digital platforms should understand that their brands may be used as tools of fraud.
Businesses should strengthen:
continuous consumer education;
standardization of official links;
rapid detection of suspicious websites;
monitoring of brand impersonation;
SMS and email security standards;
simple public instructions;
fast alert systems for consumers;
cooperation with banks, telecoms and public institutions.
It is especially important for companies to clearly explain what they will never ask for by SMS, link or chat.
What the state should do
AI-amplified fraud is not only a private-sector problem. It can become a matter of national cybersecurity and consumer protection.
Important steps for the state include:
public-awareness campaigns;
stronger cybercrime monitoring;
rapid response mechanisms with banks and telecom companies;
legal and technical mechanisms to block fake websites quickly;
consumer data-protection standards;
digital safety education in schools and universities;
special educational materials for older adults and minors;
updates to legal definitions of AI-generated fraud.
Digital safety should not remain only in the language of IT specialists. It should become an everyday civic skill.
What this means for education
In the AI era, digital safety should be taught in schools, universities and professional education. Users should learn not only how to use apps, but also how not to be deceived.
Practical learning should include:
how to check a link;
how to identify a fake website;
what phishing is;
why one-time codes should not be shared;
how to verify an official channel;
what to do if data has already been entered;
how AI helps fraudsters and how AI can also help defenders.
For BTU, this topic is especially important because it stands at the intersection of AI, business, cybersecurity and consumer behavior.
Opportunities
AI-amplified fraud is a risk, but it also creates an opportunity for Georgia to build a stronger cybersecurity culture.
The country can develop:
cybersecurity education programs;
Georgian-language tools for detecting AI-generated fraud;
consumer-protection standards for banks and telecoms;
simple guides for schools and parents;
cyber-hygiene training modules for businesses;
a Georgian digital-safety vocabulary;
student research on online fraud patterns in Georgia.
This issue can become one of the main explanatory directions of the AI era: how to protect people in a more automated digital environment.
BTUAI assessment
BTUAI assesses that AI-amplified fraud is one of the most practical and rapidly growing risks for Georgian consumers. It is not a distant problem affecting only large markets. Any country where consumers use mobile banking, cards, SMS and online services is exposed to this risk.
For Georgia, the main challenge is protecting trust. If consumers are frequently deceived by fake links, they may become afraid of digital services. This would harm not only individual users, but also the development of the digital economy.
AI makes fraud more convincing, but protection is possible. Three things are needed: informed consumers, responsible businesses and fast public response mechanisms.
The main conclusion is that, in the AI era, one of the most important digital skills may not only be the ability to use technology, but the ability to recognize suspicious technological environments. Consumers must become more careful, businesses more responsible and education more practical.
Key findings
- AI enables fraudsters to quickly create convincing texts and websites that imitate real companies.
- Design alone is no longer enough to identify fake websites, because AI makes visual and textual imitation easier.
- In Georgia, the highest-risk areas include banks, telecom companies, courier services, online stores and public-service impersonation.
- Consumers should avoid suspicious links and should not enter card details or one-time codes into unknown pages.
- Businesses must strengthen brand-impersonation monitoring and simple, continuous consumer education.
- The state should develop rapid response, cybercrime monitoring and digital education systems.
- Digital safety should be taught in schools and universities as a practical life skill.
- AI strengthens fraud, but AI can also improve protection systems when used responsibly.
Data and evidence base
International examples show that AI-amplified fraud can scale quickly.
In one reported case, a criminal group used more than 8,000 fake websites.
Such schemes have been linked to millions of stolen credit-card numbers and billions of dollars in losses.
Phishing attempts through mobile messages are increasing rapidly, especially through impersonation of telecom companies, parcels, reward points and financial services.
AI makes it easier to create both text and website code, allowing criminals to build large numbers of fake pages with limited resources.
For Georgia, a local evidence base is needed: what types of fraudulent messages are spreading, which consumer groups are most affected, which channels are riskiest and how companies respond.
Methodology
This report was prepared as part of BTUAI Research. The analysis is based on international media and cybersecurity materials about AI-amplified phishing, fake websites, text-message scams, theft of consumer data and digital safety.
The materials are processed using analytical methods applied by BTU researchers, with the support of BTUAI.
The purpose of the research is not to create panic, but to explain a practical risk that may affect Georgian consumers, businesses, banks, telecom companies, digital platforms and public services.
Limitations
AI-amplified fraud changes quickly. Criminal groups often change channels, links, texts, websites and message formats.
This material does not describe every possible fraud scheme and does not constitute individual cybersecurity or legal advice.
The risks described for Georgia are analytical assessments and require regular monitoring of local data.
This material is analytical and educational in nature. It does not constitute legal, financial, technological or cybersecurity advice. In a specific case of damage, consultation with a bank, relevant company, cybersecurity specialist or law-enforcement authority is required.
Sources
International media and cybersecurity analysis of AI-amplified phishing, fake websites and text-message scams.
Assessments by technology companies and law-enforcement bodies on the use of AI in cybercrime.
BTUAI analytical interpretation based on Georgia’s digital, consumer, educational and business context.
Frequently asked questions
What is phishing?
Phishing is a fraud method in which users are tricked into entering personal, banking or account data into a fake website or form.
Why does AI make fraud more dangerous?
AI helps criminals create polished text, websites that imitate real companies, multiple languages and many versions of the same scam quickly.
What should I do if I receive a suspicious SMS?
Do not open the link. Open the company’s official app or website independently and verify the information. If needed, contact the company through its official number.
What should I do if I already entered card details?
Contact your bank immediately, block the card, change passwords and check account transactions. If necessary, report the case to law enforcement.
Can a fake website look very professional?
Yes. Because of AI and modern design tools, a fake page can look very similar to a real one. Checking the link address and the communication channel is essential.
Keywords
AI fraud; fake websites; phishing; cybersecurity; consumer protection; mobile banking; SMS scams; card data theft; digital safety in Georgia; AI and cybercrime; BTUAI; Business and Technology University.
Citation format
BTUAI Research Team. “AI Is Also Strengthening Fraud: How Georgian Consumers Can Protect Themselves from Fake Websites.” Business and Technology University, BTUAI.ge, 2026.
Prepared by the academic team of Business and Technology University and the BTUAI Research Team.
Tbilisi, Georgia
BTUAI is an analytical platform of Business and Technology University that studies the impact of artificial intelligence, digital transformation, innovation, startup ecosystems, data analytics and emerging technologies on business, the economy, education and society. BTUAI materials are designed to explain complex technological and economic changes in a clear, reliable and Georgia-focused way.



