On May 20, 2025, ActiveMedia (Thailand) Co., Ltd. proudly participated in TTT 2025 Reshape: Enterprise Cybersecurity Day, held at the Grand Hall, BITEC Bangna. Organized by TechTalkThai, the event served as a crucial platform for cybersecurity experts from across Thailand to share knowledge, exchange ideas, and explore how businesses must adapt in an era where AI is dramatically reshaping the threat landscape.
As a leading cybersecurity provider, ActiveMedia showcased cutting-edge security solutions from ESET, a global leader in AI-driven cybersecurity. Our booth featured the engaging activity “ESET Threat Hunter – What Level of Threat Hunter Are You?”, which received overwhelming interest and offered attendees a unique mix of knowledge, fun, and exclusive giveaways.
Beyond ESET’s comprehensive Endpoint Protection solutions, we also highlighted a suite of innovative technologies, including:
- SearchInform – a DLP (Data Loss Prevention) solution designed to prevent internal data leakage.
- Xopero – a robust data backup and recovery system, purpose-built for enterprise endpoints.
- Cybersecurity Awareness Training – tailored programs to cultivate a security-conscious culture among employees.
Cybercriminals leveraging AI is no longer novel - but what’s deeply concerning is the rapidly increasing complexity and sophistication of deception, which make them harder to detect and defend against.
Here are some real-world threats powered by AI:
Fake Employees
One of the most alarming cases involved North Korean cybercriminals using AI to create fake identities to pose as freelance IT professionals. They did not just fabricate resumes - they also altered photos and generated convincing documents that passed initial screening processes. Their ultimate goal was to steal sensitive data or plant malware within organizational systems.
New BEC Scams
Deepfake technology has been deeply integrated into Business Email Compromise (BEC) scams. A notable case involved an employee who was tricked into transferring over USD 25 million to hackers posing as the company’s CFO - using an AI-generated video call to carry out the deception.
Authentication Bypass
Deepfake technology is now being used in more dangerous ways, highlighting the advanced evolution of cyber threats. One example is GoldPickaxe, a type of malware that steals users' facial data and uses it to create deepfake videos capable of bypassing identity verification systems - allowing attackers to access bank accounts or open new ones fraudulently.
Deepfake Scams
Cybercriminals are using deepfake videos to create fake profiles, impersonating CEOs, corporate leaders, or well-known brands. They post deceptive content on social media, often speaking in videos to persuade followers to invest in fake projects, transfer money, visit fraudulent websites, or click on links embedded with malware.
Password Cracking
Tools like PassGAN, which leverage AI technology, can crack passwords in just seconds, granting unauthorized access to organizational systems. This can lead to the exposure of vast amounts of sensitive information, such as customer data, financial records, and executive-level documents. Cybercriminals can then use this access to create fake documents and deceive internal systems - or even financial institutions.
Document Forgeries
AI is also being used to forge critical documents such as national ID cards, business records, certificates, and insurance documents. This makes it significantly easier to deceive Know Your Customer (KYC) systems and verification processes used by financial institutions.
Phishing & Reconnaissance
With the power of AI, cybercriminals can create highly realistic phishing emails. Not only is the language accurate and natural, but the content can also be precisely tailored to the context and behavior of specific targets within each organization.
Severe Impact on Organizations
AI-driven threats do not just cause short-term disruption - they can have long-lasting impacts on organizations across multiple dimensions, including:
Financial Damage: that goes beyond just lost funds from fraudulent transfers - it also includes costs for system repairs, data recovery, and potential fines from regulatory authorities.
Loss of Customer Trust: is another major concern, as research shows that 1 in 3 customers will stop using a brand after just one negative experience.
Regulatory and Legal Violations: especially concerning personal data protection, can have serious consequences. If customer data is leaked or stolen, organizations may face legal action or substantial fines from regulatory bodies.
Delays in Digital Transformation Plans: can occur as organizations may need to delay new technology initiatives in order to address pressing security issues first.
According to Mr. Pongint, effective cybersecurity in the AI era requires an integrated approach across three core dimensions:
People & Process
Employee training is the first and most crucial line of defense. Employees must be able to recognize deepfakes, phishing, and social engineering. Recruitment should include strict resume checks and scrutiny of AI-manipulated video interviews. Regular risk assessments, mandatory MFA on sensitive systems, and close HR-IT collaboration are essential to maintaining robust security.
Technology
Integrating AI to detect deepfakes - especially during KYC processes - analyze abnormal user or employee behavior and assess data risks has become essential. Additionally, employing generative AI to simulate threat scenarios for training detection systems is proving to be a highly effective approach.
Corporate Culture
Building a strong organizational culture means helping every employee understand that AI and cybersecurity are not just IT concerns - they are matters of overall business security. Everyone in the organization has a role to play in defending against cyber threats.
Final Thoughts: Ready for Battle in the Age of AI
In today’s AI-driven business landscape, threats evolve rapidly and with increasing complexity. Being prepared is no longer optional - it is essential for survival. Modern security investments protect more than just data - they preserve your reputation, trust, and long-term continuity. In a world of constant competition, only the most prepared will thrive.
ActiveMedia, in partnership with ESET - a global leader in Endpoint Security solutions - delivers modern, reliable protection tailored for your organization. ESET products are trusted worldwide for their high accuracy in threat detection, multi-layered protection, and lightweight performance that ensures a smooth user experience. ESET PROTECT is a comprehensive security platform offered in five tiers - from ESET PROTECT Entry to ESET PROTECT Elite - designed to meet the needs of organizations of all sizes and security levels. All features can be centrally managed through the ESET PROTECT Console, providing complete visibility and control from a single dashboard.
With years of experience and a team of technology experts who deeply understand both systems and business contexts, ActiveMedia is the trusted partner your organization can rely on. We offer end-to-end cybersecurity consulting and management tailored to your organization’s specific needs - whether you are a small business or a large enterprise.
Our commitment is to help your organization move confidently into the future - secure, stable, and worry-free.
