#61: Five-Star Trap, Holiday Shopping Scams, AI Companies on the Clock

Scams aren’t just getting more sophisticated, they’re getting harder to verify. Reviews, websites, ads, even entire storefronts can now be generated at scale. The burden of proof is quietly moving from the platform to the user and that’s a dangerous place to be.

Let’s get into it.

NATE'S TAKE - DECEMBER 16, 2025

Top Three This Week

1. Beware the Five-Star Trap: Fake Reviews at Scale
2. Holiday Shopping Scams Go AI-Native
3. Senators Put AI Companies on the Clock Over Scams

1. Beware the Five-Star Trap: Fake Reviews at Scale

Five-star reviews used to signal trust. Now they’re often the bait.

UK regulators are warning shoppers about a surge in fake product reviews, many of them generated using bots and AI. Entire review sites are being spun up to prop up high-demand products, especially unfamiliar brands. The result is predictable: consumers receive low-quality or counterfeit goods, or nothing at all.

For fraud and product teams, the issue isn’t just consumer awareness. It’s signal degradation. When 11-30% of reviews are fake, star ratings stop working as a trust mechanism. And once users learn they can’t rely on reviews, confidence in the platform erodes with them.

Reviews can’t be treated as static content. They’re a behavioral surface that needs continuous validation, anomaly detection, and context. When trust signals are easy to manufacture, fraud hides in plain sight.

2. Holiday Shopping Scams Go AI-Native

This holiday season, AI is powering the most effective shopping scams yet.

Criminals are using generative AI to build convincing fake retailer sites, run deepfake video ads, clone celebrity endorsements, and generate urgency-driven social ads at scale. One in five Americans reports falling for a holiday scam, losing nearly $900 on average.

The pattern is familiar: deep discounts, countdown timers, slightly altered URLs, payment via money apps, and fake delivery notifications that double as malware traps.

What’s changed is speed and realism. AI removes friction. Scammers no longer need developers or designers. They need prompts.

For platforms, this means traditional red flags aren’t enough. Trust and safety teams need to correlate behavior across ads, domains, payments, and user journeys. When scams look legitimate, intent and linkage matter more than appearance.

3. Senators Put AI Companies on the Clock Over Scams

U.S. senators are demanding answers from major AI companies on how they’re preventing AI-enabled fraud.

Letters sent to OpenAI, Google, Meta, Microsoft, and others ask how these companies detect scam usage, authenticate users, cooperate with law enforcement, and prevent sensitive data misuse. The concern is that generative AI is scaling old scams faster than defenses can keep up.

Lawmakers are also signaling a shift toward accountability. New proposals would treat AI systems as products, opening companies up to liability when their tools cause harm.

For fraud leaders, this is an important moment. Regulation is catching up to reality: AI isn’t neutral infrastructure. It shapes outcomes. And platforms that benefit from scale will increasingly be expected to manage the risks that come with it.

The question isn’t whether AI is used for fraud. It’s whether platforms are designed to see misuse early, link activity across surfaces, and intervene before trust collapses.

===

That’s all for this week! For more insights, follow us on LinkedIn or X, and if you want to learn more about what we do, visit www.specprotected.com.

‍