Illustration: Jennah Haque

A few months ago, I received a congratulations letter on my upcoming enrollment at the Ultimate Medical Academy in Tampa, Florida.

“Welcome to UMA’s Healthcare Management associate degree program... Our goal is to help you become as career-ready as possible and this is the first big step.”

The letter came with an extra large men’s athletic polo and a string bag, all adorned with the UMA logo. All mostly normal things to expect from a welcome package — even if I am a women’s size small. There’s just one issue: I had never applied to the Ultimate Medical Academy. Before that day, I had never even heard of it. It’s been almost a decade since I’ve applied to college.

First came some light-hearted jokes from my Indian family. Would I finally be fulfilling my grandma’s wishes of becoming a doctor? Could I get enough tickets for my aunts, uncles and cousins to attend my white coat ceremony?

This quickly gave way to a very harrowing reality: Someone had stolen my identity.

Today’s digital ecosystem creates the perfect storm for identity theft. AI makes every step — from stealing personal information held by companies to finding the right Social Security Number to steal to faking a driver’s license — easier and more sophisticated.

Some AI research labs are already acting with an abundance of caution due to fears of cyberattacks. Anthropic PBC is rolling out its new model, Mythos, to a select group of companies for testing against their own products and looking for vulnerabilities. Mythos is able to find loopholes in all sorts of operating systems, even exploiting Linux, the open-source code that powers most smart TVs, cars and other electronics, according to employees at Anthropic. OpenAI is also shopping its equivalent model around for companies to test.

When one researcher at Anthropic tested Mythos, they found it was able to pull off the equivalent of a digital bank robbery. The cautionary tales from Anthropic are prompting government officials to send up a flare to the financial sector.

Read more: Anthropic Model Scare Sparks Urgent Bessent, Powell Warning to Bank CEOs

The US saw the highest number of data compromises in 2025 since the nonprofit Identity Theft Resource Center (ITRC) began recording in 2005. AI is already a powerful force in cybercrimes: 40% of the 5,000 data breaches that consumer credit agency Experian serviced last year were powered by AI, said Michael Bruemmer, vice president of Consumer Protection. The firm predicts that this year agentic AI, deploying multiple autonomous agents to achieve sophisticated goals with limited human oversight, will be the number one cause of data breaches.

However, its powers go beyond just infiltration of institutional systems; agentic AI has also sharpened the urgency of identity theft and digital fraud cases: Subagents can scan the dark web for vulnerable Social Security numbers and personal information in seconds. Simultaneous attacks can occur by contacting multiple banks at a time impersonating a different identity, and agents can fill out complex government forms requesting loans. In February, a hacker used Anthropic’s Claude chatbot to attack various government agencies in Mexico, retrieving sensitive voter and tax information.

Cases of identity theft reported to the Federal Trade Commission have shot up nearly 20% year over year. US Head of Fraud at TransUnion Naureen Ali said globally more than $534 billion is lost to fraud annually.

Bruemmer outlined how AI has made these scams lethal: “AI does three things. It makes it faster for the hackers, attacks are more sophisticated and they’re better looking attacks. A phishing email from two or three years ago looks much different today, whether it’s with ChatGPT or Microsoft Copilot. They’re easily evading most people’s detection.”

I have gotten several data breach exposure letters over the years, ranging from random parking apps to companies as big as Meta, explaining that my information had been exposed. The letters have tended to disclose what was leaked: email, phone number, credit card information. The companies offer to pay for credit monitoring for six months, but nothing ever actually happens with that data, right?

After some light research, I concluded the Ultimate Medical Academy isn’t quite a traditional university or college. Courses start every two to three weeks, and you can crank out a degree in a year and a half. Frantically, I call the school to try and pin down some answers. The application someone filled out in my name is essentially an extensive registration form. No thought-provoking essays or art portfolios, just some good old personally identifiable information. They were impressively convincing: my correct full name, date of birth, home address and Social Security number. Where they fell off the deep end was the high school; I had apparently been attending Huntsville High School in Alabama until May 2017. I’ve never set foot in the Yellowhammer State.

The school had quoted me more than $30,000 in program fees to attend last fall. Luckily, they were able to shut down my application and make sure no money was distributed.

Then came the dreaded words: “It does look like this user filled out a FAFSA or federal student aid form in your name, and that would be beyond our purview to assist. You would have to consult the federal government to address that.”

According to the Federal Reserve Bank of Boston, the trendiest scam going around right now is synthetic fraud — using a mix of real and fake data to craft highly realistic yet fictitious identities to open bank accounts or take out lines of credit.

Malicious tools like FraudGPT are large language models (LLMs) trained on breach data. A fraudster can use the program to test hundreds of thousands of Social Security numbers in minutes. They can find a legitimate nine-digit combination and associated name with low activity, Ali said. From there, a scammer could open up small lines of credit at community or retail banks, which often have much lower authentication requirements. Once that is successful, the adversarial user can sit on the account and make small purchases. As their ambitions grow stronger, they can open up a higher line of credit at a much larger, more institutional bank. But it will take work; some sort of physical identification will be required. That’s no issue with the help of AI. The scammer could easily create a deepfake driver’s license in minutes.

Then it’s time to bust out, Ali said: If you have a deposit account and several credit lines, you max out all your cards and withdraw all your money. Some fraudsters wait up to five years before busting out. The more accounts you get away with making and the longer they sit, the more legitimate the user looks.

ITRC chief executive officer Eva Velasquez said scammers have discovered creative applications for identity theft or synthetic fraud. As the affordability crisis deepens, identity theft for the purpose of acquiring medical goods and services or prescriptions has also become more mainstream. Stealing someone’s social media account can also be used for monetization. Or applying to college…

To be sure, the most common identity theft use cases are still applying for loans or credit lines and falsely applying for government programs or filing a tax return. And now with a personal chatbot walking you through every step of the process, filling out these forms has never been easier, for both well-intentioned and malicious users.

I’ve been on hold with all kinds of representatives of StudentAid.gov. The damage is worse than I thought: This person applied to 13 colleges in my name and filled out multiple FAFSA forms over the course of more than a year. They had been quoted to receive more than $50,000 in student loans in my name. Why would someone do this, I ask? What was even the point?

The last representative on the phone told me that if they were able to apply to this many colleges in such a short amount of time, AI was almost certainly involved. These lesser-known schools with relatively simple applications are the biggest targets, since acceptance rates are exceedingly high. Some student loans are paid out directly to an individual’s account rather than sent to a university. She told me the organization was seeing a large uptick in these sorts of scams in the last year.

There are some guardrails consumers can implement to protect themselves. Velasquez said everyone should freeze their credit and their children’s credit as a preventative measure. Multi-factor authentication and the usage of password vaults sealed with some sort of passkey biometric login are critical. Bruemmer said setting up free credit reports annually at the three major bureaus — Experian, Equifax and TransUnion — should become a regular habit. Ali said to never use public Wi-Fi unless you’re on a VPN, or virtual private network. Victims of identity theft or other fraud should file a report with the FTC and their local police department.

The troubling reality, however, is that almost anyone with a digital presence has already had their data exposed in a breach. And as breaches are going up, notices informing individual consumers have plummeted more than 79% year over year, according to ITRC.

“The full effects of AI as a targeting tool appeared in the 2025 data,” said ITRC President James E. Lee. “The criminal uses AI to increase their yield (additional data or more valuable data) without increasing their risk (higher number of victims).”

Decisions are made at the state level on when to inform individual victims of a data breach. Some states only require companies to notify victims of data breaches once a minimum threshold of people have been affected. Companies that determine there is no harm in the data being exposed can choose to send nothing at all.

Because it can take years for financial losses to occur after a breach, Ali said more intervention and protection needs to be taken upstream at the institutional level.

And to fight AI, you have to arm yourself with AI. Tamás Kádár, co-founder and chief executive officer of fraud prevention system SEON, said that now fraudsters can create legitimate and sophisticated phishing websites without writing a single line of code. SEON uses more than 5,000 analysts to review transactions of various companies and assess fraud threats. Kádár said the company has an algorithm which uses training data from clients to determine scores which represent their security risks.

Ali said TransUnion uses AI to conduct liveness checks for selfies and see whether they are AI generated. They can then flag that to the bank or institution associated with the account. TransUnion also has access to data from the DMV, public records, and persistent mobile device behavior to train their own models to detect fraud.

While the AIs are off fighting other AIs, I’ve finally been able to contact all the schools “I applied to” and let them know I won’t be in attendance this fall.

My FTC report has been filled out. My credit is frozen, and my FAFSA account is permanently disabled. It’s troubling to know that all my personal data is likely on the dark web forever, and someone could easily try to impersonate me again if they wanted to. But hopefully, my traps will catch them in the act and I can accept this new way of life. In the meantime, my family and I are planning a makeshift white coat with that XL men’s polo from Ultimate Medical Academy. Getting into school isn’t easy!