Level up your tech stack at TechNX.ca (TechNX)
c/o Squall Inc.
P.O. Box 1484, Stn. B
Ottawa, Ontario, K1P 5P6
thankyou@technx.ca
Canada: 1-855-569-6300
Privacy Policy Terms of Use
National Toronto Toronto / GTA Vancouver

Recent Articles

AI-driven attacks growing threat to Canadian companies: KPMG

Fraud is becoming harder to stop as AI makes attacks more sophisticated

Tom Venetis AI AI National Mar. 3 2026
Tom Venetis Managing editor, new publications
Marilyn Abate, partner in KPMG Canada’s Risk Services practice. (Courtesy KPMG Canada)

AI-driven fraud is emerging as a major threat to Canadian businesses of all sizes, according to a survey by KPMG Canada.

Conducted between Feb. 4-13 with Angus Reid Group, the survey polled 251 Canadian companies about the instances of fraud they had experienced.

It found 72 per cent of the companies reported losing up to five per cent of annual profits from fraud driven by AI.

Fifty-five of the companies surveyed have annual gross revenues between $300 million to $1 billion; 23 per cent have over $1 billion; and 22 per cent have between $50 million to $299.9 million. 

Marilyn Abate, a partner in KPMG Canada’s Risk Services practice who specializes in fraud and forensic investigations in the financial services industry, told TechNX such fraud includes not just the familiar phishing scams, but those where AI is being used to create fake businesses, false emails and deep fake video conference calls to breach corporate defences.

According to the survey, 81 per cent of the companies that reported experiencing fraud in the past year said those frauds were driven by AI. Seven-in-10 added they were targeted more than once by AI-driven fraud attacks.

The growing threat of AI attacks

The Ottawa-based Canadian Centre for Cyber Security has issued its own report, which raises similar concerns. The centre's Ransomware Threat Outlook 2025 to 2027 report found generative AI is being used by a growing number of criminal groups to deploy sophisticated malware attacks, create deep fakes and for social engineering to overcome barriers in companies.

According to Cyber Centre, the instance of AI-driven ransomware attacks “continues to increase and evolve rapidly” and that “all organizations, as well as individuals, in Canada almost certainly risk being targeted by ransomware... and no organization is immune to cyber incidents.”

KPMG Canada found the range of AI-driven attacks hitting Canadian firms is broad. The most common attacks were AI-generated phishing emails/chats (60 per cent), deepfake documents (39 per cent) and voice‑clone executive impersonation calls (24 per cent).

RBC Canada in a just-released poll found Canadians also are worried about these kinds of AI-driven fraud schemes. Some 87 per cent of Canadians in the RBC poll said it is getting harder to know whether an ad is real or a scam and 75 per cent feel it is getting tougher to tell if a business' website is legitimate when shopping online.

Nearly 40 per cent added they do not feel confident they can spot an AI-powered scam directed at them and 68 per cent said AI will eventually make scams impossible to detect.

The consequences of a successful attack are more than monetary, Abate added. “There is a potential loss of future customers, litigation risks and the legal costs associated, and even losing confidence in the employees, because it’s very stressful for employees to go through something like that.”

With the growing recognition of the dangers posed by these AI-driven threats, six-in-10 of the companies surveyed plan to increase their fraud prevention strategies, and increase fraud detection budgets by up to seven per cent this year. 

Training staff on AI fraud threats

Abate said while technology can certainly help companies protect themselves from AI-driven fraud, the best defence is a combination of yearly reviews of security systems in place and regular training of staff.

“The best defence, and the one that has proven most successful, is training across the enterprise, across all levels of employees,” Abate said. “Especially the ones in the front lines with customers or those facilitating payments. Training has been and is the key to success.”

She added while no defence is perfect, when a breach happens, that is a good time to review a company’s security measures, technological and human resources.

“If you have had an incident, then it is time to revisit your measures,” she continued. “You start with a root cause analysis, looking to understand how it happened, what controls were circumvented, and refresh your training at that point as well. You may even want to do this more than once a year.”

Some 81 per cent of companies said they now conduct employee fraud awareness training every six to 12 months.

KPMG Canada also recommends, amid this new age of AI-driven fraud attacks:

  • Think of fraud prevention not just as a technology issue, but as a strategic capability that incorporates governance, talent, and accountability;
  • Avoid incrementally enhancing existing pre-AI operating models and relying on point-in-time checks;
  • Instead, utilize continuous, risk-based controls to prevent, detect, and disrupt fraud earlier in the lifecycle

Category: AI   Security   Economy  

Tags: AI   Cybersecurity   Fraud   KPMG  

Location : National  

Tom Venetis Managing editor, new publications

Industry Events

Subscribe to our newsletter

Sign up to the TechNX email newsletter to receive daily industry news, breaking news and TechNX updates.

Follow us on Social Media

Follow TechNX on your favorite social media platform for news delivered to your feed.

Advertise with Squall

TechNX advertisements reach thousands of Canadian professionals every day.

Get a Media Kit
National Toronto Toronto / GTA Vancouver
TechNX
TechNX • Level up your tech stack at TechNX.ca
 P.O. Box 1484, Stn. B
Ottawa, Ontario
K1P 5P6
Canada: 1-855-569-6300
Ottawa: 613-569-6300
Email: thankyou@technx.ca
© 2026 Squall Inc.
About UsPrivacy PolicyEditorial PolicyTerms of UseContact Us