While ransomware gangs are increasingly targeting insiders, offering employees large payouts in exchange for account access. The Bank of Thailand has issued new AI risk management guidelines, emphasizing data protection.

One of the major information security trends of 2025 is the rapid development and adoption of social engineering attacks. Some criminals exploit third-party managed services, pretending to be employees; others are actively looking for insiders to obtain access to a privileged account.

A recent example came from Brazil, where an IT worker sold his credentials for almost $2,700. In that story, criminals were able to steal more than $100 million.

This trend shows no signs of slowing down. In another case, a BBC employee was contacted by a ransomware group that offered payment in exchange for helping launch an attack on the company. The criminals proposed buying the employee’s credentials in return for a share of the potential ransom.

This time criminals contacted cybersecurity journalist Joe Tidy via encrypted messenger Signal. From the start they offered him 15% of the potential ransom for access to his account and help with the multi-factor authentication pass. To persuade him, they highlighted the ransom amount, which could reach tens of millions of dollars. Later they almost doubled their offer by increasing Joe’s share to 25%. They said that his cut would be so substantial he could quit his job and never work again.

As a part of the negotiation process, criminals mentioned several incidents with other companies, allegedly hacked with the help of rogue employees. Later, they tried an MFA-bombing tactic, when the target’s phone is flooded with MFA authentication requests. The goal is to annoy the person with constant spam so the individual will accidentally or emotionally click on one of the requests.

In the end, Joe Tidy contacted BBC’s security team and was temporarily disconnected from all corporate services, including intranet, email, and other business tools. This story has a happy end with zero financial losses.

This incident is a perfect example that within the actual business landscape it is impossible to ensure the safety of IT infrastructure with the help of traditional tools like firewalls or antivirus solutions. Criminals increasingly exploit the human factor in their attacks. There are a lot of cases where disgruntled employees or financially motivated workers facilitated attacks and data breaches. Sometimes they even were the root cause of these attacks. To detect such threats, businesses should implement advanced internal protection solutions, like Risk Monitor, a Next-Gen Data Loss Prevention (DLP) tool. It safeguards against data leaks and corporate fraud.

And the next major news is coming from Thailand. Earlier this month, the Bank of Thailand officially published AI Risk Management Guidelines for Financial Services Providers. The guidelines are affecting all financial services providers, including payment providers and special financial institutions. Regulations are applied to both in-house developed AI systems and third-party developed solutions.

To sum up the AI Risk Management Guidelines for Financial Services Providers, it has two main chapters. The first one is dedicated to governance and AI risk management. The main idea is to establish efficient and reliable human oversight on AI tools. AI usage should be ethical and transparent. Financial companies should pay dedicated attention to the integration of AI into clients’ experience. Customers should be provided with a choice to contact a real person.

However, the second part focuses on ensuring data safety in the process of model training and AI deployment and sets up requirements for protection against cyber threats.

Organizations need to ensure that the logic behind their AI systems is transparent. Models should be able to show the reasoning steps that lead to a result, not just the final answer. At the same time, outputs should be tied to trusted data sources to reduce the risk of false or misleading information (often called “hallucinations”). Companies should also put safeguards in place for both inputs and outputs to prevent the release or exposure of sensitive or harmful content.

Special measures should also be applied to a deployed AI model. Companies should implement system access rights controls to control AI access to critical data. Data protection measures should be applied during the whole AI lifecycle, from data preparation to system operation. Such measures should include:

• Data masking,
• Data hashing,
• Input sanitization.

The guidelines also mention that financial services companies should deploy a Data Loss Prevention (DLP) system to cover AI-generated outputs, preventing data breaches.

As you can see, the Bank of Thailand formed a comprehensive security framework, which sets up a borderline basis for safe and secure usage of AI for financial organizations. Such measures can hardly be perceived as excessive because in the end the financial sector is based on trust. Trust between customers and financial organizations is the first turn, as any incident could have a major impact on an individual, be it exposure of personal data, credit history, or other sensitive data.

At SearchInform we know the real value of data. Its safety and confidentiality are our job. To support this mission, we have developed Risk Monitor, a Next-Gen DLP solution. It goes beyond preventing accidental or intentional data leaks—it also helps detect and prevent corporate fraud while improving overall business efficiency.

Risk Monitor classifies data, marks files with confidentiality labels according to the company’s security policies, and automatically manages user access rights to safeguard confidential data. As a unified platform, the solution provides robust protection against data breaches, internal threats, and other business risks.

Contact us today and book a complimentary security audit.