Former hacker Brett Johnson, who once made over $100,000 a month stealing identities and selling credit cards on the dark web, now warns of a new era of cybercrime that is more organized, sophisticated, and dangerous than ever before. After spending over a decade in the criminal underground, Johnson has since turned his expertise toward helping the Secret Service and private companies fight cybercrime. In a recent interview with Business Insider, he highlighted three emerging threats that are rapidly evolving and could soon overwhelm current defenses. First, the deepfake problem is just beginning. Johnson says that AI-generated videos and voice recordings are now so realistic that they can convincingly impersonate trusted individuals—family members, bosses, or even law enforcement. He warns that we may soon reach a point where we can no longer trust what we see or hear online. A recent case involved a finance clerk who was tricked into authorizing $25 million in overseas transfers during a video call that appeared to include his real coworkers—except every person on screen was a deepfake. AI tools can now mimic speech patterns, facial expressions, and even personal mannerisms, making scams faster and harder to detect. Second, scam farms are operating like corporate factories. These are large-scale operations—often housed in buildings with dozens of workers—where individuals are frequently trafficked or coerced into running fraud schemes. These farms run like shift-based businesses, with supervisors managing teams that execute scams in real time. One common tactic is “pig butchering,” a long-term romance scam where victims are emotionally manipulated into investing large sums of money into fake cryptocurrency ventures. Ahmet Tozal, a victim from Turkey, lost a year’s salary after falling for such a scam, eventually relocating to Uzbekistan to find work. Johnson notes that this level of organization is far beyond the loose networks of hackers from the 90s and early 2000s. Third, synthetic identity theft is becoming the dominant form of fraud. Unlike traditional identity theft, synthetic identities blend real data—like a Social Security number—with fabricated details to create a completely fake person. Because this identity doesn’t exist in reality, it’s nearly impossible to detect. Johnson says synthetic fraud accounts for 80% of new account fraud, 20% of credit card chargebacks, and 5% of total credit card debt. Once established, these fake identities can open bank accounts, secure loans, and launder money—often going undetected until the accounts vanish. To protect yourself, Johnson advises practicing situational awareness online, freezing credit for everyone in your household, setting up account alerts, using strong and unique passwords, enabling multifactor authentication, and being cautious about what you share on social media. With cybercriminals now able to buy tutorials, tools, and even live training online, the barrier to entry for fraud has never been lower. The only defense, he says, is constant vigilance and proactive security.