Traffic lights are one of those pieces of street furniture you probably don’t think about all that much until you’re stuck waiting at them. They all serve the same core purpose of letting vehicles know when it’s safe to move ahead or not, but there’s more variation among them than you might expect. Some traffic lights have two red arrows, others have a blinking green light, and one traffic light in New York even has upside down green and red lights thanks to protests by resident Irish immigrants.
You might also notice that some traffic lights are surrounded by yellow borders that usually stretch between 1-3 inches around the edge of the signal. These reflective yellow borders are installed to boost their visibility at night, making them more instantly recognizable by tired or distracted drivers. They also help drivers with color vision deficiencies spot them quicker. As a bonus, a reflective border will remain visible even when the lights are inoperative due to a power outage, which helps warn all drivers that there’s an intersection ahead.
Installing a reflective border is one of the cheapest ways to boost the visibility of a traffic light, but research has shown that it makes a notable difference to road safety. In fact, one 2005 study found that intersections where traffic lights had reflective borders installed saw a 15% decrease in crashes.
Other subtle safety-centric traffic light differences
Pixel-Shot/Shutterstock
Even a traffic light that doesn’t have a noticeable visual difference like a reflective yellow border might still be different to a light that’s just down the road. Another tactic employed by transport agencies to boost road safety is adjusting the amount of time each traffic light’s yellow light phase lasts.
The goal is to give drivers enough time to recognize the yellow light and slow down without making it last so long that drivers start to treat it as an extension of the green light. Too long or too short and the risk of drivers running red lights increases, which can lead to a higher rate of crashes. There’s no one set ideal period of time for a yellow light to last, since it depends on a range of factors like the overall layout of the intersection, the speed of the surrounding roads, and the speed that drivers will need to slow down to in order to make their turn safely.
New Visa research says AI-accelerated scams are the “fastest growing source of consumer harm.”
Fraud is shifting from credential theft and account hijacking to social engineering tactics.
Visa outlines what consumers and businesses need to do to meet these threats.
While AI’s vast potential to improve security, ramp up productivity, and reduce operational costs is being explored by countless companies, the technology is also being weaponized by cybercrooks involved in fraud and financial crime.
A new report from Visa says AI is reshaping both cyberattack and defense tactics and, specifically, is compressing the fraud cycle, making it easier to dupe consumers into authorizing malicious transactions.
AI accelerates ClickFix-like fraud
Remember ClickFix? It’s a social engineering technique, popularized in recent years, that bypasses traditional phishing defenses by exploiting psychological vulnerabilities.
In ClickFix attacks, victims are lured into performing a malicious action themselves by being presented with a problem to solve — a problem that has an easy solution. For example, you may come across a fake malware alert on a website that urges you to open up a command prompt, copy and paste a code, and submit it to fix a PC “issue” in only a few steps.
In reality, this “solution” leads you to execute malicious commands yourself, resulting in malware deployment, data theft, and more.
Standard digital defenses can’t prevent us from performing malicious or destructive actions ourselves, which makes this social engineering tactic far more effective than basic drive-by downloads or standard phishing campaigns.
Apply this to finance, and the problem is this: If you authorize a transaction (fraudulent or otherwise), the responsibility lies with you — and you will most likely bear the financial cost.
Payment fraud can cost you dearly. Now that financial institutions are well aware of the risks posed to consumers by online scams, phishing, and social engineering, they often implement stringent security controls for large financial transactions.
You may have to authorize payments before a payment request is accepted, such as by verifying yourself through an app, providing a one-time passcode, or clicking confirm.
As a consequence, fraudsters are adopting AI and social engineering to “manipulate people into authorizing payments themselves,” according to the report, which includes using AI-generated scam content, voice impersonation, and deepfake media, to “increase both the reach and perceived credibility of scams when exploited by actors with malicious intent.”
In other words, AI is being used to generate sophisticated content that appears to come from a legitimate, trustworthy source — such as your bank — which is convincing enough for you to pay up and authorize a fraudulent transaction, thereby stripping yourself of the ID theft and banking crime guarantees that you are normally protected with by your financial provider.
Visa says this is forcing a shift from “detect stolen credentials” to “detect and disrupt deception” for financial institutions; for the rest of us, it’s a behavioral and awareness issue that must be tackled.
The red flags to watch out for
From July to December 2025, Visa detected nearly $1 billion in scam-related activity, including impersonation of trusted brands and companies, scams and phishing campaigns laced with financial urgency, and deception that led unwitting victims to complete transactions that appeared legitimate on the surface, but actually resulted in financial loss.
We at ZDNET have monitored scam trends for years, and whether or not AI is involved, these are some common patterns and practices to watch out for:
1. Cold calls
Scammers often pretend to work for trusted companies, such as your bank or wireless provider. They may try to lure you with a discount or free service in return for verification codes or account details, or they may request payment to resolve an “unpaid” bill. If you’re being cold-called, hang up. If you believe the call may be legitimate, use an official communication channel — such as the organization’s website — to confirm before you hand over a single dollar.
2. ClickFix-like tactics
ClickFix attacks are successful because they appeal to people’s problem-solving tendencies. They outline an issue and promise a quick fix with just a few steps. This can apply to financial fraud, too. Imagine you receive an email from your bank demanding an overdue payment and a discount if you act quickly — the message outlines three steps, including a link to pay or a QR code to scan, and one of the steps requires you to authorize a transaction. It causes panic and seems simple to fix, but it’s fake. Take a step back before you make any payments, think rationally, and verify through an official channel, such as your bank’s customer service line or support desk.
Financial fraud often tries to make you feel panic so you make irrational decisions, and, unfortunately, may also abuse you by engaging your emotions over the long-term. Romance scams often lead to investment and financial fraud. If someone you’ve never met asks you for money, simply say no.
4. Nearly genuine appearance
One issue surrounding the AI is the sheer volume of AI-generated content, much of which is difficult to distinguish from real, legitimate content, including emails, images, audio, and video. If we can create images, photos, or even a more professional-sounding email using an AI assistant, remember that cybercriminals have the same tools at hand.
Ever see a strange news report on social media and question its legitimacy, or suspect it might be “AI slop“? Apply that same skepticism. Even when an email looks genuine, if any financial change or payment is requested, go through an official channel to confirm it is what it appears to be.
The solution for organizations is speed
As Visa notes in its report, building advanced scam detection networks and adopting AI-backed solutions to detect and flag impersonation, social engineering, or unusual transactions can all boost fraud prevention, but speed is the key ingredient.
Now that AI is being used for everything from social engineering to vulnerability discovery, reconnaissance, and network intrusion at a pace faster than we can defend against, businesses can’t rely on time-consuming, manual processes to handle their cybersecurity requirements or protect consumers. (Mandiant has also provided technical guidance on this topic recently.)
If AI is being weaponized, using automation — and potentially AI assistants, too — is the required shift to keep up. Automation can also take over time-consuming tasks, such as triage, freeing cybersecurity professionals to detect and respond to cyberattacks more effectively. Large language models and automated tools can complete tasks far more rapidly than humans can; as long as these tools are properly supervised, defenders can be better equipped to combat modern threats.
“The rapid adoption of AI has fundamentally changed the economics of fraud,” says Michael Jabbara, SVP, Payment Ecosystem Risk and Control at Visa. “What once required deep technical skill can now be executed with a prompt. That reality makes intelligence-driven defenses and coordinated action across the ecosystem more critical than ever.”
Acting quickly can help protect consumers from being scammed and may also give them the time they need to step back and consider whether they should OK that payment after all.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
