![\"\"](\"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-content\/uploads\/sites\/115\/2022\/02\/960x0.jpeg\")
FBI warning<\/em> https:\/\/www.forbes.com\/sites\/glenngow\/2021\/05\/02\/the-scary-truth-behind-the-fbi-warning-deepfake-fraud-is-here-and-its-serious-we-are-not-prepared\/?sh=5834dbeb3179<\/figcaption><\/figure><\/div>\n\n\n\n
In March 2021, the FBI released a warning about the rising threat of synthetic content. The FBI warns that attackers use deepfake technology to create highly realistic spearphishing messages. It is expected that attackers will supplement voice spearphishing attacks with audio deepfakes aimed at persuading a specific individual to share or allow access to personal or corporate information. Additionally, the FBI warned about Business Identity Compromise (BIC)- a new cyberattack vector that evolves from Business Email Compromise(BEC). BIC uses audio deepfakes to create “synthetic corporate personas” or impersonates existing employees to elicit fraudulent funds transfers.<\/p>\n\n\n\n
![\"\"](\"https:\/\/wpsites.ucalgary.ca\/isec-601-f21\/wp-content\/uploads\/sites\/115\/2022\/02\/03Ziw34njaGkafJTHFYQwdY-1.fit_scale.size_1028x578.v1645027028-1024x576.jpg\")
More recently, the FBI issued another warning about an increase in fraudsters exploiting virtual meeting platforms. Some schemes involve impersonating company executives using deepfake technology in video meetings by hijacking their video meeting accounts. The rise of video conferencing during the pandemic has given cybercriminals a new avenue to trick employees into wiring company funds.<\/p>\n\n\n\n
Deepfakes as a threat to organizations<\/h3>\n\n\n\n
An employee of a UK CEO was defrauded into transferring US$243,000 to a Hungarian supplier’s bank account by a voice fake in 2019. It is believed that the threat actors used commercial voice-generating software to carry out the attack. This was the first known example of a deepfake being used in a scam.
<\/p>\n\n\n\n
In 2021, A manager at the bank received a phone call from one of the bank’s directors asking for a $35 million transfer to fund the acquisition. In reality, it was not the director who called. It was a deepfake of the director’s voice. \u00a0By the time the bank became aware of the error, the funds had already been lost.
<\/p>\n\n\n\n
Deepfake technology is becoming more accessible and easier to use, posing greater risks to organizations. Millions of dollars have already been scammed with audio deepfakes, and the deepfake technology\u00a0is expected to get more sophisticated.\u00a0Moreover, deepfakes are not limited to spearphishing attacks or BICs.\u00a0There have already been video deepfakes that bypass facial recognition technology, and they will soon be able to bypass voice recognition technology as well.\u00a0With technology that can fool authentication factors, such as biometrics, there is a much greater risk of security compromise. Organizations should update their security protocols as the potential risk grows.<\/p>\n\n\n\n
How to protect Against Deepfake Attacks<\/h3>\n\n\n\nEmployee Training<\/h4>\n\n\n\n
Strengthen your first line of defence against deepfakes by training staff to spot them<\/p>\n\n\n\n
Trust but Verify<\/h4>\n\n\n\n
To detect an attack before it can cause any harm, implement protocols that specify verification procedures for suspicious communications<\/p>\n\n\n\n
Automated Detection<\/h4>\n\n\n\n
Automated detection can also be achieved with the same algorithms used to create deepfakes<\/p>\n\n\n\n
Response Strategy<\/h4>\n\n\n\n
Deepfakes should be handled in incident response plans, and stakeholders need to know how to respond when they are attacked<\/p>\n\n\n\n
References<\/h3>\n\n\n\n
https:\/\/www.entrepreneur.com\/article\/414109<\/a><\/p>\n\n\n\n https:\/\/www.forbes.com\/sites\/glenngow\/2021\/05\/02\/the-scary-truth-behind-the-fbi-warning-deepfake-fraud-is-here-and-its-serious-we-are-not-prepared\/?sh=5834dbeb3179<\/a><\/p>\n\n\n\n https:\/\/www.pcmag.com\/news\/fbi-dont-fall-for-this-money-transfer-video-chat-scam?amp=true<\/a><\/p>\n\n\n\n https:\/\/www.accdocket.com\/deepfakes-get-deeper-security-risks-heighten<\/a><\/p>\n\n\n\n https:\/\/www.pandasecurity.com\/en\/mediacenter\/technology\/deepfake-fraud\/#:~:text=Deepfakes%20are%20videos%2C%20images%20or,been%20manipulated%20by%20AI%20technology.&text=This%20has%20become%20a%20growing,of%20misinformation%20and%20fraud%20scams<\/a><\/p>\n\n\n\n