What is a “Deepfake”?
Artificial Intelligence (AI) technology is evolving rapidly, and scammers are finding new and creative ways every day to use this to their advantage.
An emerging trend that has been affecting businesses this year is the concept of “deepfakes”, particularly with impersonating voices.
Deepfake: A term for media that’s created in order to deceive the viewer. For example, software can take a sample of a voice for just a few seconds and copy the sound and inflection well enough to be able to re-create a sentence that sounds incredibly similar to the original owner’s voice.
Voice recreation is, unfortunately, just the tip of the iceberg. It’s astounding how easily accessible this advanced technology is, and the voice and video combination of this technique over people of power (just as an example) is disturbing to watch.
Why is this Dangerous to my Business?
Typically, the intent behind using this method is for deception, so there are nearly endless possible dangers to businesses regardless of vertical or size.
Imagine being in this situation yourself and getting a phone call seemingly from your panicked CEO demanding that you transfer money or provide documents for an “emergency”. In the moment, it may seem perfectly legitimate and you may in fact feel relieved that you were able to help out.
This is potentially all it takes for someone to have gotten a substantial amount of money or sensitive data from your business: One phone call.
Scammers have done well to learn how to manipulate people in emotional situations, and they have already been successful in tricking businesses with this method.
Not a What-if: This is Happening Today
Reports by the Wall Street Journal state the CEO of an unnamed energy company based out of the United Kingdom fell victim to a situation just like this. Fully unaware that he was speaking with a scammer and not his actual boss (the CEO of the German parent company), he was asked urgently to transfer €220,000 ($243,000) to a Hungarian supplier…and he did.
This alarming new threat paired with Business Email Compromises, which last year alone cost US businesses approximately $1.3 billion, cannot be taken lightly.
What Can I Do to Keep my Business Safe?
With complex threats like these, there is software available that can mitigate risk by detecting unusual behavior, however this cannot be the only line of defense. It is ultimately up to proper end user training and awareness of the company’s security policies.
For example, if there’s a detailed plan in place for certain business processes (i.e. wiring money), then it is much easier for an employee to know when there’s behavior that deviates from that process. In addition to that, having training under their belt that helps them to identify these types of behaviors in the first place or know how to counteract them is crucial.
Unfortunately, one of the biggest threats to any business is an uneducated employee. All it takes is one wrong click.
Do you feel that your team could benefit from End-User Awareness Training? We are here to help!