Connect with us

Hi, what are you looking for?

Top Stories

Editor's Pick

On Zoom, ‘You’re on mute’ is now ‘Are you real?’

IS THE BOSS who’s giving you an order real or just realistic? Deepfakes are now taking Zoom calls to another level of awkwardness, by making us question whether our co-workers are genuine. A finance worker in Hong Kong transferred more than $25 million to scammers after they posed as his chief financial officer and other colleagues on a video conference call, marking perhaps the biggest known corporate fraud using deepfake technology to date. The worker had been suspicious about an e-mail requesting a secret transaction, but the scammers looked and sounded so convincing on the call that he sent the money.

Corporate IT managers have spent more than a decade trying, often fruitlessly, to train office workers to spot phishing e-mails and resist the urge to click on dodgy attachments. Often hackers and fraudsters need just one person out of hundreds to inadvertently download the malware needed to tunnel into a corporate network. With AI-powered video tools, they’re moving into territory we have considered safe, underscoring how quickly deepfake technology has developed in just the last year. While it sounds like science fiction, such elaborate frauds are now relatively easy to set up, ushering us into a new age of skepticism.

The fraud in Hong Kong almost certainly used real-time deepfakes, meaning that the fake executive mirrored the scammer as they listened, talked and nodded during the meeting. According to David Maimon, a criminology professor at Georgia State University, online fraudsters have been using real-time deepfakes on video calls since at least last year for smaller-scale fraud including romance scams.

Maimon posted a video to LinkedIn (David Maimon on LinkedIn: #bankaccounts #bankaccount #passport #usa #passports #data #money #markets… 14 comments [https://tinyurl.com/2bax7xd7]), showing a demo from developers who are selling deepfake video tools to potential fraudsters. In it, you can see the real image of a man on the left and his fake persona on the right, a beautiful young woman scamming the male victim in the middle.

This is uncharted territory for most of us, but here’s what the Hong Kong victim could have done to spot the deepfake, and what we’ll all need to do in the future for sensitive video calls:

Use visual cues to verify who you’re talking to. Deepfakes still can’t do complex movements in real time, so if in doubt, ask your video conference counterpart to write a word or phrase on a piece of paper and show it on camera. You could ask them to pick up a nearby book or perform a unique gesture, like touching their ear or waving a hand, all of which can be difficult for deepfakes to replicate convincingly in real-time.
Watch the mouth. Look out for discrepancies in lip syncing or weird facial expressions that go beyond a typical connection glitch.
Employ multi-factor authentication. For sensitive meetings, consider involving a secondary conversation via e-mail, SMS, or an authenticator app, to make sure the participants are who they claim to be.
Use other secure channels. For critical meetings that will involve sensitive information or financial transactions, you and the other meeting participants could verify your identities through an encrypted messaging app like Signal or confirm decisions such as financial transactions through those same channels.
Update your software. Make sure that you’re using the latest version of your video conferencing software in case it incorporates security features to detect deepfakes. (Zoom Video Communications did not reply to questions about whether it plans to make such detection technology available to its users.)
Avoid unknown video conferencing platforms. Especially for sensitive meetings, use well-known platforms like Zoom or Google Meet that have relatively strong security measures in place.
Look out for suspicious behavior and activity. Some strategies stand the test of time. Be wary of urgent requests for money, last-minute meetings that involve big decisions, or for changes in tone, language or a person’s style of speaking. Scammers often use pressure tactics so beware of any attempts to rush a decision too.

Some of these tips could go out of date over time, especially visual cues. As recently as last year, you could spot a deepfake by asking the speaker to turn sideways to see them in profile. Now some deepfakes can convincingly move their heads side to side.

For years fraudsters have hacked into the computers of wealthy individuals, hoovering up their personal information to help them get through security checks with their bank. But at least in banking, managers can create new processes to force their underlings to tighten up security. The corporate world is far messier, with an array of different approaches to security that allow fraudsters to simply cast their nets wide enough to find vulnerabilities.

The more people wise up to the possibility of fakery, the less chance the scammers will have. We’ll just have to pay the price as the discomfort of conference calls becomes ever more agonizing, and the old Zoom clichés about your peers being on mute morph into requests for them to scratch their noses.

BLOOMBERG OPINION

You May Also Like

Forex

As the world seeks sustainable and energy-efficient solutions for heating and cooling, the heat pump market is experiencing a significant surge. According to the...

Forex

The introduction of aggressive climate objectives by global economies and growing prospects for reducing carbon emissions are driving the growth of the district heating...

Editor's Pick

STOCK PHOTO Image by 165106 from Pixabay CANBERRA – Around 16,000 livestock remained in limbo aboard an export ship at an Australian port on Friday, having...

Economy

<?xml encoding=”utf-8″ ?????????> Aston Martin is currently in discussions with bankers regarding the management of its substantial £1.1bn debt burden, confirmed Lawrence Stroll, the...

Disclaimer: SecretsOfRichDads.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice.
The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024 Secrets Of Richdads. All Rights Reserved.