iStockphoto / Tero Vesalainen
In a move that is certain to put everyone with access to large sums of money on high alert, a group of deepfakes scammers duped a Honk Kong-based employee into sending them $25.6 million (200 million Hong Kong dollars) after a conference call where the scammers used deepfake technology to appear as high-level employees at their multi-national firm.
Initially, the unnamed employee was skeptical after receiving an email requesting a ‘secret transaction’ be carried out. The employee suspected it was a phishing attempt but agreed to a video call with the scammers.
On the video call, they grew confident that it was the company’s chief financial officer from their UK branch. After all, the people on the call looked and appeared to be the employee’s colleagues. In reality, they were using deepfake technology to scam the employee into sending them 200 million Hong Kong dollars, or $25.6 million USD.
Baron Chan Shun-ching, a senior superintendent in China, told RTHK “(In the) multi-person video conference, it turns out that everyone (he saw) was fake.”
It was only after the employee checked in with their head office that the scam was realized and by that point it was too late to recover the missing millions.
Are these attacks from deepfakes scammers the tip of the iceberg?
The public has been aware of the dangers posted by deepfake technology for years. At this point, the best weapon we (the public) have at our disposal to combat the rising wave of deepfakes attacks and scams is technological literacy.
Knowing how to spot deepfake scams is crucial to stopping them before it’s too late. But even the largest tech companies in Silicon Valley are ill-equipped to handle deepfake attacks.
Case in point, the AI-generated Taylor Swift deepfakes that were widely shared across Elon Musk’s X at the end of January.
The disturbing and disgusting images were shared so fast and wide that X shut down the ability to search ‘Taylor Swift’ on the social network. That, of course, was just a tiny bandaid on a large wound as users were still able to search ‘Swift Taylor’ or any other number of variations.
Currently, there are robust tools like Sensity.AI and others that are designed to catch AI powered deepfake technology in action. But the general public still seems very naive to how scammers are incorporating deepfake tech into attacks.
Trust but verify. That is the safest path forward.