Home Real-life Cyberattacks Cases

Real-life Cyberattacks Cases

Company defrauded of $26 million using artificial intelligence.


A multinational company was scammed out of nearly $26 million in a fraud using "deepfake" technology, which creates realistic videos using artificial intelligence.

An employee of a company in a Chinese financial centre received "video conference calls from someone impersonating a senior company official and asking him to transfer money to certain bank accounts," police said, quoted by the AFP news agency.

Police received a report of the incident on January 29, by which time around $26 million (24 million euros) had already been lost through 15 transfers.

According to Hong Kong media, the victim worked in the finance department and the criminals impersonated the company's chief financial officer, who is based in the United Kingdom.

arrow icon Full story here.

What prevention measures can be taken to avoid these situations:

Cyberattacks based on deepfakes are becoming increasingly common, especially with the development of AI. In this regard, this type of attack has been demonstrating a growing sophistication by cybercriminals, which underscores the importance of cybersecurity measures as well as the need for awareness and training within organisations to identify and mitigate such threats.

Some cybersecurity practices should be adopted to prevent a deepfake attack situation, such as:

Awareness and training

In all types of cyberattacks on organisations, employee awareness and training are important points to mention, as they are usually the primary targets. It is increasingly crucial to educate employees about the risks associated with social engineering attacks, such as this specific one since the use of deepfakes is expected to become even more common.

Identity verification

In this case, identity verification was a crucial step to prevent the cyberattack. It is essential to establish rigorous identity verification procedures for bank and financial transfers or payment requests, especially when they are conducted through electronic communications.

Monitoring for unusual activities

Implementing security monitoring systems in this situation could have made all the difference. In this sense, they could have implemented these systems to identify unusual or suspicious activities, such as unusual access patterns or unusual payment requests.

Implementation of a multi-level approval system for financial transactions

This system requires that all significant financial transaction requests be approved by more than one person within the organisation, ideally involving different hierarchical levels or departments. In this case, implementing a multi-level approval system would have been crucial, as this approach not only increases security by reducing the likelihood of successful fraud but also promotes a culture of responsibility and vigilance among employees.

This case underscores the importance of various cybersecurity prevention measures, highlighting how continuous awareness and training can strengthen the security culture within organisations, reducing the occurrence of incidents and promoting a rapid response to potential threats. Furthermore, it emphasises the need for rigour in identity verification to prevent unauthorised access and financial fraud, as well as the importance of monitoring unusual activities for early detection of potential threats, contributing to organisational transparency and accountability. Communication encryption is identified as a crucial measure to protect confidential data and maintain compliance with privacy regulations, while access privilege restriction is highlighted as an effective strategy for minimising internal risks and preventing targeted attacks. Multi-level approval systems for financial transactions are presented as a means to reduce the risk of fraud and strengthen an organisational culture focused on security and accountability.

Cybersecurity newsletter

Do you want to receive our newsletter?

Subscribe here

Contact us.

Headquarters

Edifício Atrium Saldanha
Praça Duque de Saldanha, nº 1, 2º andar
1050-094, Lisboa | Portugal
T: +351 21 33 03 740
E: info@integrity.pt

And we are present in 18 more countries across EMEA.
world map
 




Cookie Consent X

Devoteam Cyber Trust S.A. uses cookies for analytical and more personalized information presentation purposes, based on your browsing habits and profile. For more detailed information, see our Cookie Policy.