Home Real-life Cyberattacks Cases
A multinational company was scammed out of nearly $26 million in a fraud using "deepfake" technology, which creates realistic videos using artificial intelligence.
An employee of a company in a Chinese financial centre received "video conference calls from someone impersonating a senior company official and asking him to transfer money to certain bank accounts," police said, quoted by the AFP news agency.
Police received a report of the incident on January 29, by which time around $26 million (24 million euros) had already been lost through 15 transfers.
According to Hong Kong media, the victim worked in the finance department and the criminals impersonated the company's chief financial officer, who is based in the United Kingdom.
Full story here.
Cyberattacks based on deepfakes are becoming increasingly common, especially with the development of AI. In this regard, this type of attack has been demonstrating a growing sophistication by cybercriminals, which underscores the importance of cybersecurity measures as well as the need for awareness and training within organisations to identify and mitigate such threats.
Some cybersecurity practices should be adopted to prevent a deepfake attack situation, such as:
Awareness and training
In all types of cyberattacks on organisations, employee awareness and training are important points to mention, as they are usually the primary targets. It is increasingly crucial to educate employees about the risks associated with social engineering attacks, such as this specific one since the use of deepfakes is expected to become even more common.
Identity verification
In this case, identity verification was a crucial step to prevent the cyberattack. It is essential to establish rigorous identity verification procedures for bank and financial transfers or payment requests, especially when they are conducted through electronic communications.
Monitoring for unusual activities
Implementing security monitoring systems in this situation could have made all the difference. In this sense, they could have implemented these systems to identify unusual or suspicious activities, such as unusual access patterns or unusual payment requests.
Implementation of a multi-level approval system for financial transactions
This system requires that all significant financial transaction requests be approved by more than one person within the organisation, ideally involving different hierarchical levels or departments. In this case, implementing a multi-level approval system would have been crucial, as this approach not only increases security by reducing the likelihood of successful fraud but also promotes a culture of responsibility and vigilance among employees.
This case underscores the importance of various cybersecurity prevention measures, highlighting how continuous awareness and training can strengthen the security culture within organisations, reducing the occurrence of incidents and promoting a rapid response to potential threats. Furthermore, it emphasises the need for rigour in identity verification to prevent unauthorised access and financial fraud, as well as the importance of monitoring unusual activities for early detection of potential threats, contributing to organisational transparency and accountability. Communication encryption is identified as a crucial measure to protect confidential data and maintain compliance with privacy regulations, while access privilege restriction is highlighted as an effective strategy for minimising internal risks and preventing targeted attacks. Multi-level approval systems for financial transactions are presented as a means to reduce the risk of fraud and strengthen an organisational culture focused on security and accountability.