Multinational company loses $25 million to deepfake scam
The company’s name has not been disclosed yet.
Deceived by digitally manipulated replicas of colleagues during a conference call, a finance worker in Hong Kong executed transactions totalling $200 million HKD (about $25 million).
The employee initially raised concerns about phishing after receiving an email last month purportedly from the firm’s UK-based chief financial officer. However, the employee was later convinced upon attending a conference call with the CFO and other colleagues. Authorities disclosed that the scammers utilised publicly available footage of the CFO and other employees to fabricate convincing deepfake images, with the victim being the sole authentic participant in the conference call. Under the guise of legitimate instructions, the employee then executed the transactions.
Why does it matter?
Research indicates a concerning lack of preparedness among individuals in discerning deepfakes, with a survey by iProov revealing that 43% of respondents felt unable to distinguish between real videos and deepfakes. Moreover, a study published in the Journal of Cybersecurity indicated a mere 62% accuracy rate among participants tasked with identifying AI-generated faces versus real human faces.
The proliferation of deepfake scams is evident, with Onfido, an identity verification company, reporting a staggering 3,000% surge in deepfake fraud attempts between 2022 and 2023. Moreover, Gartner’s forecast suggests a looming crisis in facial biometric authentication solutions by 2026 due to escalating deepfake injection attacks.
The repercussions of deepfake technology extend beyond financial losses, as evidenced by previous instances such as a Japanese company’s $35 million loss in 2020 due to AI-cloned voice manipulation and $75 million acquired by fraudsters in China through fake tax invoices in 2021.
With deepfake scams rising, heightened vigilance and proactive measures are imperative to mitigate risks and protect against financial losses.