How to Beware of Deepfake Frauds

Frauds have been around for years around the globe, from phone scams to phishing emails. However, fraudsters have taken scamming to a new level with deepfake technology. Recently, two consecutive deepfake frauds in Hong Kong were USD 25 million and USD 0.5 million respectively.

The fraudsters collected the footage and audio of the multinational firm’s top management. They impersonated the Chief Financial Officer (CFO) to contact an employee through messaging or phishing emails, requesting a video call. During the video call, the deepfake “CFO” ordered the employee to carry out a secret transfer of a huge amount of money to a designated bank account. The employee put aside his doubt as the profile picture of the WhatsApp account matched his CFO, and most importantly, the person in the video call had the same face and voice as his CFO. He only realised it was a scam until he made the transactions and checked with his company afterwards.

The term “Deepfake” is coined from “Deep Learning” and “Fake”. By collecting video and audio materials for artificial intelligence (AI) to study, fraudsters can do face swaps and voice spoofs to forge new video and audio clips that look extremely real. They can input whatever text and script they need and the deepfake technology will do the rest of the job in making sure they look authentic. It is often hard for victims to smell anything suspicious as fraudsters tend to keep video calls short with solid excuses so no deeper conversations can be done that might expose themselves to be AI.

While AI has given us a lot of benefits, it has become a powerful and dangerous tool in the hands of fraudsters and scammers. They no longer randomly search for victims but target large firms to get a bigger bite. Any individual or firm can become a victim so it is always important we stay alert. It is easy to get a clip of a CxO of a large firm, but it is also equally easy to steal the face and voice of any individual. By sending someone a Facetime request, fraudsters can capture the materials they need within the first few seconds of the call being picked up. Once they make a new deepfake clip out of it, they can impersonate anyone and approach the contacts in his phonebook to borrow money. Many have reported to have fallen victim to such cases already.

To prevent from being scammed, do not accept Facetime requests from strangers. You can even consider disabling the Facetime function on your phone. Never disclose your personal information when you pick up suspicious calls. At work, when you receive wire transfer instructions from management, verify with them via other means such as email or instant messaging tools. When making video calls, make longer conversations to authenticate their identities, or even request them to perform certain actions or gestures to check if they are AI.

Cybersecurity is equally important for personal bank accounts. iFAST Global Bank will never ask you to share your account details like email address, login name and password. We will never ask you to make any transfers to another account. If you suspect your account is compromised or you are exposed to a data leak, contact us through our live chat or email us at customerfraudsupport@ifastgb.com.

Always stay vigilant and you will be able to stay away from scams.