- Cyber
- Reports
2024 Q3 Cyber Market Update
Midway through 2024, we look at recent cyber attacks, claim frequency and AI's role, as well as predict what's on the horizon.
Artificial intelligence (AI) deepfake cyber crimes involve the use of AI technologies to create realistic but fabricated media — such as images, audio and video —to deceive, manipulate or harm individuals or organizations.
Let's look at some examples and explanations of how these deepfakes are used in cyber crimes.
Impersonation scams. Criminals use deepfake technology to create realistic videos or audio recordings of company executives or financial officers instructing employees to transfer funds or disclose sensitive information. For example, a deepfake video could mimic the voice and appearance of a CEO asking for a large wire transfer, leading to significant financial losses.
Identity theft. Deepfakes can be used to create fake identification documents or profiles, which can then be used to commit fraud. For instance, creating a deepfake passport or driver's license can help criminals open bank accounts, receive tax returns or obtain loans under false pretenses.
Even when all the correct protocols are followed, these losses can occur. Criminals sometimes outsmart best efforts — hence the need to complement strong protocols with a strong insurance program.
Manipulated communications. Deepfake audio or video can be used to generate convincing phishing attacks. A deepfake could simulate a trusted individual's voice or appearance in a phone call or video conference, tricking recipients into providing personal information, login credentials or other sensitive data. And it's not just the voice that's impersonated. The deepfake knows the person's dialect, colloquialisms and intonation, all of which create a more believable scam.
Fake news and misinformation. Deepfakes can be used to create false news stories or misleading information. For example, a deepfake video might falsely depict a public figure making controversial statements, which can spread misinformation, damage reputations or influence public opinion.
Compromising videos. Deepfakes can be used to create fabricated videos of individuals in compromising situations. These videos are then used to blackmail victims, demanding money or other concessions to prevent the video from being released publicly.
Fake incriminating evidence. Criminals can use deepfakes to fabricate evidence of criminal activity. For example, a deepfake video might show a person participating in illegal activities, which can then be used to extort or coerce the individual or their associates.
Kidnapping hoaxes. Deepfakes can make someone believe a family member is in danger unless a ransom is paid. This scam happens quite frequently and highlights the complementary nature of a Kidnap and Ransom policy with a Cyber policy.
Fabricated evidence. Deepfakes can be used to create false evidence that damages an individual's or organization's reputation. For instance, a deepfake video might falsely depict a politician engaging in corrupt behavior, leading to public backlash and political consequences.
Misleading advertising. Companies or individuals might use deepfakes to create misleading advertisements or endorsements. For example, a deepfake video might falsely show a celebrity endorsing a product or service, which can mislead consumers and damage the celebrity's reputation.
Election interference. Deepfakes can be used to influence elections by spreading false information or creating fake videos of candidates making controversial statements. The deepfakes can sway public opinion and impact election outcomes. For example, a deepfake video might falsely show a candidate making racist or inflammatory remarks.
Espionage. Deepfakes can be used in corporate or state-sponsored espionage to create fake evidence or manipulate communications. For instance, a deepfake might be used to impersonate a high-level executive to gain access to confidential information or strategic plans.
Cybercriminals are leveraging deepfake technology and other advanced techniques to enhance the sophistication of their attacks, often bypassing traditional security measures like multi-factor authentication (MFA). Here's how they are using these technologies creatively.
Criminals use deepfake audio to impersonate executives or trusted contacts in phone calls. By mimicking a known voice, they can trick employees or support staff into bypassing MFA or providing authentication codes. For example, if an attacker has access to a phone number and creates a convincing voice deepfake of an executive, they can convince an employee to disclose an MFA code.
Deepfake videos can be used to simulate face-to-face interactions or virtual meetings with high-level individuals. These videos can lead to scenarios where an attacker convinces an employee to provide sensitive information or grant access that circumvents traditional MFA protocols. For instance, a deepfake video of a CEO asking for urgent access to a secure system could trick an employee into bypassing MFA.
Deepfake technology allows for highly personalized phishing attacks. Attackers can create convincing deepfake content tailored to individual targets, increasing the likelihood of success. For example, a deepfake might show a familiar face asking for login credentials or other sensitive information, making the phishing attempt appear more legitimate.
Deepfakes can be used to impersonate trusted contacts, such as business partners or clients. This impersonation can lead to sophisticated phishing schemes where targets believes they're interacting with a legitimate and familiar entity, leading to the disclosure of confidential information or credentials.
Deepfakes can be used to create fake endorsements or misleading information that can influence decision-making or behavior. For instance, a deepfake might falsely show a high-profile individual endorsing a malicious product or service, leading to the compromise of systems or data.
Deepfakes can also cause reputational damage. By creating fabricated videos or images of individuals in compromising situations, attackers can damage reputations and exploit the fallout. This falsified evidence can be used to coerce individuals into compliance or to create distractions that facilitate further attacks.
Deepfakes can be used in business email compromise (BEC) schemes to create highly convincing emails or messages that appear to come from executives or other trusted figures. These messages can request sensitive information, financial transfers or other actions that bypass standard security measures.
Targeted attacks using deepfake technology impersonate key figures within an organization, allowing attackers can conduct highly targeted spear phishing attacks. These attacks can lead to more effective breaches, as the deepfake content is tailored to specific individuals, making it harder for them to detect and resist the attack.
Deepfakes can be used to simulate legitimate security requests, such as requests for system access or data retrieval. For example, a deepfake might mimic a system administrator requesting access to restricted areas, tricking employees into bypassing security protocols.
Attackers can also use deepfakes to test the effectiveness of security training and procedures. By creating realistic scenarios, they can identify weaknesses in an organization's security posture and tailor their attacks accordingly.
Deepfake technology presents significant challenges for cybersecurity and personal safety, enabling cybercriminals to execute more sophisticated and creative attacks, often circumventing traditional security measures. These technologies enhance the effectiveness of phishing, social engineering and manipulation tactics, making it essential for organizations to continuously update their security strategies and remain vigilant against evolving threats.