The evolution of technology used for cybercrime is fascinating, but scary at the same time! Deepfakes are the latest trend and can be used to craft a realistic scam when used maliciously.
Deepfakes are videos that use artificial intelligence to make it look like someone is saying or doing something when it’s really not them at all. This tactic is often used to impersonate celebrities, politicians, CEOs, or other people in the public eye.
Using an actor as a base, someone that knows how to do these deep fakes can overlay the celebrity’s image and make the words and actions of the actor appear to be coming from the celebrity. It’s the modern version of “Photoshopping,” but even more dangerous because the technology has become so good.
The ability to fool someone is then coupled with the human nature aspect that happens so often on the internet of wanting to have beliefs validated on a subject, which makes a person even more apt to believe a deepfake that reinforces a certain point of view.
The combination of Deepfakes and the popularity of watching videos online has made these fake videos a danger to your personal and business data security.
Some examples of deepfakes out on the internet are a video that appears to show Mark Zuckerberg, founder of Facebook, bragging about having “total control of billions of people’s stolen data” and any number of videos on TikTok pretending to show Tom Cruise doing common tasks like hand washing or a magic trick.
Example from Deeptomcruise posted on Creativebloq.com.
How Deepfakes Are Made
A person creating a deepfake will feed thousands of face shots of the two people (deepfake actor and the person that they are faking) into software. The software uses an encoder and looks for all the points of similarity between the two faces. And basically, creates a face-swapping AI algorithm for those two faces.
The video is made by swapping in the face of one person for another using a decoder, which will recreate the expressions of the deepfake actor on the celebrity or other face being swapped in.
Voice algorithms are added onto this to use available audio from the celebrity to piece together what the faker wants the video to show the person saying.
The technology has become so good that it’s very hard for the average person to tell that a video has been faked.
How Are Deepfakes Used in Phishing & Other Schemes?
Many deepfakes are designed to just get a laugh and show off someone’s skills in using this technology. But many online scams use deepfakes to get money, steal personal data, and more.
Here are some examples of scams using deepfakes.
Fake Video of a CEO Request to Employees
Phishing scammers targeting employees in a large company will create a deep fake video of the CEO making a request to the staff. This may be to have them update their personal bank details for payroll or to simply click a link that’s included in an email, which will take them to a malicious phishing site.
Even if employees think getting a video from their CEO is a bit strange, to them it may appear legitimate and it only takes one to click a link and unleash ransomware through the network.
Another tactic deepfake creators will use is to create a video that causes a company’s stock to go in one direction or another. All they need to do is make a video of a CEO or CFO of a public company reporting some major stock-moving news, send that out, and before the real news can catch up to tell everyone it’s a fake, thousands of people may have bought or dumped their stock in that company.
Extorting a Payoff to Avoid Embarrassment
Pornography is one of the ways that deepfakes are used for extortion. A person’s image can be mapped to make them appear to be in an embarrassing situation. Then, the criminal may convince the person to pay to not have that released because it would damage their reputation even though it’s a fake. Once you release something on the internet, it’s nearly impossible to undo it.
Tips for Not Getting Taken in by a Deepfake
Here are a few quick tips to help you avoid scams using deepfake videos:
- Slow down and don’t feel rushed into action.
- Watch for clues of a deepfake, such as unnatural movement or blinking.
- If something is completely out of character for a person, question whether this is a deepfake and do some online research.
- Look for signs of lip-synching that don’t quite match the video.
- Fine details like the edges around the hair are difficult to fake, so look for any inconsistencies.
- Look for any strange lighting on the teeth or reflections on the iris of the eye.
Is Your Computer Protected from Malicious Websites?
One visit to a phishing website can cause an immediate injection of malware. Magnify247 can help your Hamilton County business put safeguards in place to block malicious sites and keep your endpoints protected.