That is a long title, but for this well financed, hi-tech cyber-attack it is appropriate. A worked at a multi-national company in Hong Kong was persuaded to transfer $200 million Hong Kong dollars to a variety of accounts, having been reassured by a group video call with the company’s CFO and other workers from the company, that the victim recognised. Everyone in the group except the victim was a deepfake construction!
Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’ | CNN
This attack did take planning, plenty of computing power, good timing and the theft of ID cards from the company among other things – but it succeeded.
What is your takeaway from this?
Why was the deepfake group call necessary? Well this whole attack started with a phishing email, of which the victim was suspicious – the deepfake video was designed to get past the victim’s cyber security common sense and training.
Do you have cyber security awareness training in place? You may not have $25m to lose but you will have something at risk.
That is where we can help:
Clive Catton MSc (Cyber Security) – by-line and other articles