Deepfake creation software is proliferating on the Dark Web, enabling scammers to carry out artificial intelligence-assisted financial fraud with previously unheard of creativity and scope.
Consider what happened a few weeks back, when a Hong Kong-based employee in the finance department of a multinational corporation received a message.
It was his company's UK-based CFO, asking him to carry out a transaction.
Not long after the initial message, the employee got on a video conference call with that CFO, alongside a roster of other colleagues.
They all looked and sounded like the people he knew.
He was asked to give a short introduction to the group, then he was given instructions, and the meeting ended abruptly thereafter.
By the time the deepfake ruse was revealed, he'd already made 15 transactions totaling $25.5 million.
The Flourishing Market for Deepfake Software Deepfakes - good ones, too - have been around for some time now.
What's changed is the fact that they've become more available to a wider audience, with a lower barrier to entry.
Face swapping, for example, has become utterly commonplace.
For a report set to release on Wednesday, iProov has tracked more than 100 separate tools on the market today designed for creating simple face swaps.
More advanced offerings are out there, too, like OnlyFake, a Dark Web service that can produce a realistic fake ID in an instant, or many of them at scale, for just $15 each.
These same advancements in quality and accessibility have allowed for a flourishing of above-board deepfake products, as well.
The Hollywood strikes in 2023 were driven in part by concerns over this technology's application to movies and TV that might make extras obsolete, and the Chinese multimedia giant Tencent now offers a commercial deepfake service capable of creating high-definition, realistic human fakes using just three minutes of live action video and 100 spoken sentences as source material.
The Easy Solutions to Deepfake Detection, & the Hard Ones Much of the discourse around deepfake security focuses on identifying idiosyncrasies in its end product: the imperfections in a fake image, the lack of resonance that might give away an AI-generated voice, and other technical shortcomings that a human or anti-deepfake software might be able to flag as suspicious.
Because the technology is improving so fast this is becoming more and more difficult to do by the day.
Trying to beat the software may be one worthwhile approach, says Kevin Vreeland, general manager of North America at Veridas.
He offers an even simpler, more reliable alternative for dealing with deepfakes at a more fundamental level: Instead of constantly asking whether everything is real, companies can instead focus on preventing synthetics from reaching employees in the first place.
Until detection tech catches up, it's this more basic metadata that makes for easier pickings.
This Cyber News was published on www.darkreading.com. Publication date: Mon, 05 Feb 2024 22:25:19 +0000