Fakers Steal $26M via Video

Spearphish pivots to deepfake Zoom call, leads to swift exit of cash.
A poor peon in the finance department of a large company got taken in by a deepfake of the firm's chief financial officer.
Your humble blogwatcher curated these bloggy bits for your enter­tainment.
6 million in a scam after employees at its Hong Kong branch were fooled by  a digitally recreated version of its chief financial officer ordering money transfers in a video conference call.
Everyone present on the video calls except the victim was a fake [but] looked and sounded like real people the targeted employee recognised.
The scammers were able to generate convincing representations of targeted individuals that looked and sounded like the actual people.
The employee followed instructions given during the meeting and made 15 transfers totalling HK$200 million to five Hong Kong bank accounts.
The person realised it was a scam upon making an inquiry with the company's headquarters.
The force said it hoped members of the public were aware that scammers were now capable of using deepfake technology.
Senior Inspector Tyler Chan Chi-wing  suggested asking the person to move their head, posing questions to determine their authenticity and become immediately suspicious the moment money is requested.
Thanks to advances in AI, deepfakes have become more convincing than ever before, and they're often used to defame people in the public eye.
It's no surprise that the technology is being abused by criminals in some very inventive ways to facilitate scams.
The Hong Kong police said that it alone has come across more than 20 cases that involved the use of AI deepfakes to trick facial recognition systems.
They] recently arrested six people in connection with a scam that involved eight stolen Hong Kong identity cards.
The scammers used the cards to create deepfakes that could fool facial recognition systems, and then applied for more than 90 loan applications and bank account registrations.
I note the police aren't identifying the company.
If the Universe had a sense of irony, the company would be Zoom.
My parents, friends and coworkers all still getting scammed by emails that are barely beyond the quality of Nigerian Prince pleas.
If high-quality deepfakes go mainstream,  it's going to be a fools errand trying to keep everyone and their mothers from emptying their bank accounts at the drop of a hat.
There is no process stronger than the manager firing an employee for disobeying an order.


This Cyber News was published on securityboulevard.com. Publication date: Mon, 05 Feb 2024 18:43:03 +0000


Cyber News related to Fakers Steal $26M via Video

5 Valuable Skills Kids Can Gain by Playing Video Games - Video games come in all shapes and sizes and can be very educational for children of all ages. Video games can provide children with valuable skills that can help them in their everyday lives. From problem-solving abilities to self-control, learning ...
1 year ago Welivesecurity.com
Fakers Steal $26M via Video - Spearphish pivots to deepfake Zoom call, leads to swift exit of cash. A poor peon in the finance department of a large company got taken in by a deepfake of the firm's chief financial officer. Your humble blogwatcher curated these bloggy bits for ...
9 months ago Securityboulevard.com
WebRTC vs. RTSP: Understanding the IoT Video Streaming Protocols - At the moment, there is a constantly increasing number of smart video cameras collecting and streaming video throughout the world. Here's what you need to know about WebRTC vs. RTSP and their suitability for various streaming needs. The Basics of ...
9 months ago Feeds.dzone.com
The Benefits of Video Conferencing with iMind: Exploring the Positive Impacts - Video conferencing with iMind is a great way to leverage the benefits of remote communication for employees and businesses alike. From increasing collaboration and flexibility to cost-savings and improved time management, the advantages of video ...
1 year ago Hackread.com
Google Admits Editing of AI Viral Video for Enhanced Presentation - jA widely-viewed video showcasing the purported real-time interaction capabilities of Google's artificial intelligence model, Gemini, has been revealed to have been manipulated for demonstration purposes. The video, garnering 1.6 million views on ...
10 months ago Cysecurity.news
CVE-2023-38523 - The web interface on multiple Samsung Harman AMX N-Series devices allows directory listing for the /tmp/ directory, without authentication, exposing sensitive information such as the command history and screenshot of the file being processed. This ...
1 year ago
CVE-2021-27392 - A vulnerability has been identified in Siveillance Video Open Network Bridge (2020 R3), Siveillance Video Open Network Bridge (2020 R2), Siveillance Video Open Network Bridge (2020 R1), Siveillance Video Open Network Bridge (2019 R3), Siveillance ...
2 years ago
CVE-2023-30898 - A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance ...
1 year ago
CVE-2023-30899 - A vulnerability has been identified in Siveillance Video 2020 R2 (All versions < V20.2 HotfixRev14), Siveillance Video 2020 R3 (All versions < V20.3 HotfixRev12), Siveillance Video 2021 R1 (All versions < V21.1 HotfixRev12), Siveillance ...
1 year ago
CVE-2020-36787 - In the Linux kernel, the following vulnerability has been resolved: ...
8 months ago
CVE-2021-47338 - In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of fb_delete_videomode() is not based on the result of the previous fbcon_mode_deleted(). As a result, the mode is ...
5 months ago Tenable.com
Week in review: Attackers use phishing emails to steal NTLM hashes, Patch Tuesday forecast - What organizations need to know about the Digital Operational Resilience ActIn this Help Net Security interview, Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, discusses the impact of the Digital Operational Resilience Act on ...
7 months ago Helpnetsecurity.com
Amazon Prime Video Ads 5 February - Adverts will start appearing for UK users of Amazon Video Prime on 5 February 2024, unless extra fee is paid. Amazon has confirmed that adverts will begin appearing for UK customers of the Amazon Prime Video service in early 2024. In an email to UK ...
10 months ago Silicon.co.uk
Verimatrix Counterspy safeguards content across various devices - Counterspy leverages technology first developed by the company's cybersecurity team back in 2021 to offer an innovative new way to counter the rise in video piracy in an era where streaming apps are prevalent. Counterspy is a standalone product ...
7 months ago Helpnetsecurity.com
CVE-2021-42021 - A vulnerability has been identified in Siveillance Video DLNA Server (2019 R1), Siveillance Video DLNA Server (2019 R2), Siveillance Video DLNA Server (2019 R3), Siveillance Video DLNA Server (2020 R1), Siveillance Video DLNA Server (2020 R2), ...
2 years ago
Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware - Transitioning to memory-safe languages: Challenges and considerationsIn this Help Net Security interview, Omkhar Arasaratnam, General Manager at the Open Source Security Foundation, discusses the evolution of memory-safe programming languages and ...
7 months ago Helpnetsecurity.com
Week in review: Terrapin SSH attack, Mr. Cooper breach - Creating a formula for effective vulnerability prioritizationIn this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. EMBA: Open-source ...
10 months ago Helpnetsecurity.com
Web Injection Campaign Targets 40 Banks, 50,000 Users - Dozens of banks around the word are in the crosshairs of a threat group using JavaScript web injections to steal users' bank account credentials. The campaign, which the hackers have been preparing for since December 2022 and which emerged in March, ...
10 months ago Securityboulevard.com
CVE-2019-6957 - A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building ...
1 year ago
CVE-2017-8367 - Buffer overflow in Ether Software Easy MOV Converter 1.4.24, Easy DVD Creator, Easy MPEG/AVI/DIVX/WMV/RM to DVD, Easy Avi/Divx/Xvid to DVD Burner, Easy MPEG to DVD Burner, Easy WMV/ASF/ASX to DVD Burner, Easy RM RMVB to DVD Burner, Easy CD DVD Copy, ...
7 years ago
CVE-2019-6958 - A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional ...
1 year ago
Is Hybrid Play Leveling the Playing Field for Online Video Gaming? - As technology continues to evolve, the market for online video gaming has grown exponentially. With the advent of hybrid play, we have seen the emergence of digital console gaming and increasing proficiency in a variety of gaming platforms. This ...
1 year ago Welivesecurity.com
EFF Asks Court to Uphold Federal Law That Protects Online Video Viewers' Privacy and Free Expression - As millions of internet users watch videos online for news and entertainment, it is essential to uphold a federal privacy law that protects against the disclosure of everyone's viewing history, EFF argued in court last month. For decades, the Video ...
10 months ago Eff.org
Concentric AI expands Semantic Intelligence DSPM capabilities with audio and video data protection - Concentric AI unveiled that its Semantic Intelligence DSPM solution now offers sensitive data discovery, identification, risk monitoring, and remediation protection for audio and video files, furthering the data protection capabilities of its DSPM ...
10 months ago Helpnetsecurity.com
Week in review: 15 million Trello users' scraped data on sale, attackers can steal NTLM hashes - The reality of hacking threats in connected car systemsIn this Help Net Security interview, Ivan Reedman, Director of Secure Engineering at IOActive, discusses how manufacturers, government regulations, and consumers are adapting to these new ...
9 months ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)