A lot of us would have come across some person who is really good at imitating or mimicking someone else. At times, these people are so good at it, that they can look or sound even better than the original person being imitated.
While this seems like a good means of entertainment, and a talent in itself, some readers might be amused that similar acts are now being used as an attack vector to target enterprises. Let us begin with what deepfake phishing actually is.
Deepfake is an attack vector that simultaneously leverages multiple technologies like Artificial Intelligence (AI), audio and video, to impersonate some key stakeholder within your organization, a parent company, or an important vendor.
What makes this seemingly difficult task much easily achievable is the presence of a wealth of our personal data over the internet, especially in the form of our social media accounts. All this info is fed into AI based algorithms to generate fake or misleading audio, video, voice, text, email messages, or a combination of these.
What are the Telltale Signs of a Deepfake Phishing Message?
Although an attacker may resort to a number of tactics to mask these nefarious designs, the following telltale signs can go a long way in deciphering a deepfake phishing message.
Sense of Urgency
Most deepfake phishing messages have a certain sense of urgency attached to them. This could be in the form of a looming deadline, something that has gone past its due date, or entailing some serious regulatory, disciplinary or financial ramifications.
The end goal is to induce a certain panic in the recipient, and get the intended thing accomplished, before the victim gets a chance to think twice. This is an effective tactic, as present day employees are already under some degree of stress.
A Person or Office of Higher Authority
Most organizations, even the smaller ones, have a certain hierarchy in place. Generally, it is a discouraged practice to question the instructions of one’s superior. This human tendency, and organizational practice, are also being exploited by deepfake phishing attackers.
In a lot of cases, the person being impersonated is of a higher rank or position, as compared to the target. For instance, the Chief Financial Officer (CFO) may receive a fake message from the alleged Chief Executive Officer (CEO) of the company, ordering an immediate wire transfer to some individual or entity.
- A Glimpse of the Leading Cyber Security Trends for 2022
- How Do Industry Experts Visualize Cyber Security?
- Security Hygiene and Posture Management – Two Emerging Challenges
- How to Create a Robust Cyber Security Strategy?
In some deepfake phishing attacks, the miscreants have gone a step further, and impersonated a top official of the victim individual’s parent company. This is also something that would seldom raise an alarm, especially if some false sense of urgency is also attached.
Inconsistent Audio and Video
This is perhaps one of the most obvious telltale signs of a deepfake phishing attack. In most of the cases, despite the use of advanced AI, there is generally an inconsistency or incoherence between the impersonated person’s video and audio.
However, a keen observation, coupled with a high level of attentiveness is required to spot anything of this sort. So, it is about time that before acting on video or audio messages, we need to be keenly observant for any obvious inconsistency or incoherence.
How to Thwart Deepfake Phishing Attacks?
Now that we have covered some obvious signs of a deepfake phishing attack, let us discuss some methods of mitigating the risks associated with this emerging threat vector.
- Employee training is necessary, so they do not get carried away by messages or communications that are of too high priority or urgency.
- Whenever you receive any message, you should try to benchmark it with the previous official correspondence with that official of the company.
- The video and audio of any such message must be coherent, and even the slightest of inconsistency must raise an alarm that something could be wrong.
- In cases where the level of urgency is high, or some serious ramifications are there for the company or the individual concerned, it is always a good idea to reach out that person, for an in-person confirmation about any such message actually being sent.
- Do not divulge any sensitive information about the subject matter to the sender, even if other officials of the company are also a part of that email chain. At times, deepfake phishing attackers might address one email to multiple officials simultaneously, in the hope that any one of them divulges some more leading information.
Technologies like Artificial Intelligence (AI) are only as good as their users. This article raises an alarm about the misuse of AI in mounting deepfake phishing attacks on businesses. These attacks, if successful, could entail financial, regulatory or other consequences for the company, or the targeted employee.
Having said that, employee training and sensitization about this emerging threat vector is extremely important. Deepfake phishing attacks will be yet another addition to the long list of cyber threats that present day employees have to remain vigilant of.
Contact dinCloud, an ATSG company, which offers class leading Cloud Computing solutions that come with strong cyber security controls built into the service.