Scammers use DocuSign API to send fraudulent invoices
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
The age of deepfake fraud is truly here.
Hong Kong police recently reported a fraudulent scheme involving deepfake technology, resulting in a finance worker transferring millions of dollars to impostors. The employee, working for a multinational firm, fell victim during a video conference call.
Believing he was interacting with his company’s chief financial officer and colleagues, the worker later discovered all participants were deepfake imitations. The scam involved a request for a confidential transaction, leading to the transfer of approximately $25 million USD ($195m Hong Kong Dollars).
The incident has made international headlines, a starter shot in the race to defend businesses’ money against deepfake-enabled scams.
Senior Superintendent Baron Chan Shun-ching of the Hong Kong police detailed the incident. Initially sceptical, the worker dismissed a suspicious email from someone claiming to be the firm’s UK-based chief financial officer – this wasn’t a reckless employee, but instead seems to be a case of a cautious sceptic who was alert to the possibility of phishing.
But the worker’s doubts subsided after the extremely realistic video call. CNN programme TYT recently broke down what happened in the video below.
Chan said the ruse was part of a broader pattern of deepfake-assisted frauds.
Hong Kong authorities reported six arrests related to similar scams. Investigations revealed that eight stolen Hong Kong identity cards facilitated 90 loan applications and 54 bank account registrations. Fraudsters used AI-generated deepfakes to deceive facial recognition systems on at least 20 occasions.
The misuse of deepfake technology extends beyond financial deception, with recent incidents – like the sexually suggestive material of Taylor Swift that went viral – highlighting its potential for creating damaging and deceptive content.
Deepfake videos aren’t the only way scammers leverage generative artificial intelligence (AI). AI is largely acting as an accelerant for existing scam tactics, but it’s also creating brand new threats altogether:
To manage this new risk environment, finance leaders need to think creatively, stay informed and implement technology-driven processes. Crucially, this should involve a combination of solutions rather than relying only on training or financial controls that were designed during a pre-digital era.
Leaders will need to reassess three major areas:
CFOs, beware: cybercriminals are exploiting DocuSign’s legitimate business tools to deliver fraudulent invoices directly through trusted channels. This scheme is particularly dangerous …
Because LinkedIn is used as a professional networking platform, account holders don’t use the same caution as they would on Facebook or …
Fraud can strike any time, but certain periods increase your business’s vulnerability to fraudulent activities. During these times, your teams may be …
Eftsure provides continuous control monitoring to protect your eft payments. Our multi-factor verification approach protects your organisation from financial loss due to cybercrime, fraud and error.