If your boss called you from a remote location, would you know how to check if it was really that person on the other end of the phone? Similarly, are all your business emails actually from within your company or its partners?
Cybercriminals, also known as bad or malicious actors, are using increasingly advanced technology to imitate people in order to get sensitive data and money. Being on the lookout for these deepfake scams and business email compromise (BEC) can help you protect your business’s bottom line — and reputation.
Scam Detectors Most Trusted Websites in Online Security
- Guard.io (100): Protect your digital world on any device – Guardio stops scams and phishing in their tracks.
- Incogni.com (100): Delete your personal data from the internet and protect against scams and identity theft.
- ExpressVPN (100) Stay secure and anonymous online - Best VPN Out There
How Deepfakes and Email Compromise Work
Deepfake technology takes snippets of someone’s voice or image from various sources like voicemails and videos on social media. AI-powered technology then uses that data to create a digital version of a voice or even a whole person that’s hard to tell apart from the original. They can then use the deepfake to call someone within an organization and tell them to perform tasks or bypass security in some way.
In 2024, news outlets reported that a deepfake scam had cost one business $25 million. A finance employee at a design and engineering firm was invited to a group call with the Chief Financial Officer (CFO) and others. No one on the call was real except the finance employee. Subsequently, that employee wired $25 million to a “secret” account. It shows just how quickly AI-generated imagery and audio have become almost indistinguishable from the real thing, particularly when the awareness surrounding these scams is low.
Another identity-theft-based scam is BEC. Email compromise means that a malicious actor meticulously copies a business’s email template and formatting. They use that template, usually including real-looking links, to get employees to click those links and divulge information like passwords.
How to Increase Business Cybersecurity Awareness of Deepfake Activity
Employees should now all be made aware of these types of scams and how to avoid them. Top tips include:
- Not jumping on unscheduled calls: Contact the person via your usual channel to check if the request is legitimate.
- Double authorization: Require at least two separate members of staff to personally oversee financial transactions.
- Look for “AI tells”: Stilted behavior, faces and hands that don’t look quite right, and repeated phrases can all be suspicious.
- Never clicking links: Go to websites via pre-approved channels, not email links.
If you have any suspicions at all, end the call/video conference. In the case of an email, don’t click any links and, in every instance, report it to your Chief Information Security Officer (CISO).
Staying Up-to-Date Boosts Cybersecurity Resilience
When you know what the latest threats are, you can be on guard against them or invest in the latest business cybersecurity protections against deepfakes. Sign up for Scam Detector’s Scam Alerts. You’ll receive regular updates with the latest news on what’s happening in the world of fraud and scams, including business attacks like those highlighted above.
Verify Another website
Are you just about to make a purchase online? See if the website is legit with our validator:
vldtr®
TOP 4 MUST-WATCH FRAUD PREVENTION VIDEOS
1. Top 5 Amazon Scams in 2024 2. Top 5 PayPal Scams in 2024 3. How To Spot a Scam Email in 2024
When my sweet old grandmother got caught up in an Amazon gift card scam, I decided then and there that I needed to do whatever I could to inform as many people as possible about the grifters of the world. That’s what I do here – writing about modern scams so you don’t get caught out.
- Latest Posts by Tom Watton
-
How to Identify a Fake LinkedIn Profile
- -
Most Common Airbnb Scams and How to Avoid Them
- -
How AI Makes Scams More Dangerous
- All Posts
