According to a report in the Wall Street Journal, an energy company has been defrauded by around €220,000. The report indicates that the managing director of the unnamed British company believed he was talking to his boss at the German parent company when he was instructed to immediately transfer €220,000 into the alleged bank account of a foreign supplier. The British CEO recognized his boss's "light German accent" and also the "melody" of his voice on the phone. The money was properly transferred to an account, but this was under the control of the criminals and from where it immediately disappeared. When the fraudsters tried again to demand another payment, the British company became suspicious and noticed that the calls were from Austria and not from Germany. The systematics of the procedure suggest that Deepfake technology was used.
Deepfake technology makes it possible to imme biometric features with the help of software, so that images, audio or video are perceived as deceptively real. The technology is currently being favored by the careless use of apps, such as a Chinese deepfake video app, which proved to be very popular. With Deepfake video, users enjoyed transferring their digital faces to footage and popular TV shows, such as Game of Thrones. The readily entered data, such as face videos or voice recordings, were also collected on systems in China. Also critical, for example, is FaceApp, an app that artificially ages users in their photos and, incidentally, lets all the user's generated and detailed imagery become the property of the Russian company. In the case of FaceApp, the FBI was also called in to investigate.
Pictures: Letter from U.S. Senator Charles E. Schumer to the FBI regarding the danger of FaceApp for millions of U.S. citizens (source and readable version: Twitter).
David Bouck-Standen (M.Sc.
Sen. IT Consultant, NetAlive Ltd
IT Cyber Security Expert
The problem with such apps, such as FaceApp or Deepfake video, is not just the current usage. Users' data is systematically collected, transferred to non-European countries and can potentially be used indefinitely. Biometric data in particular will become even more interesting in the future, for example, when the banking app releases transfers via facial recognition. In ten years' time, do you remember using an app in between? The use is so easy, fast and also free of charge!
The "digital handling" of users seems completely carefree - which is extremely worrying in the Puncto IT cyber security. As a result, tomorrow's technologies, such as biometric authentication, are already potentially endangered and undermined.