How AI-Powered Deepfake Attacks Are Disrupting Trust Online
Initially used for entertainment and banter, they’ve become a powerful tool for criminals and scammers.
Deepfakes are manipulated multimedia that make people appear to say or do things they never did. These videos or audio clips are often created with generative AI models that are trained with real footage to synthesize hyper-realistic forgeries.
Initially, this type of content was primarily used to create satirical media assets, like the Tom Cruise magic trick video clips that went viral on social media in 2021.
However, that changed for the worse as the relevant technology became more accessible to everyone, including cyber attackers and scammers.
In this article, let’s dive into the various ways AI-powered deepfake content is disrupting trust online and what the general audience can do to tackle this roadblock.
1. Financial Fraud and Executive Impersonation
Hackers pretend to be senior officials and C-level executives in corporations to commit financial fraud through confidential transactions.
A few months ago, an employee in the Hong Kong office of a British engineering firm, Arup, received a message from the CFO, requesting to approve a monetary transfer. What they didn’t realize at the time was that it wasn’t the actual CFO, but a scammer posing as one.
Moreover, the cyber attackers conducted a video call to alleviate doubts. The meeting featured deepfaked likenesses of the CFO and other staff members. After the meeting, the employee transferred $25 million to five local bank accounts via 15 transactions.
These types of deepfake attacks exemplify how criminals can easily leverage generative AI solutions to exploit trust within organizations via social engineering and phishing.
Businesses can combat this by establishing strict verification protocols for financial transactions, especially those involving large amounts. But tech can only do so much, and it is pivotal to ensure awareness about such deepfake scams within the organization to increase vigilance.
2. Political Disinformation and Election Interference
In 2022, a deepfake video of Ukrainian President Volodymyr Zelenskyy was aired on national TV amid the chaos of the Russia-Ukraine war. The message in the manipulated clip urged the Ukrainian troops to surrender to the Russians. While the video's quality was poor, its impact on the general public was significant.
As it featured a well-known leader, the deepfake humanized the forged message, leading to fear and confusion among soldiers and civilians. Cyber criminals can even leverage “humanizer” AI models to blur the line between truth and fiction to exploit human emotions.
Voters may struggle to distinguish facts from fiction due to the continually decreasing barrier of entry for creating deepfake content. The end viewers may consider the manipulated message as real because they see a familiar face and hear their voice.
It is pivotal that government agencies, news outlets, and social media platforms collaborate to establish authentication standards. AI-generated videos, especially the ones that feature political leaders, should be explicitly marked as such.
3. Corporate Espionage and Reputation Damage
Cybercriminals often aim to steal businesses' trade secrets or confidential information to sell to their competitors or extort money. Another method is to damage the brand's public perception by making fake controversial statements or “leaking” manipulated internal meetings.
Both corporate espionage and reputation hacking can manipulate stock prices, lead to financial loss, or create distrust among the stakeholders. Such attacks generally start with phishing attempts.
Hackers also monitor the company's daily operations to ensure the manipulated message's content is contextually relevant. Once released, even if it is disproven, the initial impact can be severe, especially when timed right.
The cyber criminals may pick sensitive and busy periods in a calendar year to improve their chances.
To mitigate this, organizations must integrate cybersecurity and digital media literacy measures in their employee training programs from the ground up. Professionals should be equipped against such malicious AI-generated deepfake attacks.
4. Social Engineering and Identity Theft
With social engineering, scammers trick people into revealing private information. AI-generated deepfake videos allow attackers to impersonate victims’ friends, colleagues, or family.
The strategy is quite simple. Cybercriminals assume the identity of someone who has their target’s trust. Then, they train AI models to mimic this person’s voice, appearance, and mannerisms. The final element is fabricating an urgent situation in which the victim must act immediately to help their acquaintance.
Usually, this “help” translates to sending large sums of money to an unfamiliar bank account.
Passwords and PINs can only be exploited through technical vulnerabilities, but deepfakes exploit human trust.
Organizations can navigate this challenge by establishing a verified and safe means of internal communication. This could include official email or messaging applications, where the identity of the stakeholders is strictly authenticated.
Individuals should stay vigilant when their known associates communicate through unknown phone numbers or communication platforms. It is also crucial to remain patient, as hackers want their victims to act hastily.
5. Undermining Media and Public Trust
Generative AI technology is becoming more sophisticated, producing higher-quality deepfakes as good as real videos and audio clips. This can result in the “liar’s dividend,” where cyber criminals dismiss genuine footage as fake and vice versa.
Audiences will, as a result, grow increasingly skeptical of news reports, even if they come from their preferred news sources. Journalists and reporters might even encounter selective plagiarism, where their work is mimicked to produce altered content to mislead the public.
Tackling this issue demands a multi-pronged response. For starters, media outlets and channels must adopt rigorous fact-checking methods and disclose them to ensure information reliability. Moreover, organizations should leverage AI-detection solutions to spot deepfake content.
Perhaps the most important effort to combat this is to promote critical thinking and media literacy among the general public.
Wrapping Up
Deepfakes are AI-generated audio and video forgeries that were initially used for entertainment and banter, but now they’ve become a powerful tool for criminals and scammers.
Attackers leverage these manipulated multimedia in various ways, including impersonating executives, spreading political disinformation, damaging organizations’ reputations, stealing identities, and undermining trust in the media.
Governments, media outlets, business security leaders, and social media platforms must work together to detect and identify AI-manipulated content.
