In 2024, deepfake technology reached new heights, allowing cybercriminals to orchestrate some of the most convincing and costly scams we’ve ever seen. From faked business leaders to fraudulent government officials, these scams tricked even the most cautious individuals and companies. Relating current real-world examples of deepfakes and other successful hacker scams is the best way to make a lasting impressing and understanding of how easy it is to fall prey to these scams. But it shouldn’t stop there. Companies should consider implementing detection tools, employee training and ways to keep up to date on the latest hacker tactics.

Real-World Deepfake - $25 Million Loss for Multinational UK Design and Engineering Firm

In May 2024, a UK engineering firm revealed that it was the victim of a sophisticated video deepfake. Deepfakers first sent a phishing email to a finance worker of the firm, delineating several ‘secret’ transactions to be made. Following the phish email, the finance worker was invited to attend a video conference call regarding the transactions. Although the employee had initially been suspicious of the email, their suspicions were put to rest during the video conference. The firm’s CFO, senior manager and other firm employees had their likenesses digitally cloned by cybercriminals. During the video conference call, the finance worker was ordered to transfer the money as set forth in the earlier phish email. The employee recognized the attendees, based on their likenesses and voices, as the firm’s CFO and other firm staff members. Aside from the AI-generated deepfakes, the scammers used social engineering tactics to create a sense of urgency for the finance worker to complete the transactions. After the video call, the worker made a total of 15 transfers to 5 bank accounts of a total of $25.6 Million.

How to Spot Deepfakes

As deepfakes get harder to detect, it is important to know how to detect them. Here are some earmarks of deepfakes that can be detected if you look for them:
  1. Unnatural Facial Movements Even the best deepfakes can struggle with small facial details. Watch for awkward or stiff movements, like strange blinking patterns or unnatural smiles. If a person’s expressions seem off or robotic, it could be a deepfake.
  2. Mismatched Lip Movements A common giveaway is when the audio doesn’t perfectly align with the person’s lip movements. If the words don’t seem to match the way their mouth is moving, you’re likely dealing with a fake.
  3. Lighting and Shadows Look Strange Realistic lighting is a challenge for deepfakes. Look for inconsistencies in how the light and shadows fall on the person’s face. If something doesn’t match up, it’s a clue that the video might not be real.

Deepfake Tools and Employee Training

Although deepfake scams are becoming more common, and getting harder to spot, with the right tools and some basic training, you can avoid falling into deepfake traps.
  1. Use Deepfake Detection Tools Programs like Microsoft’s Video Authenticator or Sensity AI can analyze video files to detect signs of manipulation. These tools look for clues in the pixels, audio, and other subtle details that are easy to miss.
  2. Verify the Source If you get a video call or voice message asking you to send money or share sensitive info, take a moment to verify it. For example, if your boss suddenly asks for an urgent wire transfer, follow up with a separate email or phone call to confirm. This simple step can prevent deepfake scams that rely on tricking you into quick decisions.
  3. Train Your Team to Spot Red Flags The people you work with are often your first line of defense. Make sure your employees know how to spot the telltale signs of deepfakes, like when someone’s lips don’t match the words, or their movements seem unnatural. Train them to be cautious, especially when a request feels rushed or unusual.
  4. Stay Informed About Deepfake Scams Deepfakes are always evolving, so it’s important to stay up to date. Regularly review new scams and fraud prevention tips with your team.