Reshaping the threat landscape: Deepfake cyberattacks are here

Malicious campaigns involving the use of deepfake technologies are a lot closer than many might assume. Furthermore, mitigation and detection of them are hard.

A new study of the use and abuse of deepfakes by cybercriminals shows that all the needed elements for widespread use of the technology are in place and readily available in underground markets and open forums. The study by Trend Micro shows that many deepfake-enabled phishing, business email compromise (BEC), and promotional scams are already happening and are quickly reshaping the threat landscape.

No Longer a Hypothetical Threat

“From hypothetical and proof-of-concept threats, [deepfake-enabled attacks] have moved to the stage where non-mature criminals are capable of using such technologies,” says Vladimir Kropotov, security researcher with Trend Micro and the main author of a report on the topic that the security vendor released this week.

“We already see how deepfakes are integrated into attacks against financial institutions, scams, and attempts to impersonate politicians,” he says, adding that what’s scary is that many of these attacks use identities of real people — often scraped from content they post on social media networks.

One of the main takeaways from Trend Micro’s study is the ready availability of tools, images, and videos for generating deepfakes. The security vendor found, for example, that multiple forums, including GitHub, offer source code for developing deepfakes to anyone who wants it. Similarly, enough high-quality images and videos of ordinary individuals and public figures are available for bad actors to be able to create millions of fake identities or to impersonate politicians, business leaders, and other famous personalities.

Demand for deepfake services and people with expertise on the topic is also growing in underground forums. Trend Micro found ads from criminals searching for these skills to carry out cryptocurrency scams and fraud targeting individual financial accounts.

“Actors can already impersonate and steal the identities of politicians, C-level executives, and celebrities,” Trend Micro said in its report. “This could significantly increase the success rate of certain attacks such as financial schemes, short-lived disinformation campaigns, public opinion manipulation, and extortion.”

A Plethora of Risks

There’s a growing risk also of stolen or recreated identities belonging to ordinary people being used to defraud the impersonated victims, or to conduct malicious activities under their identities.

In many discussion groups, Trend Micro found users actively discussing ways to use deepfakes to bypass banking and other account verification controls — especially those involving video and face-to-face verification methods.

For example, criminals could use a victim’s identity and use a deepfake video of them to open bank accounts, which could later be used for money laundering activities. They can similarly hijack accounts, impersonate top-level executives at organizations to initiate fraudulent money transfer or plant fake evidence to extort individuals, Trend Micro said.

Devices like Amazon’s Alexa and the iPhone, which use voice or face recognition, could soon be on the list of target devices for deepfake-based attacks, the security vendor noted.

To read the complete article, visit Dark Reading.