Security consulting firm NISOS has released a report analyzing a scam that tried so and shared audio with the motherboard. The clip below is part of a voicemail sent to an employee at an unnamed technology company, which has a voice like the CEO CEO asking staff for immediate assistance to complete a Urgent business deal.
The quality is definitely not great. Even under the guise of a bad phone signal, the voice has a bit of a robot. But it can be overcome. And if you’re a junior employee, worried after receiving an urgent message from your boss, you might not think too much about sound quality. This is definitely human language. They checked that box: it sounded more like robots or more human? I want to talk more about people, Keith Rob ROLert, a researcher at NISOS, told Motherboard. However, it is not like CEO enough.
The last attack was unsuccessful because the employee who received the voicemail immediately thought it suspicious and flagged it with the company’s legal department. But such attacks will become more common as deepfake tools become increasingly accessible. All you need to make a voice copy is to access lots of recordings of your goals. The more data you have and the better the sound quality, the better the results will be. And for many executives at large companies, such records can easily be gathered from earnings calls, interviews, and speeches. With enough time and data, the highest quality audio depth parts are far more convincing than the above example. The best known and first reported example of a deep-sound scam took place in 2019, where the chief executive of a UK energy company was tricked into depositing € 220,000 ($ 240,000). la) to a Hungarian supplier after receiving a phone call from the CEO of his parent company in Germany. The executives have said that the money transfer is urgent and the money must be deposited within an hour. He did so. The attacker was never caught.
Earlier this year, the FTC warned of an increase in such scams, but experts say there’s an easy way to beat them. As Patrick Khaynor of Herbert Wertheim Technical University told The Verge in January, all you need to do is hang up the phone and call the person back. In many scams, including those reported by NISOS, attackers are using recorded VOIP accounts to communicate with their targets.
Hang up and call them back, he said Khaynor. Unless it’s a state actor who can reroute phone calls or a very, very sophisticated hacking group, chances are it’s the best way to realize if you’re talking to someone you think. are you