A $25 Million Deepfake Scam: The Rise of AI-Powered Cybercrime
A finance employee at a multinational company was recently duped into transferring $25 million during a fake video conference. Cybercriminals, using advanced deepfake technology, impersonated the company’s CFO and other colleagues with astonishing accuracy. Their AI-generated voices and likenesses were convincing enough to trick the employee into approving the massive transaction. The fraud was only uncovered when the worker reached out to headquarters for confirmation (1).
This alarming case highlights the growing trend of AI-powered cybercrime.
Cost to the company: $25 million
Quishing: The Rise of QR Code Phishing Scams
QR code phishing, or “quishing,” is a growing cyber threat that’s quickly catching on. Hackers use QR codes, which are becoming part of everyday life, to hide malicious links. These fake codes might show up in emails, posters, or even in places like restaurant menus. When someone scans the code, they’re often unknowingly taken to a harmful website designed to steal personal information or install malware. With QR codes becoming more common, especially since the pandemic, cybercriminals have found an easy way to trick people and bypass traditional security measures.
For more details, check out our full blog post on the rise of quishing.
Read more about quishing
German Company, Diehl Defense, Targeted by North Korean Hackers
Diehl Defense, a German manufacturer of missiles and ammunition, recently fell victim to a phishing attack orchestrated by Kimsuky, a North Korean state-sponsored hacking group. The attackers posed as U.S. defense contractors offering fake job opportunities, using sophisticated social engineering to deceive employees. By referencing Diehl’s location in Überlingen, the hackers made their campaign even more convincing.
This breach is believed to be linked to North Korea’s interest in Diehl’s Iris-T missile system (2). The stolen data could be used to advance North Korean missile development or sold to other nations. North Korea has a history of targeting defense, energy, and aerospace sectors to support its weapons programs.
Cost to the company: leaked highly sensitive data
Phish Yourself: We Launched Free Cybersecurity Awareness & Training
The free cybersecurity awareness edition of Cyberdise AI-enabled solution launches on 15 October. Whether you’re just getting started with cybersecurity awareness or looking for a scalable solution, the Freemium edition provides essential features to protect your business.
[1] CNN. “Hong Kong finance firm scammed out of $25 million in deepfake attack.” CNN International, 4 February 2024, https://edition.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html.Â
[2] Naraine, Ryan. “North Korea Hackers Linked to Breach of German Missile Manufacturer.” SecurityWeek, 30 September 2024, https://www.securityweek.com/north-korea-hackers-linked-to-breach-of-german-missile-manufacturer/.
