The number of deepfake attacks has significantly increased and grown more successful in recent years.
Growing deepfake attacks are reshaping the threat landscape for political figures, organizations, celebrities, financial institutions, and ordinary people. In 2020, Trend Micro wrote a joint paper with EUROPOL, highlighting the malicious uses of artificial intelligence. It didn’t take long for their prediction to come into play.
The use of deepfakes inspires attacks like business email compromise and identity verification bypassing, among others. There are numerous reasons why these attacks have been successful in recent years. Listed below are some of them:
- All technological pillars are aligned. The source code for deepfake generation is public and available to anyone wishing to use it.
- Criminal organizations are early risers with these technologies and regularly discuss the use of deepfake to ensure the success of existing monetization and money laundering schemes.
- Trends of deepfake implementation are being noticed in newer attack scenarios, like social engineering attacks, where deepfakes are a key enabler in technology.
- The amount of accessible images to the public is enough for crappy actors to create millions of fake identities using deepfake technology.
Let’s quickly go over how this trend has been evolving over recent years.
It’s quite common to see images of famous people used in search engine optimization (SEO) campaigns on social media and news sites. These advertisements are specifically designed to reel in consumers and get them to select links under the photos.
Advertising groups have been using this type of media content in various monetization schemes for a long time. Lately, however, we’ve noticed interesting developments in these ads, along with a change in the technology that enables these campaigns.
“Underground” criminal schemes using verification tools and techniques have evolved tremendously over time. Account verification services have been available for a while, for example. As technology has evolved, criminals have also changed their tactics to keep up with new methods for attacks.
In late 2020, searches for “deepfake specialists” were already being discovered. Some tools for deepfake production have even been available for some time, such as GitHub. Bots can also make the process of creating deepfake videos easier. An example is Telegram bot.
Deepfake videos have been used to blackmail or cause additional problems to public figures. Those who have a lot of high-resolution images online are easily targeted. Social engineering scams are already becoming an issue, using their faces and voices.
Given the tools and resources available, we plan on seeking deepfake attacks and scams continue increasing. Messenger scams, BEC, fake accounts, and blackmail are threats to many. Even tech support scams are running rampant.
This is only the first wave of deepwave attacks, so it’s highly likely that we will see more serious ones.