Is that you boss?

We’ve all heard about the “fake” email sent to the finance department from the CEO asking for a payment to be made to a fraudsters account but a new – and more sophisticated – version of this type of fraud has begun.

The emergence of “deepfake” technology – where genuine recordings of people are processed and manipulated via artificial intelligence – has morphed into a sinister new type of corporate fraud.

Internet security experts Symantec have reported three cases of audio deepfakes being deployed to steal millions of pounds from private companies by impersonating the voice of the business’s CEO.

The fraudsters trained machine learning engines on conference calls, Facebook ads, YouTube, social media updates and even TED talks, to copy the voice patterns of company bosses. They then mimicked the CEOs and called senior members of the finance department to ask for funds to be sent urgently.

“CEO fraud” itself is not new, but until now hoaxers have been limited to using fake email addresses in the hope of tricking a senior executive into releasing funds.

The use of voice manipulation software marks a new step in the threat to business, with experts warning the damage may not be limited to extorting cash. The technology could also be used maliciously to put out fake statements that result in stock price collapses or damage reputations.

“This kind of high-tech heist is not a futuristic vision but an imminent reality for businesses who may be lax about data validation,” said Caroline Winch, Commercial Director at secure audit service Confirmation.

According to the Association of Certified Fraud Examiners (who even knew they exist), the 2008 financial crisis triggered a massive upswing in corruption and fraudulent disbursements and statements.

“It is essential that during times of uncertainty the corporate world not only prepares for the inevitable impact of fraud-enabling technologies that are emerging but also educates employees about existing threats and guards against complacency,” they said.

So if your boss has videos on YouTube, Facebook ads or TED talks available on the internet maybe you should revisit your financial security and consider more robust authentication defences or other practices that can strengthen the approval chain.

Noel Guilford, Principal at Guilford Accounting
Noel Guilford is the principal of Guilford Accounting a small business accountancy practice specialising in advising owner-managed businesses on current accounting, finance, and tax matters. You can reach him via email at noel@guilfordaccounting.co.uk or by phone at 01244 660866. He is the author of the 'Figure it out - an entrepreneurs guide to understanding your business numbers' which you can obtain by visiting guilfordaccounting.co.uk.​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​ His latest book, How to Build a Successful Business' will be published in 2018.

Leave a Reply

Your email address will not be published. Required fields are marked *