During a company video call, a Hong Kong-based finance employee at an unnamed multinational firm was defrauded into paying out over $200 million Hong Kong dollars — approximately $25.6 million USD — through the use of “deepfake” technology.
As originally reported by CNN, the fraudster created a digitally manipulated impression of the company’s CFO as well as several other staff members. Convinced they were his coworkers, the employee followed the fake CFO’s instructions and remitted the funds to multiple bank accounts across 15 transfers, according to Techspot.
Baron Chan Shun-ching, who is the acting superintendent of the Cyber Security and Technology and Crime Bureau in Hong Kong, told the public broadcast RTHK that in the video conference, “it turns out that everyone [he saw] was fake,” according to the South China Morning Post. The police said all present on the video except the victim were fake, and the deepfake tech was used to turn publicly available video into believable representations of the victim’s colleagues.
Other deepfakes had only involved one-on-one video calls, according to Chan, but in this case, “They used deepfake technology to imitate the voice of their targets reading from a script." Police did not reveal the name of the company or the worker.
Deepfake is a synthetic media that enables one person’s likeness to be swapped for another. According to MIT Sloan, “The term ‘deepfake’ was first coined in late 2017 by a Reddit user of the same name. This user created a space on the online news and aggregation site, where they shared pornographic videos that used open-source face-swapping technology.”
The term has since expanded to include ‘synthetic media applications’ that existed before the Reddit page and new creations like StyleGAN — ‘realistic-looking still images of people that don’t exist,’ said Henry Ajder, head of threat intelligence at deepfake detection company Deeptrace.”
According to Hong Kong police, on at least 20 occasions, deepfakes had tricked facial recognition programs of people on identity cards. CFOs must stay vigilant about the increased use of fraud in this manner, as cyber fraud hit 83% of organizations in some manner last year, according to a recent report.