Criminals used AI to impersonate the CEO’s voice, and it worked.
A UK-based energy firm was scammed out of $243,000 when criminals targeted the company with an effective vishing campaign. “Vishing” is short for “voice phishing,” the tactic of tricking targets over the phone. This incident marks the first time AI-based voice fraud has netted such a high payload, according to The Next Web.
Using commercially available AI software, the criminals created a voice so similar to the boss of the German parent company of the firm that the UK employees did not notice a difference. The criminals instructed the UK chief executive to immediately transfer $243,000 to a Hungarian supplier, adding that the funds would be reimbursed right away. The UK exec transferred the money as directed, and the criminals quickly moved the money from the Hungarian account to Mexico and other locations.
Later, using the same ploy, the criminals tried to get the British exec to transfer more money. But realizing that the first round of funds had not been reimbursed as promised, he did not fall for it a second time.
“As AI gets better, scams like this are going to proliferate exponentially,” comments Avast Security Evangelist Luis Corrons. “Companies need to establish new security protocols to protect themselves against these types of attacks. One option is to implement two-factor authentication (2FA), which would require any money transfer requested over the phone to be confirmed using a second channel in a previously defined way.”
The names of the British energy company and those involved have not been divulged as the crime is still under investigation and no suspects have been identified as of yet.
Avast is a global leader in cybersecurity, protecting hundreds of millions of users around the world. Protect all of your devices with our award-winning free antivirus. Safeguard your privacy and encrypt your online connection with SecureLine VPN.
