My thanks to Kolide for sponsoring last week at DF. Deepfakes are good and only getting better. In real life, people only detect voice clones about 50% of the time. You might as well flip a coin. And that makes businesses extremely vulnerable to attacks.

In the “classic” voice clone scam, the caller is after an immediate payout (“Hi, it’s me, your boss. Wire a bunch of company money to this account ASAP”). Then there are the more complex social engineering attacks, where a phone call is just the entryway to break into a company’s systems and steal data or plant malware (that’s what happened in the MGM attack, albeit without the use of AI).

But the good news is that we can be trained to learn how to identify suspicious phone calls — even when the voice sounds just like someone we trust. If you want to learn more about Kolide’s findings, read their report exploring the details of audio deepfakes.

Monday, 6 May 2024