Scammer Poses As CFO in Deepfaked Meeting On Zoom, Steals $25 Million - Slashdot

Posted by EditorDavid

• • Re:

    Maybe you shouldn't work in a C-Level position, then.

    Everyone else can work from home, it's not like they can cause a multi-million scam to work if they do. But get the C-Levels back to their offices. That way the all important shareholder value can be kept up by keeping the offices relevant without weighing down people who actually have to do work.

• ›

  With no second sign-off and the first one either on paper in person or certified by a second person or verified with a call-back on the phone? That is just incredibly dysfunctional. Not saying you need this process for small stuff like $1000, but for $25M? Seriously?

  • They're not even identifying the company involved. How much you wanna bet it's some crypto firm?

    • Re:

      Did not even think of that. I sort-of do not regard these as real companies and more like criminal enterprises. You are spot-on, of course.

      • Re:

        It'll be funny if I'm totally off-base and it turns out to be someone like Barclays...

        • 1 hidden comment

    • Re:

      If the Universe had a sense of irony, the company would be Zoom.:-)

      • Re:

        Or... a company that makes deepfake software.:-)

    • Re:

      The Chinese absolutely do not want to identify the firm because that would mean losing face. Even though it's a multinational firm, the crime took place in Hong Kong.

      They have enough problems with their plunging stock market [cnn.com]. The last thing they want is for these large companies to lose confidence and start withdrawing business.

  • Re:

    I'm sure a big part of the problem is all Chinese look the same. Imagine how much worse this problem gets with deep fakes.

    • 1 hidden comment

    • • Re:

        I mean that's not entirely true. White Americans have various hair and eye colors that don't exist in Chinese populations. Also a wider range of complexions. Objectively theres a larger range. Subjectively Chinese people are probably more finely attuned to the differences that do exist.

        • 1 hidden comment

        • Re:

          Chinese people have a very wide range of complexions too. Some are almost white, some are more yellow, and some are darker than many people of African descent. Remember that China alone is huge, with a large variety of climates.

          Hair and eye colour is certainly true.

    • Re:

      "Sum Ting Wong" - level racist, congratulations. And almost as funny.

  • by echo123 ( 1266692 ) on Sunday February 04, 2024 @11:33PM (#64214352)

    According to this Darknet Diaries podcast episode [darknetdiaries.com], Pig Butchering is the highest grossing cyber crime for the last few years. The interviewed guest elaborates on this industry, and such techniques.

    Honestly, I didn't think it was possible to pull off the level of deepfake as described in this particular crime (TFA). Now we know where the bar is, and the bar is quite low in terms of skillz and resources it seems. I thought a live video call would expose a Pig Butcher. After listening to the podcast I thought the best a Pig Butcher (with a bad English/accent) could manage technically was to send the victim deepfaked video recorded messages from an app like Signal, (and just using Signal implies a certain degree of trust). One of the common excuses for using such recorded video messages instead of something live, is very low bandwidth or shaky internet, like when traveling between airports.

    The Pig Butcher always involved earning trust of the Pig, over time, then taking all the assets and disappearing. Incredibly, the podcast episode describes how one skilled IT expert lost tens of thousands of dollars, (hated himself for it), then used the same techniques on the Pig Butcher to get all his money back.

• Good. (Score:4, Interesting)

  by Gravis Zero ( 934156 ) on Sunday February 04, 2024 @11:40PM (#64214364)

  I'm all for companies being destroyed by their own executives being unwilling to invest is good security. Consider it an evolutionary fitness test.

• Ever since vTuber tech appeared a few years ago, I've been waiting for something like this to happen. The ability to do real-time motion mapping with a moderately-powerful laptop onto a custom 3D model was just begging to be souped up with image generation and real-time voice modification and used for nefarious purposes.

  • Re:

    Yep, and theres a good chance the criminals knew they where going to spend a bunch of mil on this and spent some decent cash on extensively training one of the deepfake models to create an essentially flawless model.

    Usually deepfakes fail the uncanny valley test fail the uncanney-valley test but those tend to be trained on maybe $10-$20 worth of compute time. But for a crime like this, someone could easily spend $10K to create something virtually indistinguishable and it'd be almost impossible to tell.

    • Re:

      On top of that, there's a lot of quality you can compensate with crappy video. If your "CFO" is one guy sitting mostly still in front of a pinhole laptop webcam, or is 1% of the screen at a giant meeting table, that compensates for a whole lot of poor training in your model.

    • Re:

      I can't wait until we hear about an Army of deepfake "Benghazi s" marching down the streets of Iowa and Mississippi in order to lure all the children with pizza (chuck e cheese attack) in a a fleet of Godless and gas-less deep fake Tesla loaded with abortion pills laced with fentanyl and Lib-Tard Zombie repellent.

    • Re:

      Exactly. If you know you're going to order a cool 25 million transferred, 1-5-10 thousand dollars of CPU time is very good investment by anyone backing you.