Fraudsters use AI voice manipulation to steal £200,000

Bold social engineering attack could be the first of many powered by machine learning

Cyber criminals have used artificial intelligence (AI) and voice technology to impersonate a UK business owner, resulting in the fraudulent transfer of $243,000 (201,000).

In March this year, what is believed to be an unknown hacker group is said to have exploited AI-powered software to mimic the prominent business leader's voice to fool his subordinate, the CEO of a UK-based energy subsidiary, according to the Wall Street Journal (WSJ).

Advertisement - Article continues below

The hackers were then able to convince the CEO to carry out transactions in the guise of urgent funds destined for its German parent company.

It's believed that the fraudsters phoned the UK-based CEO to demand a transfer to a Hungarian supplier. They contacted him again, still impersonating the parent company's chief executive, to reassure him the transfer would be reimbursed.

The CEO was then contacted a third time, before any reimbursement funds had appeared, to request a second urgent transfer. It was at this point the CEO became suspicious and declined to make any further payments.

The funds that were transferred to Hungary, however, were soon moved on to Mexico and various other locations, with law enforcement still looking for suspects.

This social engineering attack could be a sign for things to come, according to ESET cyber security specialist Jake Moore, who expects to see a huge rise in machine-learned cyber crimes in the near future.

Advertisement - Article continues below
Advertisement - Article continues below

"We have already seen DeepFakes imitate celebrities and public figures in video format, but these have taken around 17 hours of footage to create convincingly," he said.

"Being able to fake voices takes fewer recordings to produce. As computing power increases, we are starting to see these become even easier to create, which paints a scary picture ahead."

With enterprise security practices becoming more robust with time, criminals may increasingly look to staff as the most easily-exploitable gaps in an organisation's defence.

Social engineering has, indeed, grown to be far more sophisticated in recent years with employees faced with slicker phishing campaigns and highly targeted attempts at deception.

"To reduce risks it is imperative not only to make people aware that such imitations are possible now, but also to include verification techniques before any money is transferred," Moore added.

Featured Resources

The case for a marketing content hub

Transform your digital marketing to deliver customer expectations

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Why CEOS should care about the move to SAP S/4HANA

And how they can accelerate business value

Download now

IT faces new security challenges in the wake of COVID-19

Beat the crisis by learning how to secure your network

Download now


video conferencing

Zoom 5.0 adds 256-bit encryption to address security concerns

23 Apr 2020

WhatsApp flaw leaves users open to 'shoulder surfing' attacks

21 Apr 2020
cyber security

Microsoft AI can detect security flaws with 99% accuracy

20 Apr 2020

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020

Most Popular

Microsoft Windows

Microsoft's latest Windows 10 update is causing yet more issues

26 May 2020

Nokia breaks 5G record with speeds nearing 5Gbps

20 May 2020
Network & Internet

Intel releases Wi-Fi and Bluetooth driver updates for Windows 10

26 May 2020