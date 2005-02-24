from the name-your-favorite-flic dept.
[ Editor's Note: We first covered this story here https://soylentnews.org/article.pl?sid=24/02/05/1626236 but this now has some additional information and quietus' own take on it. ]
This one screams for a movie adaptation, but fast.
In February this year, Hong Kong police announced that a major firm had been victim of a successful impersonation attack.
Now the Financial Times has revealed the firm involved was Arup engineering -- builder of, among others, the Sydney Opera Building, the Gherkin in central London, Guangzhou Opera House, and others.
What happened was that an employee in the finance department was invited for a video conference with the CFO and other 'senior officers'. During that video conference, this employee was given the order to funnel a total of $25 million (US) to 5 local bank accounts through 15 transactions, which the employee duly did. After what were quite possibly a couple of sleepless nights, she decided to check with her higher-ups, which (one presumes) resulted in a few heart arrythmias.
Turns out that everybody else on that video conference call was a digital fake.
The current working hypothesis is that the scammer(s) used past online conferences to train AI to digitally recreate a scenario where the CFO ordered money transfers. So that adds public video postings as an additional headache to CIOs, CFOs and just about anyone who has decision power over rather large amounts of money. As if phone and Whatsapp scams aren't already bad enough.
Now, remember: this is news because it hit a big company. But let your schadenfreude not stand in the way of a bitter realisation: the inescapable economic trend is that what was once reserved for the rich, will be made accessible for the ordinary people too.
In a few years time, we'll be looking back with tender nostalgia to those Nigerian princes and their eternal banking problems.
Related Stories
https://arstechnica.com/information-technology/2024/02/deepfake-scammer-walks-off-with-25-million-in-first-of-its-kind-ai-heist/
On Sunday, a report from the South China Morning Post revealed a significant financial loss suffered by a multinational company's Hong Kong office, amounting to HK$200 million (US$25.6 million), due to a sophisticated scam involving deepfake technology. The scam featured a digitally recreated version of the company's chief financial officer, along with other employees, who appeared in a video conference call instructing an employee to transfer funds.
Due to an ongoing investigation, Hong Kong police did not release details of which company was scammed.
Deepfakes utilize AI tools to create highly convincing fake videos or audio recordings, posing significant challenges for individuals and organizations to discern real from fabricated content.
[...] The scam was initially uncovered following a phishing attempt, when an employee in the finance department of the company's Hong Kong branch received what seemed to be a phishing message, purportedly from the company's UK-based chief financial officer, instructing them to execute a secret transaction. Despite initial doubts, the employee was convinced by the presence of the CFO and others in a group video call and proceeded to make 15 transfers totaling HK$200 million to five different Hong Kong bank accounts. The realization of the scam occurred approximately a week later, prompting a police investigation.
[...] Acting senior superintendent Baron Chan Shun-ching of the Hong Kong police emphasized the novelty of this scam, noting that it was the first instance in Hong Kong where victims were deceived in a multi-person video conference setting. He pointed out the scammer's strategy of not engaging directly with the victim beyond requesting a self-introduction, which made the scam more convincing.