Finance Employee Gets Scammed for Over $25M by Deepfake CFO

« Back to Blog
virtual meeting conference

A thief used clever deepfake technology to drain a multinational company’s Hong Kong branch of $25.6 million USD ($200M HKD) by staging a fake conference call featuring digitally recreated versions of company employees.

As originally reported by CNN, a finance worker at a multinational firm was suspicious of an email he received from his company’s UK-based CFO about a secret transaction. It wasn’t until he attended a video conference call about the transaction which included who he believed to be the CFO and other employees that the employee put aside his early doubts. Once the call ended and after hearing and seeing who he believed to be co-workers on the video call, the employee made the $25.6M USD transaction.

The scam was discovered later when the employee reached out to the corporation’s head office.

This case is one of several recent incidents in which scammers are believed to have used the deepfake technology to alter publicly available video and other footage to cheat people out of money.

Hong Kong police said they made six arrests in connection with identity card scams, in which fraudsters used deepfake technology to imitate people pictured on lost identity cards to trick facial recognition programs.

Source: Finance worker pays out $25 million after video call with deepfake ‘chief financial officer’ | CNN

Prevent This From Happening TO YOU!

The Dark Side of Technology

Artificial intelligence (AI) has made social engineering methods more complex, covert, and difficult to detect, making it easier for criminals to come for us more quickly. Hackers will often use social engineering tactics as a first step in a larger scam to infiltrate your system or network and steal sensitive data or disperse malware. We need to be more cautious than ever when receiving suspicious emails or texts.

Below are a few tips offered by the U.S. Department of Transportation’s Chief Information Officer, to avoid successful cyber intrusions:

  • Require multifactor authentications
  • Separate systems within an IT network so a single password cannot grant access to many systems
  • If you have been attacked, you should contact the FBI or CISA (Cybersecurity & Infrastructure Security Agency)
  • Complete a cybersecurity self-assessment to help understand current exposures
  • Replace manufacturers’ default passwords immediately

To learn more click here.

Source: Social Engineering Cyberattacks on the Rise | Transport Topics (ttnews.com)

Make Sure Your Clients Take a Proactive Approach To Protecting Their Business Should a Loss Occur

Berkley Crime logo

Make sure your clients have crime insurance. Take the steps to ensure that your clients are covered by calling one of the Berkley Crime team members listed below.

Sincerely,

Michael Beranek
Berkley Crime

Experts focused on your protection. We deliver.

National Practice Leader
Michael Beranek 
(646) 522-7362
[email protected]
East Regional Manager/Commercial Crime Product Leader
Matt McNamara 
(212) 497-3707
[email protected]
West Regional Manager
Brian Platt
(720) 979-1155
[email protected]
Renewal Team Leader
Cheryl Yorio
(860) 466-7379
[email protected]

“News You Can Use” E-Blast

Sign up for the latest news from Berkley Crime.

Let us know how
we can deliver for you!

844-44-CRIME