Deepfake Video Impersonation Scams

常见手法

• • Scammers create deepfake videos of company CEOs, board members, or financial directors requesting urgent wire transfers, cryptocurrency payments, or sensitive data access, with the videos distributed via WhatsApp, email, or internal messaging platforms to create false urgency.
• • Criminals use publicly available video footage from social media, press conferences, and earnings calls to train AI models that generate convincing synthetic videos requiring only seconds of authentic audio to create a persuasive fake message.
• • Scammers impersonate high-profile celebrities, investors, or cryptocurrency influencers in deepfake videos promoting fake investment opportunities, NFT projects, or crypto exchanges to solicit funds from fans and followers.
• • Fraudsters combine deepfake videos with spoofed email addresses, fake phone numbers, and forged documents to create a multi-channel illusion of legitimacy, making it extremely difficult for victims to verify authenticity through standard channels.
• • Criminals time deepfake video attacks during business leadership transitions, CEO absences, or major company announcements when internal verification procedures may be temporarily disrupted or when employees are most likely to comply without questioning.
• • Scammers distribute deepfake videos through compromised email accounts or business collaboration tools like Slack and Teams that bypass external email filters, making the videos appear to come from trusted internal systems rather than outside attackers.

如何识别

• The video contains subtle visual inconsistencies such as unnatural eye movements, unusual blinking patterns, misaligned lips and audio, or jerky facial movements that don't match the person's normal mannerisms, particularly noticeable in close-up shots or during rapid head movements.
• The request comes with artificial urgency claiming that normal approval processes must be bypassed, circumstances are time-sensitive (acquisition closing, emergency payment, or critical system vulnerability), or discussing the request with other executives will cause problems.
• The audio quality seems slightly off with barely perceptible lag between the lips moving and sound, background noise that doesn't match typical settings for that person, or slight vocal inflections that sound robotic or overly formal compared to the person's usual speech patterns.
• The deepfake video arrives through unexpected channels like personal WhatsApp, direct messaging, or text rather than established business communication systems, or arrives outside normal business hours when verification procedures are typically unavailable.
• The person in the video requests highly unusual actions that contradict company policy, such as demanding single-signature authorization for large transactions, requesting wire transfers to foreign accounts, or asking for immediate payment in cryptocurrency rather than standard methods.
• The background, clothing, lighting, or setting in the video appears generic, unusual, or inconsistent with where that person typically conducts business, or the video quality is unusually high or low compared to what the person normally sends in internal communications.

如何保护自己

• Establish and enforce a multi-factor verification protocol for any financial request above a threshold amount, requiring in-person, phone-based, or video-call verification through a previously known number before processing any wire transfer or cryptocurrency transaction, regardless of video or email evidence.
• Train employees and executives on deepfake identification techniques, including red flags like unnatural facial movements and audio-video mismatches, and create a clear reporting procedure for suspicious video requests that doesn't penalize employees for requesting verification of unusual instructions.
• Implement AI-powered deepfake detection software on email systems and collaboration platforms that automatically flags suspicious videos for human review, and consider deploying liveness verification technology that requires real-time confirmation for sensitive transactions.
• Verify high-value transaction requests using out-of-band communication methods—if you receive a video request from an executive via email, independently call that person at a known phone number to verify the request is genuine before proceeding with any action.
• Disable employee access to stored biometric data and video libraries that could be used to train deepfake models, implement strict controls on internal video recording and storage, and limit the distribution of executive photos, speeches, and promotional videos on public-facing websites and social media.
• Create an authentication system using personal knowledge questions or security codes that only the real person would know, making it impossible for a deepfake video alone to authorize sensitive actions, and establish that any deviation from standard procedures requires independent verification from multiple sources.

真实案例

常见问题