ESET reports and summarizes 7 shocking real-life cases of scams using deepfakes

Cybercriminals have found that using artificial intelligence allows them to enhance their scams, making their deceptions more realistic and harder to detect. Recently, fake videos have surfaced impersonating internationally renowned figures, such as Lionel Messi or the CEO of a major organization.  However, these scams also occur on a smaller scale, such as targeting a school principal in the United States. ESET, a leading proactive threat detection company, reviews some of the cases where deepfakes were the main tool used in scams that resulted in millions of dollars in losses or the compromise of sensitive information.

Deepfake is an artificial intelligence-based technique for synthesizing human images to create fake content from scratch, using existing videos or even just a still image. They are designed to replicate the appearance and voice of a real person.

“With the evolution of Artificial Intelligence, these videos and audio recordings seem increasingly real. Many exploit the image of public figures or well-known entities to say something false, as part of a scam that aims to obtain money or sensitive information,” says Camilo Gutiérrez Amaya, Head of the ESET Latin America Research Lab.

ESET compiled amazing, truly real, and recent cases

Lionel Messi: The Argentine football player is one of the most recognized personalities worldwide. In this case, cybercriminals exploited his popularity to carry out a deepfake scam, promoting an app that promised suspiciously high and irresistible earnings. The app in question was called “Wildcat Dive,” and in the fake video, Messi claimed it was one of his main sources of income and that it had helped many people earn money. Through advertisements on the social network Instagram, the cybercriminals distributed snippets of a fabricated interview, which was based on a real interview the footballer had given to a well-known Argentine streaming program.

Arup: In early 2024, the architectural firm that designed the Sydney Opera House and the Etihad Stadium, Arup, made headlines when a financial employee at the company’s Hong Kong office received a video call from (allegedly) the company’s CFO. The result of the meeting was 15 transfers totaling over $25 million. The bad news is that it was actually a deepfake, so the transfers had not been approved by anyone in the company.

Ferrari: In this case, cybercriminals attempted a deepfake voice scam, impersonating Benedetto Vigna, the CEO of the automotive company. In July 2024, using voice imitation, they tried to convince the company’s finance executives to make a large money transfer. One of the employees became suspicious and asked a question that the AI ​​used in the scam could not answer correctly. Not only did this attack fail, but it prompted Ferrari to reinforce its employee training to prevent similar scams in the future.

WPP: One of the world’s largest advertising companies was also the target of a scam attempt involving a deepfake. In mid-2024, cybercriminals used a fake WhatsApp account, a voice recording, and YouTube footage of a virtual meeting to impersonate the company’s CFO, Mark Read. The malicious actors organized a meeting via Microsoft Teams, under the pretext of creating a new company, and used this as a lure to obtain money and sensitive personal data from the company. According to WPP, this attack was unsuccessful thanks to the company’s vigilance and the training its employees received to detect these scams.

School in Baltimore: Not only high-profile companies are targeted by deepfakes. In this case, a school principal was heard making racist and antisemitic comments. The incident went viral (over 2 million views) and resulted in death threats against the educator. After an investigation, local police confirmed that the audio was a fake, manipulated with AI.

Elon Musk: A cryptocurrency investment scam used Elon Musk’s image to spread ads on X and YouTube, promoting supposed investment opportunities that promised high returns on Bitcoin. The ads included a link to a fraudulent website where unsuspecting users were asked to make initial deposits to participate in the alleged investment. According to the US Federal Trade Commission, the scam, which included deepfakes, resulted in losses of over $80 million for more than 7,000 victims who believed in the supposed investment.

President Zelensky: Politics was also affected by deepfake scams. In March 2022, during the conflict between Russia and Ukraine, a fake video circulated showing Ukrainian President Volodymyr Zelensky urging his troops to surrender. The president responded almost immediately with a genuine video posted on his official channels.

While deepfake scams are becoming increasingly realistic and difficult to detect, ESET shares some best practices to reduce the risk of falling victim to these types of scams

• Be wary of eye-catching advertisements that offer an opportunity for easy and unrealistic gains. Also be suspicious of those that feature well-known celebrities.
• Pay attention to the video quality: if there are visual glitches, poor synchronization, or low resolution, it is likely a deepfake.
• Use security software on all devices to help block fake websites and emails containing malicious content.
• For businesses, it is important to not authorize payments solely based on a phone call or video call. Consider using keywords or internal codes as an additional verification method.
• Continuous training is essential: being trained to recognize the warning signs of deepfakes and scams is another key practice.
• Take advantage of the tools currently available to detect deepfakes and combat misinformation.

ESET invites you to learn more about cybersecurity by visiting: https://www.welivesecurity.com/es/.

For additional useful preventative information, visit ESET’s website in Venezuela: https://www.eset.com/ve/, and follow them on social media @eset_ve. Also on Instagram (@esetla) and Facebook (ESET).

Information and images courtesy of ESET and Comstat Rowland

Visit our news channel on Google News and follow us to get accurate, interesting information and stay up to date with everything. You can also see our daily content on X/Twitter and Instagram