Deepfakes are manipulation or fabrication of video, image or audio files created using software with the intention of convincing you they are real messages. They might be created to spread misinformation online, or they could be sent to your email as a spoofed message. The video is created to make it appear as if the real person is speaking, but it is not really so.
These fake video files might be harmless pranks. However, cybercriminals can also use them to orchestrate scams. As one example, in March 2019 a CEO in the U.K. thought he was speaking to his boss on the telephone and was tricked into transferring $243,000 to the scammer. Or you might be sent an incriminating (false) video. Once you click the link out of curiosity to view the content, malicious malware could be downloaded on your computer. According to a report by Trend Micro, cybercriminals are posting on the dark web expressing an interest in monetizing on this technology, through sextortion.
Lookout for these signs the video or audio file may be fake:
- Slow down, and do not feel rushed or pressured to act quickly, which may be the content of the message delivered.
- Audio is inconsistent, poor quality or unusual background noise.
- Teeth do not look authentic.
- Unnatural eye movement or blinking.
- Check the lips and neck areas for inconsistencies.
A way to counter deepfake attempts is to limit access cybercriminals have to the material they need to fabricate the messages. Be careful how you share images and videos on social media. Do an audit of your current photos, and if you see something you do not recognize, un-tag yourself or ask your contact to remove it.
If you are ever unsure about a message you receive, whether it’s a written email, or an online post, or a direct social media message, always check the source to verify its legitimacy. If the message is out of the ordinary, contact the person back on another a secure channel. It is better to be safe than sorry.