In 2019, the percentage of phishing has increased in the main attack vectors (according to a report from Microsoft, published at the end of the year).
Furthermore, "the phishing methods used increase their level of adulteration" with falsified 404 error pages or even falsified pages indexed in Google.
In October, an article published on Kaspersky's blog even reported phishing campaigns disguised as evaluation surveys of business performance!
Between 2017 and 2018, searches associated with the word "deepfake”Have been 100 times greater than in previous years, on the Google search engine. In reality, the threat became tangible in 2019. In September, an English company was victim of a scam against its president as an employee paid £ 200.000 to a Hungarian supplier. The latter thought he had received an order from the CEO over the phone, but in reality it was a deepfake made from a voice recording. Another example, this time in terms of images, is a video released in November showing images of Donald Trump announcing the end of the AIDS epidemic in the world. False alarm: it was a campaign of the Solidarité Sida association, based again on a deepfake. In addition to these two reports, Google has announced that it will be accelerated the distribution of Duplex, an artificial intelligence that makes calls autonomously. Will 2020 therefore be the year of social engineering in a deepfake version?
The introduction of deepfakes into the hackers' arsenal is a real technical challenge for prevention and security. Most of the experts are terrified in the face of the complexity of this threat. As design tools become more accessible to everyone, 2020 is likely to see an increase in deepfake-based phishing campaigns. This technique will also be one of the most supervised in 2020, particularly in view of the US presidential election in November. How does it work ? Specifically, a deepfake could be used for phishing (as part of a Phishing or spear-phishing). For example, imagine an audio deepfake in the form of a call from a Comex member who anticipates that he is about to send a PDF file for urgent review. The first time you click on the file, the ransomware is installed ...
The threat of a "deepfake-as-a-service", Which would increase the effectiveness of cyber attack campaigns, it is therefore serious. So that data from a Forrester study indicate that the damage caused by the deepfake attacks could reach $ 250 million in 2020. However, making a credible deepfake seems extremely complex and expensive. And it is precisely this cost factor (compared to the cost of creating a simple ransomware) that could reduce the scope of the expected explosion of deepfake-as-a-service. The newspaper teams Le Monde they concluded their research stating: "too complex and too expensive for the vulgum pecum ". What to say instead of cybercriminals who have more means, such as those of a state, for example? Or gods small independent genes ? All this suggests that 2020 may be the year of multi-speed phishing, with simple campaigns, which play on the credibility of the recipients through already known techniques, and more complex campaigns, which use the latest technologies to deceive the more experienced.
Coveware by Veeam will continue to provide cyber extortion incident response services. Coveware will offer forensics and remediation capabilities…
Predictive maintenance is revolutionizing the oil & gas sector, with an innovative and proactive approach to plant management.…
The UK CMA has issued a warning about Big Tech's behavior in the artificial intelligence market. There…
The "Green Houses" Decree, formulated by the European Union to enhance the energy efficiency of buildings, has concluded its legislative process with…
