Skip to content
shutterstock illustration ID: 1464098960
shutterstock illustration ID: 1464098960

News -

​Deepfake attack threat during Covid-19

In these unprecedented times many companies are in business continuity mode so the unusual has become both prioritised and normalised.

Many are making unusual purchases at short notice to facilitate their migration to increased or full remote working and fiduciary financial due diligence rules such as ‘four eyes’ checks and verification may be relaxed as finance teams are pushed to work remotely. This changes the threat landscape and affords threat actors new opportunities for attack which they will be characteristically quick to exploit.

Several of our clients had already seen an increase in the use of deepfakes to support Business Email Comprises (BECs) prior to the current Covid-19 crisis. Some stories have been covered in the press[1]. These attacks are often in the form of voicemails in support of an email (or sometimes alone) apparently from a CEO asking a CFO or finance colleague to make a transfer to a new customer or an existing one with changed payment details. Given the change in working practices brought about by the Covid-19 crisis and the natural human desire to help the business in the difficult times the additional use of deepfake voicemails could tip many finance colleagues into making the transfer.

Deepfakes are now relatively easy to make provided the threat actors have some samples of the victim’s voice. Many CEOs have active social media profiles replete with audio and video recordings so this is a straightforward matter. Technologies such as Lyrebird[2], Wavenet and Adobe VoCo[3] demonstrate the current state of the art and create a trickle-down effect bringing the technology within easy reach of the cyber criminals. Anyone who has seen my talk on ‘Managing Cyber Risk in a Fake World’ will be aware of how easy this is becoming. My colleague Matt Lewis covers many of the technologies in his excellent 44con talk[4].

The solution is education, awareness and process. Make sure all your finance colleagues are aware of the increased threat and seek to replicate your ‘four eyes’ checks even if your entire finance function is working remotely.






Press contacts

NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7824 412 405

Related content

Related events

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom