Cybercriminals are malicious – but they’re also innovators. They are always finding new ways to target organizations. Earlier this year, the FBI reported on an increase in email account compromise (EAC) / business email compromise (BEC) attacks. They also detailed an emerging BEC scam format: fake virtual meetings with voice deepfakes.
Social engineering leads to these BEC and EAC attacks. By detecting these fake links in business communication apps and email channels, you can avoid BEC attacks like this, effectively reducing risk much earlier.
Read on to find out how this new attack vector worked – and how machine learning-powered Natural Language Understanding (NLU) tools can provide an essential layer of protection.
In a February 2022 public service announcement from the Internet Crime Complaint Center (IC3) of the FBI, the bureau reported that it has received escalating reports of BEC and EAC attacks that utilize virtual meeting platforms from 2019 up to the present.
How do these call-based attacks happen?
Typically, the criminal has compromised an email account from the target company, and poses as an executive, often the CFO or CEO. Using voice deepfake technologies, the attacker then instructs individuals on the call to perform activities like unauthorized fund transfers or sensitive information pullout, and tells them to send the funds or data to fraudulent accounts. They facilitate transfers either through the virtual meeting platform’s chat functionality or through a follow-up email after the call.
Other techniques used, according to the report, are:
Part of the reason for the proliferation of these new BEC + virtual meeting attacks, the report points out, is the remote/hybrid working setup that companies have adopted ever since the COVID-19 pandemic broke out.
When employees and employers alike were all forced to close down their offices and work from their homes, tools like Zoom and Microsoft Teams enabled continuous communication with their video conferencing capabilities. Both became widely adopted, which resulted in 191,000 enterprise customers for Zoom, as of February 2022.
And now, criminals are using voice deepfakes to leverage these virtual meeting tools for nefarious purposes.
The dangers of deepfakes are not lost on others. Eric Milam, Blackberry’s VP of Research and Intelligence, shared his insight on the problems that deepfake technologies bring.
"You're already hearing about people using voice to steal money from banks and authenticate themselves," said Milam, referencing the $35M money heist that involved a company director’s voice deepfake in 2021. He adds:
"Deepfakes are like CGI. We've had it for years; it's only going to get better and now we have the power in our cell phones to do it.”
Product: Learn more on how to secure Zoom
for your enterprise
In addition, a cybersecurity solution that leverages Natural Language Understanding (NLU) with the help of machine learning is essential.
NLU is a more sophisticated subset of Natural Language Processing (NLP), in the sense that it involves pulling not just the literal meaning of a line of text or a recording, but its context and intent, as well. Basically, NLP processes the individual words in a particular sentence, while NLU understands what the sentence implies in its entirety.
With machine learning-powered NLU, different BEC attacks can be identified through scanning for and detecting the initial social engineering attack that leads to the fake meeting – whether it was sent over via email or other communication platforms. BEC attacks often have common patterns, like the constant sense of urgency or discussion around payment or credentials, and natural language understanding can hone in on those qualities to catch social engineering context and intent.
Such a robust solution will be able to recognize these patterns from various samples of BEC and EAC attacks and use them to analyze and pinpoint similar BEC scam formats.
Find out more about how NLU can help stop BEC and other social engineering tactics through this blog.
If you are interested in learning more about the SafeGuard Cyber solution, you can take a quick 5-minute tour.