Cybercriminals around the world use a variety of exploits to conduct fraud schemes directed against individuals, companies, and government agencies. One of these schemes that has proved highly lucrative for cybercriminals over the past decade is the so-called “business email compromise” (BEC) scheme.[1]
BEC schemes typically involve cybercriminals’ infection of the email account of a corporate executive, then impersonating that company executive via email to direct a subordinate employee to wire-transfer a substantial amount of funds to one or more accounts that the cybercriminals control. The United States Secret Service has estimated current global daily losses to BEC schemes at approximately $8 million (an annualized $2.9 billion).[2]
Another online fraud technique that has been emerging more recently is the use of so-called “deepfakes.” Deepfakes — a form of synthetic media that uses “deep learning” (artificial intelligence) technology to synthetically create or manipulate various media, including video, audio, and images[3] — are well-recognized in the U.S. and United Kingdom banking sectors as a significant threat to bank customers.[4] Voice deepfakes, for example, can be used to deceive customers as well as bankers into transferring funds out of customer accounts.[5]