The rise of AI-generated deepfakes has placed the financial services industry and its customers at the epicenter of this growing cyber threat.
Whether deepfake fraud is hitting consumers, commercial accounts, or financial institutions themselves, organizations in the banking and financial services sector will need new processes and cybersecurity controls to address this new generation of financial fraud and scams.
A new Cyble report – Addressing Deepfake Risks in BFSI – looks at a wide range of financial deepfake threats and offers a comprehensive vision for structuring financial services cyber defenses against these new threats.
Here are some of the report’s findings. It is available as a free download along with other Cyble research reports.
Even Financial Employees Get Fooled by Deepfakes
These new deepfake threats are becoming so realistic that they’re fooling even financial professionals in some cases.
In one alarming incident, a financial employee at a renowned design and engineering firm was duped into attending a video call with people he believed were the company’s chief financial officer (CFO) and other coworkers, yet all of them turned out to be deepfake impersonations.
While the worker initially suspected phishing, the video call was so convincing that he wound up sending more than $25 million over 15 transactions.
That type of scam has now become part of the standard playbook for cybercriminals, and video and voice fakes will only become more convincing as GenAI tools continue to evolve.
Defending Against Financial Services Deepfakes
Cyble offered strategies for defending against deepfake scams, including ways to detect fraudulent account applications and activity.
Financial services firms have long been a prime target for cyberattacks and fraud compared to other sectors, which has resulted in some of the most substantial cybersecurity controls of any sector, public or private. That gives Banking, Financial Services, and Insurance (BFSI) organizations a good start on the controls needed for the new era of AI and deepfake threats.
To protect against such threats, Cyble recommends a range of controls for both processes and cybersecurity, some of which include:
- There could be multiple levels of approval for transactions above a certain amount, which could vary based on the size of the customer involved. Codewords may need to become a new requirement for sensitive financial communications.
- Device and account controls for financial transactions and privileged accounts should be as stringent as possible and go well beyond one-time passwords (OTP) to include additional factors such as biometrics, device security posture, and the use of additional accounts and devices for verification.
- Email filtering for spam and phishing attacks is another essential practice, as large language models (LLMs) have made phishing attacks significantly more effective.
- Monitoring customer accounts for potentially fraudulent activity and anomalous transactions has become more critical than ever.
- Because most credential theft occurs via infostealer malware, stolen credentials may appear on the dark web before attempts to hack an account occur, making leaked credentials an important early warning sign. Therefore, dark web monitoring for both company and customer credential theft could increasingly become a core practice by financial services companies – and make cybersecurity in general a competitive differentiator for BFSI organizations.
- Deepfake detection and takedown services have also become a critical cyber defense. Cyble notes that “Ideally, it will become ubiquitous even in consumer devices in the years ahead, as present spam controls are inadequate protection for this new era of threats.”
- Employee and customer education and training are also critically important defenses, and deepfake audio and video attack simulations must become part of security awareness and training programs.
Conclusion
Today’s cybercriminals are working with AI-powered tools that were inconceivable just a few short years ago. Those tools are creating deepfakes and AI-generated threats that have already met with considerable success.
Financial organizations must respond with urgency to stay on top of these growing threats. New financial processes and cybersecurity controls are just some of the measures that will be required to shore up defenses against deepfake threats.
Cyble offers a Deepfake Detection Tool integrated within its Executive Monitoring Module. The tool utilizes advanced AI algorithms to detect and analyze manipulated media, such as videos and audio files, in real-time, safeguarding executives and organizations from deepfake threats. In addition to deepfake detection, Cyble’s Executive Monitoring module offers comprehensive protection for high-profile executives by detecting and alerting on digital threats such as identity theft, public mentions, data breaches, and compromised credentials.
Cyble’s Dark Web Monitoring solution is another way for financial organizations to stay on top of threats, including leaked internal and customer account credentials. Cyble also offers a comprehensive suite of threat intelligence, cloud security, and attack surface management platforms.
