Content |
Deepfakes (DeepFake)
Main article: Deepfakes (DeepFake)
Chronicle
2024
21% of Russian companies were attacked using deepfakes
B1 MTS AI On January 14, 2025, a group of companies and the company presented a study on to the attacks companies using audio and video spoofing (in cyber attacks which the criminal pretends to be a trustee in order to gain benefits). According to the survey, 92% of respondents believe that spoofing based on deepfakes poses a real threat to business, and 21% of respondents admitted that their companies have already suffered from fraud. AI More. here
Scammers in Russia began to use the method of "cybermystification" to deceive people
In November 2024, it became known that criminals developed a new technique for deceiving citizens, uniting psychological manipulations with digital technologies. Attackers use the so-called "cybermystification," using simultaneously social engineering methods and modern digital tools, including instant messengers and voice and image substitution technologies.
According to RIA Novosti, fraudsters are actively introducing deepfakes - fake images and voices - into traditional deception schemes to increase the trust of potential victims. The technology allows you to create convincing copies of the voices and appearance of real people.
 | The power of fraudsters is that they are the first to completely master the victim's consciousness, they enter into full confidence using social engineering methods, "said Sergei Veligodsky, director of the Sberbank Fraud Prevention Department. |  |
To counter new threats, Sberbank has developed a system for identifying fake images and voices. The bank's anti-fraud system unites more than 30 partners in the online exchange of data on risky customer transactions and automatically blocks suspicious transactions.
Experts of the financial organization emphasize the need to improve methods for developing digital literacy of the population. Traditional ways of informing about cyber threats are losing their effectiveness, which requires the development of new approaches to protecting customers.
The bank notes an increase in the number of cases of using deepfake technologies in fraudulent schemes. Attackers use them to imitate the voices and appearance of bank employees, law enforcement agencies and other officials.
The credit institution's anti-fraud system analyzes transactions for signs of fraud, regardless of the use of substitution technologies. If suspicious activity is detected, the system automatically suspends operations for additional verification.[1]
Donald Trump's use of deepfakes in crypto fraud recorded
Company. F.A.C.C.T notes the use deepfakes Donald Trump USA to advertizing fake of crypto resources after his victory in the presidential election. The F.A.C.C.T. reported on November 18, 2024. In addition to Trump, billionaire Elon Musk, American journalist Tucker Carlson, co-founder of the blockchain platform, Ethereum Vitaly Buterin football player, Cristiano Ronaldo model Kim Kardashian appear in the list of popular images among scammers. Given the growth of the course bitcoin and the emergence of new fraudulent resources, the risks of investors to invest "not there" are quite high: only one of the large teams of crypto cameras in 13 months stole more than $16 million from the victims.
One of the main trends in the development of cryptoscam in 2023-2024 was the active use of deepfakes in advertising fraudulent crypto projects, according to a study by analysts at the Digital Risk Protection department of F.A.C.C.T. To create videos using neural networks, fraudsters use both paid and free tools.
The proposed deepfakes are designed for an English-speaking audience and the generation of advertisements for fake crypto exchanges and cryptocurrency exchange platforms for TikTok, YouTube and banned social networks in Russia. Deepfake generation technologies are not yet ideal: if you look closely, in many such videos you can notice shortcomings in facial expressions.
Analysts at the F.A.C.C.T. note three main fraud schemes in the crypto industry: fake crypto exchanges and cryptocurrency exchangers, dryers and scam tokens.
Since 2022, analysts at the F.A.C.C.T. have found at least 600 domains fake crypto exchanges. Externally, they hardly differ from the real ones and offer a standard set of operations. The attacker's task is to bring the user to a deposit. The victim of this scheme may even be a person who does not have a crypto wallet: most fake exchanges and exchangers cryptocurrencies have the opportunity to make a deposit with. bank card Links to fake crypto resources are distributed through YouTube and prohibited in. Russia social networks
Simultaneously with the address of the fake crypto exchange site, scammers usually tell the victim a promotional code to receive a bonus. To withdraw the bonus, attackers offer to replenish the account with their own funds. Of course, as in all such schemes, the victim will not be able to return this money.
In the case of fake cryptocurrency exchange services, the situation is even easier. The victim transfers money to the wallet indicated on the website and does not receive anything back. Since 2023, analysts at the Department of Digital Risk Protection F.A.C.C.T. have discovered about 70 domains created by this scheme.
For two years, attackers have been actively using divers for cryptocurrency theft - malware that allows attackers to check the contents of victims' crypto wallets and withdraw their assets. The attacker's task is to bring the user to a malicious site that infects the victim's device.
Links to such sites are usually distributed through ads or posts on social networks, on video hosting, through email mailings, promotion of malicious sites in search results by popular keywords, messages on cryptocurrency forums. Often, attackers turn to potential victims directly through instant messengers, using contact details that users leave on cryptocurrency-related sites.
The scam token scheme is quite simple: a fraudster creates a token and promotes it, promising that it will soon rise in price and bring profit. In fact, the victim can only buy a token, but can never sell it.
Channels in Telegram, accounts in X (formerly Twitter) and channels in Discord are usually used to advertise the token . First, such channels work to attract subscribers, "warm up" for several weeks or months. As soon as the number of subscribers grows to several tens or hundreds of thousands, scammers begin to publish posts about a new "miracle token," which, according to them, is about to rise in price several times and therefore needs to be quickly bought. The token itself is placed on the official exchange, which, in turn, directly warns: the token may turn out to be fraudulent, so there is a high risk of irrevocably losing funds.
An analysis by F.A.C.C.T researchers of five relatively large criminal groups with the active participation of Russian-speaking workers working on a scheme with fake crypto exchanges showed that for them the average amount of theft is $233, and the largest amount stolen from one victim was $26,958. At the same time, in one of the largest teams, which is mainly engaged in dreaders, the average theft amount is ten times higher - $5,528, and the maximum transaction amount is $832,787. For 13 months, from April 2023 to April 2024, this team stole $16,384,483 from investors around the world. Read more details on the blog on our website.
| | Each cryptoscam scheme has its own characteristics that affect its profitability, "said Maria Sinitsyna, senior analyst at Digital Risk Protection at F.A.C.C.T. - In the case of fake crypto exchanges, the victim does not have to have cryptocurrency: it can be" purchased "on the same exchange and paid with a bank card. This means that the user will lose only the money that he decided to invest through the exchange. In the case of dryers, almost all funds are withdrawn from the victim's account from the connected wallet. This can explain the differences in the average amount of theft according to different cryptoscam schemes. | |
To protect brands from digital risks and the direct damage associated with their misuse on fake resources, companies working in the field of blockchain and cryptocurrencies are advised to use automated solutions that combine analysis of cyber intelligence data and machine learning capabilities.
The number of deepfake attacks on bank customers is growing in Russia
In Russia, an increase in the number of attacks using deepfake technology aimed at customers of banks and financial platforms was recorded. This became known in October 2024.
According to the system integrator "Informzaschita," since the beginning of 2024 the number of such incidents has increased by 13%, reaching 5.7 thousand cases. Experts attribute this to the widespread adoption and availability of technology that allows attackers to create high-quality face and voice fakes, creating more trust among potential victims.
According to Kommersant, the main targets of such attacks are bank customers and employees of financial organizations. According to Pavel Kovalenko, director of the Informzaschita Fraud Prevention Center, attackers create fake financial advisers who contact customers through video calls, posing as well-known experts or company leaders. Thus, they convince their victims to invest in fictitious projects or transfer access to bank data. Experts warn that in 2025 the number of such attacks may double.
The main mechanism of deception is the substitution of voice and facial expressions using artificial intelligence. According to Artem Brudanin, head of cybersecurity at RTM Group, deepfake technology is highly successful, since a person is inclined to trust familiar faces and voices. According to the company "Informzaschita," the effectiveness of such attacks is about 15-20%.
Among the most common schemes are the following: forging the voice and appearance of company leaders in order to gain access to financial information or convincing employees to transfer funds to fraudulent accounts. Andrei Fedorets, head of the Information Security Committee of the Association of Russian Banks, explains that the standard scenario involves hacking an employee's account, after which attackers create a deepfake based on the voice messages and photos available in the correspondence.[2]
See also
Main article: Forgery of documents
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |