New Articles
Windows 11 users have discovered a funny bug that benefits older computers....
It's easy to turn off the transmission — we tell you how to do it....
Such photos have been taken by models and social media users for a long time,...
A famous musician? A schoolteacher? Mom? Tell us about the people you looked up...
Thanks to the instructions of Artyom Kozoriz, you can cope no worse than a...
5 interesting exercises that will help you develop flexibility....
From "Starship Troopers" and "The Matrix" to...
The return of Garfield and Mufasa, the new Transformers and the Lord of the...
About Everything Wiki » Life » Criminals use artificial intelligence for robberies. And that's how they do it.

Criminals use artificial intelligence for robberies. And that's how they do it.

20 Jan 2024, 12:00, parser
0 comments    0 Show

What cases of robberies are already known

1. The head of the company was misled with the help of a deepfake

A deepfake is a fabricated digital image of a person created with the help of artificial intelligence. It can be integrated into a video clip or audio track and programmed for any action. The first case of fraud with its use occurred First‑Ever AI Fraud Case Steals Money by Impersonating CEO / Identity Theft Resource Center in 2019. The criminals faked the voice of the head of a German company and called the head of one of its branches in the UK. They asked for an urgent transfer of a large sum to a Hungarian bank. The manager was sure that he was talking to the boss, because he recognized his manner of speech, and transferred 243 thousand dollars to the account.

Later, the criminals called twice more and requested a new transfer. But the last call was from an Austrian number, not a German one. This alerted the British leader, and he refused to transfer the money.

2. Scammers convinced to transfer millions of dollars to a fake account

Another robbery using a fake voice occurred Fraudsters Cloned Company Director’s Voice In $35 Million Heist, Police Find / Forbes in 2020. The head of the Japanese company's branch in Hong Kong received a call from the "director" of the head office. He talked about plans to absorb the unprofitable enterprise, which required money. A lawyer was allegedly hired to coordinate the procedure, and the "director" sent the manager an email correspondence with him. There were also account details where it was proposed to transfer a large amount. Seeing nothing unusual, the employee transferred $35 million. By the way, law enforcement officers from the UAE were investigating the crime, who recorded a suspicious transaction.

3. Companies have lost money due to hackers who exploit vulnerabilities in email

Image: Gorodenkoff / Shutterstock

In 2023, the hacker group GXC Team introduced Cybercriminals Implemented Artificial Intelligence (AI) For Invoice Fraud / Resecurity the Business Invoice Swapper program. The tool uses proprietary algorithms to check emails. He finds those where accounts are mentioned or there are attachments with payment details, and then replaces the real data with the details of the criminals. Hackers spread information about the program in messengers. She works by subscription, and on New Year's Eve they even offered a discount on the purchase.

Only in the USA, the compromise of corporate mail, including through the substitution of accounts, in 2022 led to Cybercriminals Implemented Artificial Intelligence (AI) For Invoice Fraud / Resecurity to the loss of more than $ 2.4 billion. On average, companies lost 120 thousand dollars in each individual case.

How to protect a company from fraud attacks

1. Train employees

Experts of the Regional Public Center for Internet Technologies believe that a person is the weakest link in the cybersecurity system. Therefore, it is important for the head of the company to tell employees about common ways of luring money and how to protect themselves. For example, today scammers use Criminals will soon use ChatGPT to make scams more convincing, experts warn; only ‘a matter of time’ before S’pore hit / Today Online neural networks for writing emails. Such programs correct grammatical errors, and the criminal's messages can look convincing, even if he writes in a foreign language. But it can be calculated on other grounds — for example, by insistent request for bank details and calls to make a payment as soon as possible.

2. Update the software regularly

Image: Gorodenkoff / Shutterstock

Updates often contain fixes for security vulnerabilities, and this can help prevent attacks. In addition, do not neglect the antivirus and use firewalls that filter traffic according to the specified rules. For example, even if an employee downloads a virus and infects a computer, when the program tries to transfer information to an unknown IP address, the firewall will automatically stop it.

3. Enter multi-factor authentication

Let users provide more information when logging in, not just a password. For example, they enter a code that comes in an SMS or email. Another option is to use hardware security keys. They look like regular flash drives and are connected to a computer via a USB port. The device reads the information and confirms the identity. This method is considered reliable because fraudsters cannot intercept data over the Internet. The only way to log in is to steal the physical key.

4. Carefully study the offers of cooperation

Sometimes criminals pretend to be representatives of large companies and offer to conclude a contract for the provision of services. Double-check potential partners. Suspicion should be aroused by a newly registered company, whose statutory documents indicate many unrelated activities. In addition, pay attention to the email address of the person who wrote to you. As a rule, large organizations use their own domain mail.

Even if the data is in order, do not rush to transfer money. Criminals can hack the email of an employee of a real company and issue an invoice on his behalf, specifying their banking details. Use the INN to search for other contacts of the company and clarify whether the correct information was sent to you.

5. Monitor the safety of employees on the remote

Give them access only to the systems and applications they need to work with. When using video communication programs, do not publish links to meetings in the public domain. Allow only authorized users to enter and block the room after the start of the call.

Ideally, you need to provide employees with working devices to access the company's internal network. The security of personal laptops is difficult to control, because, for example, they may not have an antivirus. If you cannot provide all the equipment, it is better to transfer key employees to the office.

Read also:
03 May 2023, 19:32    0    0
Today, Lifehacker will tell you about a useful web service called "My Business" - online...
Comments
reload, if the code cannot be seen