Latin America. It is not news that Artificial Intelligence came to revolutionize the world, and cybercriminals have been able to take advantage of all this potential to weaponize targeted, more realistic and sophisticated social engineering attacks. Eset analyzed this scenario.
Techniques that involve voice cloning to impersonate family, friends or acquaintances are on the rise with the aim of obtaining private information or directly money from their victims. ESET, a leading company in proactive threat detection, analyzes the methodology used by attackers in this type of deception, how they can affect people and how to avoid being a victim.
Cybercriminals take small fragments of a real recording and through the use of Artificial Intelligence and voice patterns, create conversations and phrases to carry out their deceptions, with consequences as serious as they are costly. These samples are obtained from voice recordings or videos that are published on social networks such as Instagram or TikTok.
To measure its impact, the Federal Trade Commission of the United States reported that in 2023 alone that country lost 2,700 million dollars only due to scams. Along these lines, Starling Bank (a British bank that operates online) warned about the prevalence of this type of scam in the United Kingdom. The survey of more than 3,000 people revealed that more than a quarter of adults claim to have been the victim of an artificial intelligence voice cloning scam at least once a year. In addition, 46% of respondents mentioned that they did not know that such scams existed.
The growth in the number of scams involving Artificial Intelligence led the FBI to issue a statement to alert people: "Attackers are leveraging AI to create very convincing voice or video messages and emails to enable fraud schemes against individuals and businesses alike. These sophisticated tactics can result in devastating financial losses, reputational damage, and compromise of sensitive data," the agency said.
ESET warns that in the face of this type of scam that involves social engineering, the first advice is to stay alert. This means paying special attention to those unexpected messages that arrive with the urgency of requesting money or credentials of certain accounts. And along the same lines, call back the family member or friend in question to a known phone number.
Another of the measures suggested by the ESET research team is to have a "safe phrase", which is previously agreed between family and friends, in order to check if the person who is talking on the other end is who they really say they are.
It is also very important to implement multi-factor authentication whenever possible. It is about adding an extra layer of security, with the aim of preventing cybercriminals from accessing our accounts and systems.
"In the case of companies, beyond combining solutions to reduce the number of emails, calls and phishing messages that reach their employees, it is essential that they can educate and raise awareness among their teams of employees so that they can detect deception and not fall into the trap," says Camilo Gutiérrez Amaya, Head of the Research Laboratory at ESET Latin America.