- Jul 27, 2015
- 5,457
Panic over the risk of deepfake scams is completely overblown, according to a senior security adviser for UK-based infosec company Sophos.
"The thing with deepfakes is that we aren't seeing a lot of it," Sophos researcher John Shier told El Reg last week. Shier said current deepfakes – AI generated videos that mimic humans – aren't the most efficient tool for scammers to utilize because simpler and cheaper attacks like phishing and other forms of social engineering work very well. "People will give up info if you just ask nicely," said Shier.
One area in which the researcher does see deepfakes becoming prevalent is romance scams. It takes a hefty amount of devotion, time and energy to craft believable fake personas, and the additional effort to add a deepfake is not huge. Shier worries that deepfaked romance scams could become problematic if AI can enable the scammer to work at scale. Shier was not comfortable setting a date on industrialized deepfake lovebots, but said the necessary tech improves by orders of magnitude each year. "AI experts make it sound like it is still a few years away from massive impact," the researcher lamented. "In between, we will see well-resourced crime groups executing the next level of compromise to trick people into writing funds into accounts."
Phishing works so well crims won't use deepfakes: Sophos
People reveal passwords if you ask nicely, so AI panic is overblown
www.theregister.com