E R T N
P
X
E INIO
OP
with a target, which will further hinder
the detection of any nefarious activity.
Although the following examples of
email audio attachments are likely not
associated with deepfake methodology,
potential vectors to elicit fraudulent
activity or acquire user credentials
cannot be dismissed.
Figure 3: A malicious voicemail attachment
www.intelligentciso.com
|
Issue 21
The examples provided here
represent more typical and
frequent types of voicemail
attacks in existence.
Current threat
landscape
With technology that allows
criminal entities to collect
voice samples from a myriad
of open source platforms and
model fake audio
content, it is highly likely
that there will be an increase
in enhanced BEC attacks
that are supplemented by
deepfake audio. In addition,
as companies seek to
interact more and more with
their customer base through
the use of social media, the
barrier to acquiring source
material for deepfakes will
Figure 4: Another example of a malicious
voicemail attachment
be lower. As such, leaders must remain
aware of the non-conventional threats
they are exposing themselves to and
maintain a robust awareness training
programme that evolves alongside
voice phishing and a proactive threat
intelligence model that takes steps to
mitigate threats. u
43