The Federal Bureau of Investigation has issued a stark warning about the growing threat of “deepfakes” being used in cyber extortion.
In a recent report, the FBI said that malicious actors are using deepfakes to manipulate photographs or videos, often obtained from social media accounts or the open internet, and create sexually-themed images that appear authentic.
They then circulate these photos on social media or pornographic websites for the purpose of sextortion schemes or to harass the victim.
The FBI mentioned that the improvements in the quality, customizability, and accessibility of artificial intelligence-enabled image generators have further contributed to the growth of deepfakes.
The commission said it has received reports from victims, including minors, whose photos or videos were altered to create explicit content that was then publicly circulated.
Many victims were unaware their images had been copied, manipulated, and circulated until it either came to their attention or they stumbled across them online.
Once the manipulated content is circulated, victims face significant challenges in preventing its continual sharing or removal from the internet.
“Malicious actors have used manipulated photos or videos with the purpose of extorting victims for ransom or to gain compliance for other demands (e.g., sending nude photos),” the FBI said.
The federal agency recommended that people exercise caution when posting or direct messaging personal photos, videos, and identifying information on social media, dating apps, and other online sites.
Moreover, people should use discretion when posting images, videos, and personal content online, particularly those that include children or their information, as they can be captured, manipulated, and distributed by malicious actors without your knowledge or consent.
Applying privacy settings on social media accounts, running frequent online searches for personal information, using reverse image search engines, exercising caution when accepting friend requests or communicating with unknown or unfamiliar individuals, and securing online accounts with complex passwords and multi-factor authentication are also among the FBI’s recommendations.
Deepfakes Used to Target Crypto Users
As of late, there have also been instances where deepfakes were used to target unsuspicting crypto users.
For instance, in May, a deepfake of Tesla and Twitter CEO Elon Musk was created to promote a crypto scam. The video contained footage of Musk from past interviews, manipulated to fit the fraudulent scheme.
Scam promoters have long resorted to deepfakes to drum up demand among potential crypto investors.
Scammers impersonate anyone from influencers to high-profile crypto figures, but also ordinary people to gain victims’ trust.
Last year, Miranda, an e-commerce worker who did not wish to disclose her real name because her company had not given her permission to speak publicly, was targeted by such an attack when imposters released a deepfake video of the Melbourne woman promoting a crypto scam and published it on her Instagram account.
The FBI has warned that AI deepfakes are becoming a tool of choice for cyber extortionists. Deepfakes are videos or audio recordings that have been manipulated to make it look or sound like someone is saying or doing something they never said or did.
Cyber extortionists are using deepfakes to threaten their victims with releasing embarrassing or damaging content. They may also use deepfakes to impersonate their victims in order to gain access to their accounts or networks.
Cryptocurrency is often used in cyber extortion cases because it is difficult to trace. Extortionists can demand payment in cryptocurrency and then use it to anonymously launder the funds.
Here are some examples of how crypto is being used in the process of cyber extortion with AI deepfakes:
- An extortionist creates a deepfake video of a CEO making racist remarks. They then send the video to the CEO’s company and demand a ransom payment in cryptocurrency.
- An extortionist creates a deepfake audio recording of a politician making false statements. They then release the recording to the public and demand a ransom payment in cryptocurrency.
- An extortionist steals the login credentials for a company’s email account. They then use the account to send phishing emails to the company’s employees. The emails contain a deepfake video of a CEO asking employees to wire money to a cryptocurrency address.
The FBI is warning businesses and individuals to be aware of the threat of cyber extortion with AI deepfakes. They recommend taking the following steps to protect themselves:
- Be aware of the signs of a cyber extortion attempt. These signs may include:
- Receiving an email or voicemail from someone you don’t know
- Being threatened with the release of embarrassing or damaging content
- Being asked to pay a ransom in cryptocurrency
- Do not open emails or attachments from unknown senders.
- Do not click on links in emails or voicemails from unknown senders.
- Keep your software up to date.
- Use strong passwords and change them regularly.
- Be careful about what information you share online.
If you believe you are the victim of a cyber extortion attempt, you should contact the FBI immediately.