From Celebrities to CEOs: Deepfakes Used in Elaborate Scams

Experts at Palo Alto Networks have uncovered a network of fraudulent campaigns utilizing deepfakes of prominent figures to deceive users and steal funds.

These campaigns are disseminated in various languages, including English, Spanish, French, Italian, Turkish, Czech, and Russian. Each campaign targets specific countries, such as Canada, Mexico, France, Italy, Turkey, the Czech Republic, Singapore, Kazakhstan, and Uzbekistan.

Most of these campaigns are likely orchestrated by the same group of cybercriminals. Deepfake videos are used to promote fraudulent investment schemes and fake government giveaways. By June 2024, hundreds of domains were identified as being used to promote these campaigns, with each domain averaging 114,000 visits globally.

Initially, researchers focused on a campaign promoting an investment scheme called Quantum AI. As they analyzed the infrastructure associated with this campaign, they uncovered other fraudulent networks employing similar tactics but aimed at different audiences depending on the language and public figures involved.

The investigation into Quantum AI revealed that the attackers use new domains to host videos and lure victims into their schemes. In most cases, they began with legitimate videos, overlaying them with AI-generated audio tracks and using lip-sync technology to create more convincing videos. The most frequently used deepfakes feature Elon Musk, but there have also been instances involving other well-known personalities, such as Tucker Carlson or former Singaporean Prime Minister Lee Hsien Loong.

In May 2024, researchers observed a significant increase in the number of domains associated with Quantum AI, indicating the campaign’s expansion. Additionally, the fraudsters began migrating their videos to other domains to evade blocking.

The use of deepfake technology in fraud and phishing attacks is becoming increasingly widespread, posing a serious threat to users. It is important to note that despite the challenges in identifying the source of such attacks, combining traditional investigative methods with the latest technologies remains a crucial aspect of defending against cyber threats.