The world of corporate security is now grappling with a new kind of threat: deepfake attacks. Recently, the CEO of WPP, Mark Read, revealed in an email to company officials that they had narrowly avoided falling victim to such a scheme. Fraudsters, using sophisticated techniques including AI-generated voice cloning, attempted to extort money and personal information from WPP by impersonating top executives in a virtual meeting.

The attackers created a WhatsApp account with a stolen image of Read, then set up a Microsoft Teams meeting, making it appear as though it was with him and another senior executive. During the meeting, they utilized a voice clone of the executive and YouTube footage to further their deception, even engaging in chat as if they were Read himself. Fortunately, their efforts were thwarted, but the incident serves as a stark reminder of the evolving tactics of cybercriminals.

This isn’t an isolated incident. Deepfake technology has increasingly been employed in corporate fraud, with banks and financial institutions being targeted in similar ways. The case involving Ozy, where an executive used voice-faking software to impersonate a YouTube official, underscores the potential financial impact of such schemes.

WPP, a major player in the advertising industry, is not alone in facing these threats. Many companies are now investing in generative AI, seeing it as a transformative tool for content creation and marketing. However, as the technology advances, so too do the risks. The ease with which deepfake audio can be created means that even seemingly innocuous communications can be manipulated to deceive.

In response to these challenges, Read outlined several warning signs for employees to watch out for, including unusual requests for money or sensitive information, and any mention of secret transactions. He emphasized the importance of skepticism, reminding staff that just because an account bears his photo doesn’t mean it’s actually him.

The incident serves as a wake-up call for companies everywhere to bolster their cybersecurity measures and remain vigilant against the growing threat of deepfake attacks. As AI technology continues to evolve, so too must our defenses against its misuse.