We’re truly living in unprecedented times and battling a fast-moving virus for the past several months is only the beginning. COVID-19 itself is one obstacle, but we also have to deal with cybercriminals who are taking advantage of the trying times we’re living in.
The number of scams exploiting the coronavirus is staggering. In fact, we’ve seen a huge increase in COVID-19 related scams in just the last few weeks. Tap or click here to find out why there’s been such a spike in these crimes.
As if things haven’t been bad enough, it’s about to get a whole lot worse. That’s because deepfake technology has been advancing to the point where it’s become difficult to tell what’s real from what’s fake. Even worse, thieves don’t even need to be super tech-savvy because they can get deepfake help for cheap on the Dark Web.
Boss…is that you?
Cybercriminals will look for any way possible to get your information, whether it’s targeting individuals with phishing messages or hacking into massive databases. Speaking of, in just the month of May alone, there were more than 460 million records exposed in data breaches – and those are just the ones that have been publicly acknowledged. Tap or click here for details on a recent major breach at a popular bank.
For the past few years, ransomware has been an increasingly popular tool among scammers. Now many crooks are turning their attention to ransomware using deepfake technology.
As a refresher deepfake technology is an emerging technique that uses facial mapping, artificial intelligence (AI) and deep machine learning to create ultra-realistic fake videos of people saying and doing things that they haven’t actually done. When this technology first emerged, it was mainly used to create deepfakes of celebrities or politicians to have them say things they never actually said.
Here’s the scary part: The technology is improving at such a rapid pace that it’s getting increasingly difficult to tell what’s fake. Because of that, criminals are starting to use it for the everyday Joe to scam people out of money.
For example, a crook could create a fake video of your boss asking you to transfer money from your corporate account into one owned by the scammer. All they need is a picture of a company’s CEO, HR person, or team leader to make these deepfakes. And, with nearly everyone on social media these days, it’s easier than ever to find them.
Making matters worse is the fact that you don’t even need to know how to create deepfake technology to use it because criminals are selling it on the Dark Web at super cheap prices. Trend Micro found numerous examples of deepfake images, videos and even services for sale on the Dark Web.
As you can see in the image above, scammers are selling deepfake videos starting at $50, still images for about $2.50 each and you can buy the software used to create deepfakes starting at about $25. Very inexpensive for those with a certain moral-less code willing to use it.
How to protect against deepfake ransomware
Another scenario to worry about is a twist on the common sextortion scam that we’ve seen all too often recently. Sextortion scams are when a victim receives an email from a scammer who claims to have either screenshots of them watching pornography or a detailed history of their online habits.
The scammer threatens to send incriminating evidence to the victims’ family and friends if they don’t pay a ransom. Tap or click here to see a recent example.
Now, the fear is criminals will find a picture of you online, most likely from your Facebook page and use it to create a deepfake video. They could create a video showing you watching porn, even though it’s not actually you it will appear to be real.
Here’s where it gets really interesting. The creep who made the deepfake will email screenshots from the video to victims and include a link so they can watch it. But, here’s the problem: The link is malicious and if you click it, your device will be infected with ransomware. Then just like that, you’ve lost access to all the important files on your device.
It’s not exactly surprising, since cybercriminals have no limits to the depths they will sink to in order to rip people off. And, with this technology available at affordable prices on the Dark Web, it’s sure to become much more common. The good news is you can protect yourself with a few simple precautions.
The first thing to know is you should always be cautious with links found inside emails or text messages. There’s a good chance the link or attached doc could be malicious and infect your device with ransomware. If you need to visit a website always type the address directly into your browser instead of trusting a link.
As far as one of these suped-up sextortion scams go, don’t worry about watching an alleged video of you that you already know is fake. And, never pay the ransom for ransomware. The FBI has been saying for years not to pay because it wouldn’t guarantee the return of your files. We are dealing with untrustworthy criminals after all.
Another thing you should do is when available, always be using multi-level authentication (2FA). This is when you need at least two forms of verification, such as a password and a security code that is sent to you before logging into any sensitive accounts. Tap or click for more details on 2FA.
Finally, and this is extremely important, always have your critical files backed up. Hopefully, you never fall victim to a ransomware attack, but if you do, you need to be prepared. Take the FBI’s recommendation and don’t pay the ransom. Just back up your files before the attack and you can recover everything on your own.
We recommend using IDrive. IDrive lets you back up all of your devices, whether you have a Mac, PC, Android, iPad or iPhone, and you can conveniently manage your backups through a single online account.
IDrive is also affordable. Save 50% on 5 TB of cloud backup now!