Is it your friend? Or is it a Deepfake? 👻 | Playing — File or Domain🛅
CyberInsights #95 - Cyberattacks using Deep Fakes | New extensions .zip and .mov are creating confusion and vulnerabilities.
Can you believe a call from your friend?
Deepfake videos are now being used for cyber frauds. Taking awareness up a notch might not work, but it is the only solution yet.
Imagine receiving a call from your best friend. She asks for money. You send it — only to realise that you were conned by a deepfake. This Chinese man suffered it.
To learn more about what deepfakes are and how they are created, refer to this introduction. Deepfakes are not very hard to create. If you have basic Python skills and can import some libraries, you can create a deepfake. A deepfake with good quality, however, is not so easy. It depends on how well you can train the deepfake.
Yes, deepfakes are AI too! They are known as Generative Adversarial Models (GAMs). They learn from a training data set. The more training data you can feed the model, the more accurate the deepfake. (I had promised no more AI talk, but what do you do…)I will be writing more about deepfakes and what we can do as cybersecurity professionals.
Take Action:
Increase awareness about deepfakes in your organisation. Talk about Situational Awareness (A topic that gets a chapter in my book published last year - Monkey, Shakespeare, Typewriter).
If you are a cyber insurance underwriter, this is why you charge a higher premium for content creators with a large collection of videos on YouTube.
Zip it, Mov it, Hack it.
New .zip and .mov domains cause cyber-confusion.
A famous cyber trainer once said - To click or not to click, that is the question…
(That was just me, but then if I had not said ‘famous cyber trainer’ you would not have paid attention)
That questions gets much harder with the release of new top level domains by Google. Top level domains are the .com, .org and .edu that we are so used to.
Of the new top level domains, two are the cause of much confusion — .zip and .mov.
The problem in not in the domain name. It is that these domains are also associated with popular file extensions. We have all downloaded files with .zip and .mov extensions. Read this article to understand the risks of the new domains.
We are more likely to fall for a phishing scam if links have these top level domains.
For example, what would you make of this url:
https://github.com/kubernetes/kubernetes/archive/refs/tags/@v1.27.1.zip
It appears to take you to a GitHub page and gets you to download a zip file. Not True. Everything between the ‘https://’ and the ‘@’sign is considered as user info and ignored. This is actually a link to a site 1.27.1.zip. Scary, right? Read this article to understand how this works.
Take Action:
Release an advisory for your organisation about the new domains and the new way in which users can be defrauded.