Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label AI Deepfakes. Show all posts
online privacy concerns
AI Deepfakes AI generated Deepfake AI Privacy AI Risks Artificial Intelligence (AI) Grok Cyber Security Deepfake concerns Grok Indonesia online privacy concerns

Indonesia Temporarily Blocks Grok After AI Deepfake Misuse Sparks Outrage

 

A sudden pause in accessibility marks Indonesia’s move against Grok, Elon Musk’s AI creation, following claims of misuse involving fabricated adult imagery. News of manipulated visuals surfaced, prompting authorities to act - Reuters notes this as a world-first restriction on the tool. Growing unease about technology aiding harm now echoes across borders. Reaction spreads, not through policy papers, but real-time consequences caught online.  

A growing number of reports have linked Grok to incidents where users created explicit imagery of women - sometimes involving minors - without consent. Not long after these concerns surfaced, Indonesia’s digital affairs minister, Meutya Hafid, labeled the behavior a severe breach of online safety norms. 

As cited by Reuters, she described unauthorized sexually suggestive deepfakes as fundamentally undermining personal dignity and civil rights in digital environments. Her office emphasized that such acts fall under grave cyber offenses, demanding urgent regulatory attention Temporary restrictions appeared in Indonesia after Antara News highlighted risks tied to AI-made explicit material. 

Protection of women, kids, and communities drove the move, aimed at reducing mental and societal damage. Officials pointed out that fake but realistic intimate imagery counts as digital abuse, according to statements by Hafid. Such fabricated visuals, though synthetic, still trigger actual consequences for victims. The state insists artificial does not mean harmless - impact matters more than origin. Following concerns over Grok's functionality, officials received official notices demanding explanations on its development process and observed harms. 

Because of potential risks, Indonesian regulators required the firm to detail concrete measures aimed at reducing abuse going forward. Whether the service remains accessible locally hinges on adoption of rigorous filtering systems, according to Hafid. Compliance with national regulations and adherence to responsible artificial intelligence practices now shape the outcome. 

Only after these steps are demonstrated will operation be permitted to continue. Last week saw Musk and xAI issue a warning: improper use of the chatbot for unlawful acts might lead to legal action. On X, he stated clearly - individuals generating illicit material through Grok assume the same liability as those posting such content outright. Still, after rising backlash over the platform's inability to stop deepfake circulation, his stance appeared to shift slightly. 

A re-shared post from one follower implied fault rests more with people creating fakes than with the system hosting them. The debate spread beyond borders, reaching American lawmakers. A group of three Senate members reached out to both Google and Apple, pushing for the removal of Grok and X applications from digital marketplaces due to breaches involving explicit material. Their correspondence framed the request around existing rules prohibiting sexually charged imagery produced without consent. 

What concerned them most was an automated flood of inappropriate depictions focused on females and minors - content they labeled damaging and possibly unlawful. When tied to misuse - like deepfakes made without consent - AI tools now face sharper government reactions, Indonesia's move part of this rising trend. Though once slow to act, officials increasingly treat such technology as a risk needing strong intervention. 

A shift is visible: responses that were hesitant now carry weight, driven by public concern over digital harm. Not every nation acts alike, yet the pattern grows clearer through cases like this one. Pressure builds not just from incidents themselves, but how widely they spread before being challenged.
Read more »
Grok
AI Chatbot AI Deepfakes AI Privacy AI Risks AI security risks Artificial Intelligence (AI) Grok Cyber Security Deepfake Images Grok

Grok AI Faces Global Backlash Over Nonconsensual Image Manipulation on X

 

A dispute over X's internal AI assistant, Grok, is gaining attention - questions now swirl around permission, safety measures online, yet also how synthetic media tools can be twisted. This tension surfaced when Julie Yukari, a musician aged thirty-one living in Rio de Janeiro, posted a picture of herself unwinding with her cat during New Year’s Eve celebrations. Shortly afterward, individuals on the network started instructing Grok to modify that photograph, swapping her outfit for skimpy beach attire through digital manipulation. 

What started as skepticism soon gave way to shock. Yukari had thought the system wouldn’t act on those inputs - yet it did. Images surfaced, altered, showing her with minimal clothing, spreading fast across the app. She called the episode painful, a moment that exposed quiet vulnerabilities. Consent vanished quietly, replaced by algorithms working inside familiar online spaces. 

A Reuters probe found that Yukari’s situation happens more than once. The organization uncovered multiple examples where Grok produced suggestive pictures of actual persons, some seeming underage. No reply came from X after inquiries about the report’s results. Earlier, xAI - the team developing Grok - downplayed similar claims quickly, calling traditional outlets sources of false information. 

Across the globe, unease is growing over sexually explicit images created by artificial intelligence. Officials in France have sent complaints about X to legal authorities, calling such content unlawful and deeply offensive to women. A similar move came from India’s technology ministry, which warned X it did not stop indecent material from being made or shared online. Meanwhile, agencies in the United States, like the FCC and FTC, chose silence instead of public statements. 

A sudden rise in demands for Grok to modify pictures into suggestive clothing showed up in Reuters' review. Within just ten minutes, over one00 instances appeared - mostly focused on younger females. Often, the system produced overt visual content without hesitation. At times, only part of the request was carried out. A large share vanished quickly from open access, limiting how much could be measured afterward. 

Some time ago, image-editing tools driven by artificial intelligence could already strip clothes off photos, though they mostly stayed on obscure websites or required payment. Now, because Grok is built right into a well-known social network, creating such fake visuals takes almost no work at all. Warnings had been issued earlier to X about launching these kinds of features without tight controls. 

People studying tech impacts and advocacy teams argue this situation followed clearly from those ignored alerts. From a legal standpoint, some specialists claim the event highlights deep flaws in how platforms handle harmful content and manage artificial intelligence. Rather than addressing risks early, observers note that X failed to block offensive inputs during model development while lacking strong safeguards on unauthorized image creation. 

In cases such as Yukari’s, consequences run far beyond digital space - emotions like embarrassment linger long after deletion. Although aware the depictions were fake, she still pulled away socially, weighed down by stigma. Though X hasn’t outlined specific fixes, pressure is rising for tighter rules on generative AI - especially around responsibility when companies release these tools widely. What stands out now is how little clarity exists on who answers for the outcomes.
Read more »
Innovation
AI Deepfakes Artificial Intelligence Cyber Security Cyber Threats Financial Data Innovation

Why Cybersecurity Threats in 2026 Will Be Harder to See, Faster to Spread, And Easier to Believe

 


The approach to cybersecurity in 2026 will be shaped not only by technological innovation but also by how deeply digital systems are embedded in everyday life. As cloud services, artificial intelligence tools, connected devices, and online communication platforms become routine, they also expand the surface area for cyber exploitation.

Cyber threats are no longer limited to technical breaches behind the scenes. They increasingly influence what people believe, how they behave online, and which systems they trust. While some risks are still emerging, others are already circulating quietly through commonly used apps, services, and platforms, often without users realizing it.

One major concern is the growing concentration of internet infrastructure. A substantial portion of websites and digital services now depend on a limited number of cloud providers, content delivery systems, and workplace tools. This level of uniformity makes the internet more efficient but also more fragile. When many platforms rely on the same backbone, a single disruption, vulnerability, or attack can trigger widespread consequences across millions of users at once. What was once a diverse digital ecosystem has gradually shifted toward standardization, making large-scale failures easier to exploit.

Another escalating risk is the spread of misleading narratives about online safety. Across social media platforms, discussion forums, and live-streaming environments, basic cybersecurity practices are increasingly mocked or dismissed. Advice related to privacy protection, secure passwords, or cautious digital behavior is often portrayed as unnecessary or exaggerated. This cultural shift creates ideal conditions for cybercrime. When users are encouraged to ignore protective habits, attackers face less resistance. In some cases, misleading content is actively promoted to weaken public awareness and normalize risky behavior.

Artificial intelligence is further accelerating cyber threats. AI-driven tools now allow attackers to automate tasks that once required advanced expertise, including scanning for vulnerabilities and crafting convincing phishing messages. At the same time, many users store sensitive conversations and information within browsers or AI-powered tools, often unaware that this data may be accessible to malware. As automated systems evolve, cyberattacks are becoming faster, more adaptive, and more difficult to detect or interrupt.

Trust itself has become a central target. Technologies such as voice cloning, deepfake media, and synthetic digital identities enable criminals to impersonate real individuals or create believable fake personas. These identities can bypass verification systems, open accounts, and commit fraud over long periods before being detected. As a result, confidence in digital interactions, platforms, and identity checks continues to decline.

Future computing capabilities are already influencing present-day cyber strategies. Even though advanced quantum-based attacks are not yet practical, some threat actors are collecting encrypted data now with the intention of decrypting it later. This approach puts long-term personal, financial, and institutional data at risk and underlines the need for stronger, future-ready security planning.

As digital and physical systems become increasingly interconnected, cybersecurity in 2026 will extend beyond software and hardware defenses. It will require stronger digital awareness, better judgment, and a broader understanding of how technology shapes risk in everyday life.

Read more »
Scam
AI Deepfakes Bengaluru Cyber Crime deep fake videos Financial Scam links Scam

Deepfake of Finance Minister Lures Bengaluru Homemaker into ₹43.4 Lakh Trading Scam




A deceptive social media video that appeared to feature Union Finance Minister Nirmala Sitharaman has cost a Bengaluru woman her life’s savings. The 57-year-old homemaker from East Bengaluru lost ₹43.4 lakh after being persuaded by an artificial intelligence-generated deepfake that falsely claimed the minister was recommending an online trading platform promising high profits.

Investigators say the video, which circulated on Instagram in August, directed viewers to an external link where users were encouraged to sign up for investment opportunities. Believing the message to be authentic, the woman followed the link and entered her personal information, which was later used to contact her directly.

The next day, a man identifying himself as Aarav Gupta reached out to her through WhatsApp, claiming to represent the company shown in the video. He invited her to a large WhatsApp group titled “Aastha Trade 238”, which appeared to host over a hundred participants discussing stock trades. Another contact, who introduced herself as Meena Joshi, soon joined the conversation, offering to help the victim learn how to use the firm’s trading tools.

Acting on their guidance, the homemaker downloaded an application called ACSTRADE and created an account. Meena walked her through the steps of linking her bank details, assuring her that the platform was reliable. The first transfer of ₹5,000 was made soon after, and to her surprise, the app began displaying what looked like real profits.

Encouraged by what appeared to be rapid returns, she made larger investments. The application showed her initial ₹1 lakh growing into ₹2 lakh, and a later ₹5 lakh transfer seemingly yielding ₹8 lakh. The visual proof of profit strengthened her trust, and she kept transferring higher amounts.

In September, problems surfaced. While exploring an “IPO feature” on the app, she tried to exit but was unable to do so due to recurring technical errors. When she sought help, Meena advised her to continue investing to prevent losses. The woman followed this advice, transferring a total of ₹23 lakh in hopes of recovering her funds.

Once her savings were exhausted, the scammers proposed a loan option within the same app, claiming it would help her maintain her trading record. When she attempted to withdraw money, the platform denied the request, displaying a message stating her loan account was still active. Believing the issue could be resolved with more funds, she pawned her gold jewellery at a bank and a finance company, wiring additional money to the fraudsters.

By late October, her total transfers had reached ₹43.4 lakh across 13 separate transactions between September 24 and October 27. The deception came to light only when her bank froze her account on November 1, alerting her that unusual activity had been detected.

The East Cybercrime Police Station has since registered a case under the Information Technology Act and Section 318 of the Bharatiya Nyaya Sanhita, which addresses cheating. Officers confirmed that the fraudulent video used sophisticated AI tools to mimic the minister’s voice and gestures convincingly, making it difficult for untrained viewers to identify as fake.

Police officials have urged the public to remain alert to deepfake-driven scams that exploit public trust in well-known personalities. They advise verifying any financial offer through official government portals or trusted news sources, and to avoid clicking unfamiliar links on social media.

Experts warn that such crimes surface a new wave of cyber fraud, where manipulated media is used to build false credibility. Citizens are advised never to disclose personal or banking information through unverified links, and to immediately report suspicious investment schemes to their banks or local cybercrime authorities.



Read more »
financial risks
AI Clonning AI cybersecurity AI Deepfakes AI technology Cloning Cyber Fraud Deepfake deepfake videos Financial Fraud financial risks

How Scammers Use Deepfakes in Financial Fraud and Ways to Stay Protected

 

Deepfake technology, developed through artificial intelligence, has advanced to the point where it can convincingly replicate human voices, facial expressions, and subtle movements. While once regarded as a novelty for entertainment or social media, it has now become a dangerous tool for cybercriminals. In the financial world, deepfakes are being used in increasingly sophisticated ways to deceive institutions and individuals, creating scenarios where it becomes nearly impossible to distinguish between genuine interactions and fraudulent attempts. This makes financial fraud more convincing and therefore more difficult to prevent. 

One of the most troubling ways scammers exploit this technology is through face-swapping. With many banks now relying on video calls for identity verification, criminals can deploy deepfake videos to impersonate real customers. By doing so, they can bypass security checks and gain unauthorized access to accounts or approve financial decisions on behalf of unsuspecting individuals. The realism of these synthetic videos makes them difficult to detect in real time, giving fraudsters a significant advantage. 

Another major risk involves voice cloning. As voice-activated banking systems and phone-based transaction verifications grow more common, fraudsters use audio deepfakes to mimic a customer’s voice. If a bank calls to confirm a transaction, criminals can respond with cloned audio that perfectly imitates the customer, bypassing voice authentication and seizing control of accounts. Scammers also use voice and video deepfakes to impersonate financial advisors or bank representatives, making victims believe they are speaking to trusted officials. These fraudulent interactions may involve fake offers, urgent warnings, or requests for sensitive data, all designed to extract confidential information. 

The growing realism of deepfakes means consumers must adopt new habits to protect themselves. Double-checking unusual requests is a critical step, as fraudsters often rely on urgency or trust to manipulate their targets. Verifying any unexpected communication by calling a bank’s official number or visiting in person remains the safest option. Monitoring accounts regularly is another defense, as early detection of unauthorized or suspicious activity can prevent larger financial losses. Setting alerts for every transaction, even small ones, can make fraudulent activity easier to spot. 

Using multi-factor authentication adds an essential layer of protection against these scams. By requiring more than just a password to access accounts, such as one-time codes, biometrics, or additional security questions, banks make it much harder for criminals to succeed, even if deepfakes are involved. Customers should also remain cautious of video and audio communications requesting sensitive details. Even if the interaction appears authentic, confirming through secure channels is far more reliable than trusting what seems real on screen or over the phone.  

Deepfake-enabled fraud is dangerous precisely because of how authentic it looks and sounds. Yet, by staying vigilant, educating yourself about emerging scams, and using available security tools, it is possible to reduce risks. Awareness and skepticism remain the strongest defenses, ensuring that financial safety is not compromised by increasingly deceptive digital threats.
Read more »
Website
AI Deepfakes Facebook Hackers malware SVG files Website

Hackers Are Spreading Malware Through SVG Images on Facebook


The growing trend of age checks on websites has pushed many people to look for alternative platforms that seem less restricted. But this shift has created an opportunity for cybercriminals, who are now hiding harmful software inside image files that appear harmless.


Why SVG Images Are Risky

Most people are familiar with standard images like JPG or PNG. These are fixed pictures with no hidden functions. SVG, or Scalable Vector Graphics, is different. It is built using a coding language called XML, which can also include HTML and JavaScript, the same tools used to design websites. This means that unlike a normal picture, an SVG file can carry instructions that a computer will execute. Hackers are taking advantage of this feature to hide malicious code inside SVG files.


How the Scam Works

Security researchers at Malwarebytes recently uncovered a campaign that uses Facebook to spread this threat. Fake adult-themed blog posts are shared on the platform, often using AI-generated celebrity images to lure clicks. Once users interact with these posts, they may be asked to download an SVG image.

At first glance, the file looks like a regular picture. But hidden inside is a script written in JavaScript. The code is heavily disguised so that it looks meaningless, but once opened, it runs secretly in the background. This script connects to other websites and downloads more harmful software.


What the Malware Does

The main malware linked to this scam is called Trojan.JS.Likejack. Once installed, it hijacks the victim’s Facebook account, if the person is already logged in, and automatically “likes” specific posts or pages. These fake likes increase the visibility of the scammers’ content within Facebook’s system, making it appear more popular than it really is. Researchers found that many of these fake pages are built using WordPress and are linked together to boost each other’s reach.


Why It Matters

For the victim, the attack may go unnoticed. There may be no clear signs of infection besides strange activity on their Facebook profile. But the larger impact is that these scams help cybercriminals spread adult material and drive traffic to shady websites without paying for advertising.


A Recurring Tactic

This is not the first time SVG files have been misused. In the past, they have been weaponized in phishing schemes and other online attacks. What makes this campaign stand out is the combination of hidden code, clever disguise, and the use of Facebook’s platform to amplify visibility.

Users should be cautious about clicking on unusual links, especially those promising sensational content. Treat image downloads, particularly SVG files with the same suspicion as software downloads. If something seems out of place, it is safer not to interact at all.

Read more »
personal data security
AI Deepfakes AI technology AI tools Child Identity Theft Cyber Security Deepfake Deepfake Images deepfake videos Identity Theft personal data security

AI Can Create Deepfake Videos of Children Using Just 20 Images, Expert Warns

 

Parents are being urged to rethink how much they share about their children online, as experts warn that criminals can now generate realistic deepfake videos using as few as 20 images. This alarming development highlights the growing risks of digital identity theft and fraud facing children due to oversharing on social media platforms.  

According to Professor Carsten Maple of the University of Warwick and the Alan Turing Institute, modern AI tools can construct highly realistic digital profiles, including 30-second deepfake videos, from a small number of publicly available photos. These images can be used not only by criminal networks to commit identity theft, open fraudulent accounts, or claim government benefits in a child’s name but also by large tech companies to train their algorithms, often without the user’s full awareness or consent. 

New research conducted by Perspectus Global and commissioned by Proton surveyed 2,000 UK parents of children under 16. The findings show that on average, parents upload 63 images to social media every month, with 59% of those being family-related. A significant proportion of parents—21%—share these photos multiple times a week, while 38% post several times a month. These frequent posts not only showcase images but also often contain sensitive data like location tags and key life events, making it easier for bad actors to build a detailed online profile of the child. Professor Maple warned that such oversharing can lead to long-term consequences. 

Aside from potential identity theft, children could face mental distress or reputational harm later in life from having a permanent digital footprint that they never consented to create. The problem is exacerbated by the fact that many parents are unaware of how their data is being used. For instance, 48% of survey respondents did not realize that cloud storage providers can access the data stored on their platforms. In fact, more than half of the surveyed parents (56%) store family images on cloud services such as Google Drive or Apple iCloud. On average, each parent had 185 photos of their children stored digitally—images that may be accessed or analyzed under vaguely worded terms and conditions.  

Recent changes to Instagram’s user agreement, which now allows the platform to use uploaded images to train its AI systems, have further heightened privacy concerns. Additionally, experts have warned about the use of personal images by other Big Tech firms to enhance facial recognition algorithms and advertising models. To protect their children, parents are advised to implement a range of safety measures. These include using secure and private cloud storage, adjusting privacy settings on social platforms, avoiding public Wi-Fi when sharing or uploading data, and staying vigilant against phishing scams. 

Furthermore, experts recommend setting boundaries with children regarding online activity, using parental controls, antivirus tools, and search filters, and modeling responsible digital behavior. The growing accessibility of AI-based image manipulation tools underscores the urgent need for greater awareness and proactive digital hygiene. What may seem like harmless sharing today could expose children to significant risks in the future.
Read more »
Technology
AI Deepfakes Bangladesh Digital threats legislation Technology

Bangladesh’s Deepfake Challenge: Why New Laws Aren’t Enough

 


Bangladesh has taken a big step to protect its people online by introducing the Cyber Security Ordinance 2025. This law updates the country’s approach to digital threats, replacing the older and often criticized 2023 act. One of its most important changes is that it now includes crimes that involve artificial intelligence (AI). This makes Bangladesh the first South Asian country to legally address this issue, and it comes at a time when digital threats are growing quickly.

One of the most dangerous AI-related threats today is deepfakes. These are fake videos or audio recordings that seem completely real. They can be used to make it look like someone said or did something they never did. In other countries, such as the United States and Canada, deepfakes have already been used to mislead voters and damage reputations. Now, Bangladesh is facing a similar problem.

Recently, fake digital content targeting political leaders and well-known figures has been spreading online. These false clips spread faster than fact-checkers can respond. A few days ago, a government adviser warned that online attacks and misinformation are becoming more frequent as the country gets closer to another important election.

What makes this more worrying is how easy deepfake tools have become to access. In the past, only people with strong technical skills could create deepfakes. Today, almost anyone with internet access can do it. For example, a recent global investigation found that a Canadian hospital worker ran a large website full of deepfake videos. He had no special training, yet caused serious harm to innocent people.

Experts say deepfakes are successful not because people are foolish, but because they trick our emotions. When something online makes us feel angry or shocked, we’re more likely to believe it without questioning.

To fight this, Bangladesh needs more than new laws. People must also learn how to protect themselves. Schools should begin teaching students how to understand and question online content. Public campaigns should be launched across TV, newspapers, radio, and social media to teach people what deepfakes are and how to spot them.

Young volunteers can play a big role by spreading awareness in villages and small towns where digital knowledge is still limited. At the same time, universities and tech companies in Bangladesh should work together to create tools that can detect fake videos and audio clips. Journalists and social media influencers also need training so they don’t unknowingly spread false information.

AI can be used to create lies, but it can also help us find the truth. Still, the best defence is knowledge. When people know how to think critically and spot fake content, they become the strongest line of defence against digital threats.

Read more »
Shadow AI
AI Deepfakes AI threats Cyber Security cybercriminals Cybersecurity measures IABs Open Source Ransomwares Shadow AI

Emerging Cybersecurity Threats in 2025: Shadow AI, Deepfakes, and Open-Source Risks

 

Cybersecurity continues to be a growing concern as organizations worldwide face an increasing number of sophisticated attacks. In early 2024, businesses encountered an alarming 1,308 cyberattacks per week—a sharp 28% rise from the previous year. This surge highlights the rapid evolution of cyber threats and the pressing need for stronger security strategies. As technology advances, cybercriminals are leveraging artificial intelligence, exploiting open-source vulnerabilities, and using advanced deception techniques to bypass security measures. 

One of the biggest cybersecurity risks in 2025 is ransomware, which remains a persistent and highly disruptive threat. Attackers use this method to encrypt critical data, demanding payment for its release. Many cybercriminals now employ double extortion tactics, where they not only lock an organization’s files but also threaten to leak sensitive information if their demands are not met. These attacks can cripple businesses, leading to financial losses and reputational damage. The growing sophistication of ransomware groups makes it imperative for companies to enhance their defensive measures, implement regular backups, and invest in proactive threat detection systems. 

Another significant concern is the rise of Initial Access Brokers (IABs), cybercriminals who specialize in selling stolen credentials to hackers. By gaining unauthorized access to corporate systems, these brokers enable large-scale cyberattacks, making it easier for threat actors to infiltrate networks. This trend has made stolen login credentials a valuable commodity on the dark web, increasing the risk of data breaches and financial fraud. Organizations must prioritize multi-factor authentication and continuous monitoring to mitigate these risks. 

A new and rapidly growing cybersecurity challenge is the use of unauthorized artificial intelligence tools, often referred to as Shadow AI. Employees frequently adopt AI-driven applications without proper security oversight, leading to potential data leaks and vulnerabilities. In some cases, AI-powered bots have unintentionally exposed sensitive financial information due to default settings that lack robust security measures. 

As AI becomes more integrated into workplaces, businesses must establish clear policies to regulate its use and ensure proper safeguards are in place. Deepfake technology has also emerged as a major cybersecurity threat. Cybercriminals are using AI-generated deepfake videos and audio recordings to impersonate high-ranking officials and deceive employees into transferring funds or sharing confidential data. 

A recent incident involved a Hong Kong-based company losing $25 million after an employee fell victim to a deepfake video call that convincingly mimicked their CFO. This alarming development underscores the need for advanced fraud detection systems and enhanced verification protocols to prevent such scams. Open-source software vulnerabilities are another critical concern. Many businesses and government institutions rely on open-source platforms, but these systems are increasingly being targeted by attackers. Cybercriminals have infiltrated open-source projects, gaining the trust of developers before injecting malicious code. 

A notable case involved a widely used Linux tool where a contributor inserted a backdoor after gradually establishing credibility within the project. If not for a vigilant security expert, the backdoor could have remained undetected, potentially compromising millions of systems. This incident highlights the importance of stricter security audits and increased funding for open-source security initiatives. 

To address these emerging threats, organizations and governments must take proactive measures. Strengthening regulatory frameworks, investing in AI-driven threat detection, and enhancing collaboration between cybersecurity experts and policymakers will be crucial in mitigating risks. The cybersecurity landscape is evolving at an unprecedented pace, and without a proactive approach, businesses and individuals alike will remain vulnerable to increasingly sophisticated attacks.
Read more »
phishing
AI Deepfakes CERT Cyber Security Fraud phishing

How to Protect Your Small Business from Cyber Attacks

 


It so coincided that October was international cybersecurity awareness month, during which most small businesses throughout Australia were getting ready once again to defend themselves against such malicious campaigns. While all cyber crimes are growing both here and all around the world, one area remains to be targeted more often in these cases: the smaller ones. Below is some basic information any small businessman or woman should know before it can indeed fortify your position.

Protect yourself from Phishing and Scamming.

One of the most dangerous threats that small businesses are exposed to today is phishing. Here, attackers pose as trusted sources to dupe people into clicking on malicious links or sharing sensitive information. According to Mark Knowles, General Manager of Security Assurance at Xero, cyber criminals have different forms of phishing, including "vishing," which refers to voice calls, and "smishing," which refers to text messages. The tactics of deception encourage users to respond to these malicious messages, which brings about massive financial losses.

Counter-phishing may be achieved by taking some time to think before answering any unfamiliar message or link. Delaying and judging if the message appears suspicious would have averted the main negative outcome. Knowles further warns that just extra seconds to verify could have spared a business from an expensive error.

Prepare for Emerging AI-driven Threats Like Deepfakes

The emergence of AI has provided new complications to cybersecurity. Deepfakes, the fake audio and video produced using AI, make it increasingly difficult for people to distinguish between what is real and what is manipulated. It can cause critical problems as attackers can masquerade as trusted persons or even executives to get employees to transfer money.

Knowles shares a case, where the technology was implemented in Hong Kong to cheat a finance employee of $25 million. This case highlights the need to verify identities in this high-pressure situation; even dialling a phone can save one from becoming a victim of this highly sophisticated fraud.

Develop a Culture of Cybersecurity

Even a small team is a security-aware culture and an excellent line of defence. Small business owners will often hold regular sessions with teams to analyse examples of attempted phishing and discuss awareness about recognising threats. Such collective confidence and knowledge make everyone more alert and watchful.

Knowles further recommends that you network with other small business owners within your region and share your understanding of cyber threats. Having regular discussions on common attack patterns will help businesses learn from each other's experiences and build collective resilience against cybercrime.

Develop an Incident Response Plan for Cyber

Small businesses typically don't have dedicated IT departments. However, that does not mean they can't prepare for cyber incidents. A simple incident-response plan is crucial. This should include the contact details of support: trusted IT advisors or local authorities such as CERT Australia. If an attack locks down your systems, immediate access to these contacts can speed up recovery.

Besides, a "safe word" that will be used for communication purposes can help employees confirm each other's identities in such crucial moments where even digital impersonation may come into play.

Don't Let Shyness Get in Your Way

The embarrassment of such an ordeal by cyber crooks results in the likelihood that organisations are not revealing an attack as it can lead the cyber criminals again and again. Knowles encourages any organisation affected to report suspicions of the scam immediately to bankers, government, or experienced advisors in time to avoid possible future ramifications to the firm. Communicating the threat is very beneficial for mitigating damages, but if nothing was said, chances are slim to stop that firm further from getting another blow at that point of time in question.

Making use of the local networks is beneficial. Open communication adds differences in acting speedily and staying well-informed to build more resilient proactive approaches toward cybersecurity.


Read more »
Technology
AI Deepfakes Artificial Intelligence CyberCrime Cyberscams Cybersecurity Cyberthreats Finalcial Loss Technology

AI-Driven Deepfake Scams Cost Americans Billions in Losses

 


As artificial intelligence (AI) technology advances, cybercriminals are now capable of creating sophisticated "deepfake" scams, which result in significant financial losses for the companies that are targeted. On a video call with her chief financial officer, in which other members of the firm also took part, an employee of a Hong Kong-based firm was instructed to send US$25 million to fraudsters in January 2024, after offering instruction to her chief financial officer in the same video call. 

Fraudsters, however, used deepfakes to fool her into sending the money by creating one that replicated these likenesses of the people she was supposed to be on a call with: they created an imitation that mimicked her likeness on the phone. The number of scammers continues to rise, and artificial intelligence, as well as other sophisticated tools, are raising the risk that victims potentially being scammed. It is estimated that over $12.5 billion in American citizens were swindled online in the past year, which is up from $10.3 billion in 2022, according to the FBI's Internet Crime Complaint Center. 

A much higher figure may be possible, but the actual price could be much higher. During the investigation of a particular case, the FBI found out that only 20% of the victims had reported these crimes to the authorities. It appears that scammers are continuing to erect hurdles with new ruses, techniques, and policies, and artificial intelligence is playing an increasingly prominent role. 

Based on a recent FBI analysis, 39% of victims last year were swindled using manipulated or doctored videos that were used to manipulate what a victim did or said, thereby misrepresenting what they said or did. Currently, video scams have been used to perpetrate investment frauds, as well as romance swindles, as well as other types of scams. The number of scammers continues to rise, and artificial intelligence, as well as other sophisticated tools, are raising the risk that victims potentially being scammed.

It is estimated that Americans were scammed out of $12.5 billion online last year, which is an increase from $10.3 billion in 2022, according to the FBI's Internet Crime Complaint Center, but the totals could be much higher due to increased awareness. An FBI official recently broke an interesting case in which only 20% of the victims had reported these crimes to the authorities. Today, scammers perpetrate many different scams, and AI is becoming more prominent in that threat. 

According to the FBI's assessment last year, 39% of victims were swindled based on fake or doctored videos altered with artificial intelligence technology to manipulate or misrepresent what someone did or said during the initial interaction. In investment scams and other ways, the videos are being used to deceive people into believing they are in love, for example. It appears that in several recent instances, fraudsters have modified publicly available videos and other footage using deepfake technology in an attempt to cheat people out of their money, a case that has been widely documented in the news.

In his response, Romero indicated that artificial intelligence could allow scammers to process much larger quantities of data and, as a result, try more combinations of passwords in their attempts to hack into victims' accounts. For this reason, it is extremely important that users implement strong passwords, change them frequently, and use two-factor authentication when they are using a computer. The Internet Crime Complaint Center of the FBI received more than 880,000 complaint forms last year from Americans who were victims of online fraud. 

In fact, according to Social Catfish, 96% of all money lost in scams is never recouped, mainly because most scammers live overseas and cannot return the money. The increasing prevalence of cryptocurrency in criminal activities has made it a favoured medium for illicit transactions, particularly investment-related crimes. Fraudsters often exploit the anonymity and decentralized nature of digital currencies to orchestrate schemes that demand payment in cryptocurrency. A notable tactic includes enticing victims into fraudulent recovery programs, where perpetrators claim to assist in recouping funds lost in prior cryptocurrency scams, only to exploit the victims further. 

The surge in such deceptive practices complicates efforts to differentiate between legitimate and fraudulent communications. Falling victim to sophisticated scams, such as those involving deepfake technology, can result in severe consequences. The repercussions may extend beyond significant financial losses to include legal penalties for divulging sensitive information and potential harm to a company’s reputation and brand integrity. 

In light of these escalating threats, organizations are being advised to proactively assess their vulnerabilities and implement comprehensive risk management strategies. This entails adopting a multi-faceted approach to enhance security measures, which includes educating employees on the importance of maintaining a sceptical attitude toward unsolicited requests for financial or sensitive information. Verifying the legitimacy of such requests can be achieved by employing code words to authenticate transactions. 

Furthermore, companies should consider implementing advanced security protocols, and tools such as multi-factor authentication, and encryption technologies. Establishing and enforcing stringent policies and procedures governing financial transactions are also essential steps in mitigating exposure to fraud. Such measures can help fortify defenses against the evolving landscape of cybercrime, ensuring that organizations remain resilient in the face of emerging threats.
Read more »
Subscribe to: Comments (Atom)