SCAMS BULLETIN Host Jay White is an inactive attorney in San Mateo County, California.
November 23, 2020
DEEP FAKE VIDEO FRAUD
Fraudsters are combining a pair of already wicked scams — deep fake videos and ransomware — into a single threat that will strike fear into the hearts and minds of victims.
Deep fake videos are fabricated with software that makes an individual seem to be saying and doing things they have never done. Examples have been seen in recent derogatory election campaign videos.
Mostly, it is used to lock up the data in a PC or an entire network until the user pays a ransom. But now a leading Internet anti-malware firm is warning it could be used to blackmail with the threat of posting a deep fake video online, showing a victim in some compromising situation.
The fear has increased because new Artificial Intelligence (AI) software makes it easy to generate deep fake videos without any expertise. It has been defined as a type of malicious software that automatically generates a fake video, which shows the victim performing an incriminatory or intimate action and threatens to distribute it unless a ransom is paid.
Victims may falsely be told if they pay up the video will be permanently deleted. But blackmailers nearly always hang on to their “evidence” so they can come back and ask for more money.
Malwarebytes notes:
Internet security firm Malwarebytes has latched onto the threat, warning, “If something like this can be automated, you can bet that more bad actors with little to no background in programming will use the technology. The potential for this campaign to destroy a target’s reputation is exceedingly high. It does not matter whether a video of someone is real or doctored to look real. “
Here is how it works:
First, the scammer tricks the victim into installing malware on their PC. Then they “scrape” (steal) video and voice samples of the victim.
Alternatively, they scrape their raw materials that are publicly available online — for example, posted on social media. The crook uses the new software to superimpose elements from the scrapes onto a created phony video so it looks like the victim who is committing whatever act is depicted.
The image does not always have to be a video. It can be a still photo showing the victim in an embarrassing situation.
If the scammer has access to the victim’s PC, the horror unfolds with a typical ransomware countdown screen giving the victim a specific time in which to pay the ransom–or have the video posted online.
It is also possible the blackmail demand could be sent by email, along with a link to the deep fake video, again with a specific ransom time demand. In this case, clicking the link not only accesses the video but also downloads the ransomware while the victim is watching.
In either case, the crook usually demands payment by untraceable cybercurrency, most probably Bitcoin. Or they may ask for the ransom payment to be wired–again untraceably.
The best way to avoid this scam is to do your best to ensure the crooks cannot get their hands on your images. That means using privacy settings on your social media accounts that allow only friends to see your photos.
Plus, do not click on email and text links in messages that suggest someone has blackmail material about you, even if the message seems to come from a person you know.
You can do an audit of your current photos and videos online and who has access to them, suggests blogger Jovi Umawing. Weed out public-facing photos as much as you can or set them to be viewed by certain groups in your pool of contacts. If they are not photos you posted yourself, simply un-tag yourself, or ask your contact to take them down.
ATTRIBUTION: scambusters.org
scamsbulletin.blog 