Deepfake scammer walks off with $25 million in first-of-its-kind AI heist::Hong Kong firm tricked by simulation of multiple real people in video chat, including voices.

  • theskyisfalling@lemmy.dbzer0.com
    link
    fedilink
    English
    arrow-up
    41
    arrow-down
    3
    ·
    10 months ago

    What kind of company let’s a single employee transfer that amount of money without multiple different password entries or checks from different people though, seriously?

    Doesn’t matter if they had a conference call with what appeared to be certain people as the article says they could easily have used key pair verification such as pgp. Sounds like poor security all around especially considering the amounts involved.

    • WhatAmLemmy@lemmy.world
      link
      fedilink
      English
      arrow-up
      15
      ·
      edit-2
      10 months ago

      PGP? Have you ever dealt with any banking or financial corporations? You’d have better luck getting the money handlers and decision makers to authenticate transactions with magic.

      Hong Kong and Japan are the absolute worst I’ve experienced. Their online banking UI’s and processes are stuck in the late 90’s to early 2000’s.

      • gravitas_deficiency
        link
        fedilink
        English
        arrow-up
        10
        arrow-down
        1
        ·
        10 months ago

        Japan:

        your second authentication factor will be stored on this 3.5” floppy drive

        • Jojo@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          2
          ·
          10 months ago

          It’s stylistically acceptable to put an apostrophe for plurals in cases where the plural thing isn’t a “normal” word, as is the case for initialisms like UI or numbers like the latter two you caught.

          Obviously a given body may make its own rules in this regard, but luckily English has no overall authority, and this is informal communication outside the domain of any minor ones (beyond, perhaps, idle pedants and prescriptivists).

    • meat_popsicle
      link
      fedilink
      English
      arrow-up
      7
      arrow-down
      1
      ·
      10 months ago

      lol Finance is sometimes hilariously low tech. Lookup how ACH works, it’s a fucking farce.

    • Lmaydev@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      edit-2
      10 months ago

      Somewhere I worked the CEOs email got hacked and they asked the head of finance to change the bank account details for a 100k payment that was due to go out.

      Luckily they thought to double check with them. But it came really close to happening.

      This all happened via a phishing email.

      Social engineering is how most hacks happen. Doesn’t matter what protection you put in place. People are always the weakest link.