Deepfake AI Technology Used for Fraudulent Purposes

Generative AI deepfakes are being used by threat actors to manipulate images of real people for unsavory purposes, according to a recent research report from Cato Networks’ CTRL Threat Research. One such threat actor, known as ProKYC, is using deepfakes to forge government IDs and spoof facial recognition systems in order to infiltrate cryptocurrency exchanges.

The deepfake tool created by ProKYC allows fraudsters to easily create realistic-looking images of people’s faces, which are then used to create fake drivers licenses or passports. This enables them to pass facial recognition tests required by some cryptocurrency exchanges, where the attacker can then create accounts using the identity of the generated, non-existent person.

This type of attack, known as New Account Fraud, has already caused $5.3 billion in losses in 2023, according to Javelin Research and AARP. To prevent such fraudulent activities, Cato Research’s Chief Security Strategist Etay Maor suggests that companies should scan for common traits of AI-generated videos, such as very high quality videos and glitches around eyes and lips.

Finding a balance between too much or too little scrutiny is crucial, as overly restrictive biometric authentication systems can result in false-positive alerts, while lax controls can lead to fraud. It is essential for organizations to stay vigilant and implement measures to detect and prevent the creation of fake accounts using AI-generated deepfakes.