You can be on Entrepreneur’s cover!

A Deepfake Phone Call Dupes An Employee Into Giving Away $35 Million Think your business is too small to be fooled? Think again.

By Gene Marks

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

Kilito Chan | Getty Images

"Hi Susan, it's Gene. Sorry for calling after hours, but I'm travelling. Can you please transfer $35,000 from our business checking account to a new supplier for a deposit on a job? Here's their banking info..."

Does this sound like a familiar scenario? It should. It's not uncommon for the owner of a business to call a financial manager and instruct for a money transfer or online payment to be made to a supplier or to a personal account. Is anyone going to question the boss' request? Usually not.

But what if it's not the boss? What if it was just someone impersonating the boss? Or, more ominously, what if it was the actual voice of the boss, but manipulated into saying something different? Or that the request was for $35 million?

This is exactly what happened in early 2020 to a Hong Kong bank.

Related: Why Are So Many People Still Eating Spam?

According to a report in Forbes, a manager at the bank got a call from one of the bank's directors requesting that he make a transfer of $35 million in order to fund an acquisition. However, it wasn't the director calling. It was a "deepfake" of the director's voice. And by the time the bank discovered the error, the money was long gone.

Oh, and this isn't the first time something like this has happened. Forbes also reported that an energy company in the UK fell for a similar ruse in 2019 and lost about $243,000.

"Audio and visual deep fakes represent the fascinating development of 21st century technology, yet they are also potentially incredibly dangerous posing a huge threat to data, money and businesses," Jake Moore, a cybersecurity expert, told Forbes. "We are currently on the cusp of malicious actors shifting expertise and resources into using the latest technology to manipulate people who are innocently unaware of the realms of deep fake technology and even their existence."

What's even more terrifying is that deep fake technology is easily found online. Just go to sites like Resemble or Descript and then check out how amateur pranksters are creating videos like these that show just how easily we can be fooled into thinking something that we see (and hear) is real, even when it's not. Now that it's out there, this technology is increasingly being used for blackmail, fraud and identity theft. And it's likely that audio will be more commonly used than video because, according to Moore, manipulating audio is "easier to orchestrate than making deep fake videos."

You may think that your business is too small to be impacted, but I don't think so. That's because if you're like most of my clients, you have fewer financial controls than larger organizations and you're probably increasing your use of online services to pay your bills. And getting a copy of your voice is easy, particularly if you've posted company videos on your website, did a public presentation, appeared in the media or got chatty with a "sales representative" on a cold call that's being recorded without your knowledge. With only a few hours of work, someone can likely dupe your financial manager out of tens of thousands and be gone before you know it.

Related: Elon Musk Is An Awful Speaker. But Keep Listening.

So what to do? Tighten up your internal controls. Require more than two authorizations for any bank transfers or payments and perhaps three (and at the very least your own) for disbursements over a certain amount, like $5,000. Hire your IT firm or subscribe to tools like KnowBe4 or Mimecast to provide ongoing training for your employees so that they can spot warning sign. (In the case of the Hong Kong bank, fraudulent emails were also sent confirming the deepfake phone call.) Abolish any transactions of a certain size that are authorized by phone unless the person making the request has been called back. Involve your financial managers in large deals early so that they're more aware of the dollars involved. Because let's face it: This problem is only going to get worse.

"Manipulating audio, which is easier to orchestrate than making deep fake videos, is only going to increase in volume," Moore told Forbes. "And without the education and awareness of this new type of attack vector, along with better authentication methods, more businesses are likely to fall victim to very convincing conversations."

Gene Marks

Entrepreneur Leadership Network® VIP

President of The Marks Group

Gene Marks is a CPA and owner of The Marks Group PC, a ten-person technology and financial consulting firm located near Philadelphia founded in 1994.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Business News

This Fan-Favorite Masters 2024 Item Is Still $1.50 as Tournament Menu Appears Unscathed by Inflation

The pimento cheese sandwich is a tradition almost as big as the tournament itself.

Business Solutions

Save an Extra 20% on the Ultimate Microsoft Bundle Featuring Windows 11 Pro, Office, and More

Pick up this package of popular Microsoft products for only a fraction of the price through April 16.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Business Solutions

Visualize Data for Better Business: MS Visio is $23.99 Through April 16

Set your team up for success with a reliable tool for creating organizational charts, diagrams, and more.

Business Solutions

Scan Easier and More Affordably with This 20% Discount

iScanner is a mobile app that makes document management, editing, and sharing easier.

Making a Change

Learn to Play Guitar Even if You Have No Previous Training for Just $20

Start with the beginner's crash course and learn how to play guitar in no time.