def con This week, many people in Las Vegas were using the F-word in the trio of Sin City security conferences (Bsides, Black Hat, and Def Con): Scam.
The plunge costs of using AI, coupled with deepfakes and increasing sophistication in electronic communications, mean that they are likely facing enormous amounts of machine learning mayhem. Deloitte estimates that the Deepfark scam will cost the US up to $40 billion by 2027, but everyone we spoke to think it's an underestimation.
Last month, Sam Altman's comment said, “AI completely broke most of the ways people outside of passwords now authenticate,” disrupts several feathers in the security industry, and sells software that various vendors claim to do so. But others are more cautious about their abilities.
Karthik Tadinada, who had been monitoring fraud for over a decade while working in the functional space for UK's biggest banks, said the deepfake detection prevention technology he encountered controls an accuracy rate of around 90% to detect crimes and eliminate false positive presence. That may sound good, but it really shows the scale of the future problem.
“The economics of the people who generate these things and what you can detect and deal with is actually 10% is still large enough for profit,” he says, saying that the cost of generating IDs will only drop even further.
The video's spoofing pre-AI, and Tadinada said that security teams discovered a faker with a high-quality silicon mask, but that machine learning is turbocharged. He and his fellow speaker Martin Higson, former Feetulus Perth, demonstrated a simple overlay of British Prime Minister Kiel Starmer's face on Higson's body, as well as a rather good imitation of his voice.
This was not enough to trick anti-scan technology. AI tends to make the Jaur more puffy and enhance the appearance of human faces, but certainly enough for propaganda and misinformation. This was demonstrated this week when journalist Chris Cuomo tugged and apologised for an American deepfake video of Alexandria Ocasio-Cortez (D-NY) by denounced actress Sidney Sweeney as “Nazi propaganda.”
Mine Craggo, the media's red team leader who monitors viz silent signals, agreed, noting that the quality of the video fakes has improved dramatically. However, new techniques that could more easily detect such counterfeits have become mainstream.
He has skin in the game. Silent Signals developed a free Python-based tool called Fake Image Forensic Examiner V1.1 for the launch of GPT-5 by Openai last week. This allows you to manipulate the uploaded video and sample frames one at a time to compare the beginning, end, and intermediate frames of the background anomaly, such as blurring the edges of objects in the video.
Furthermore, it is absolutely important to look at the metadata. Both commercial and open source video manipulation tools usually leave a trace of code in the metadata, and a good detection engine should have the ability to perform such searches.
Please draw a picture
All three speakers agreed that images are likely the most worrying way for scammers to use.
Tadinada's experience in the banking sector made him particularly concerned about the possibility that images manipulated in large-scale scams would be used. The Covid lockdown has left people directly unmotivated themselves to bank operations, and some financial institutions have plunged into electronic records without considering the possibility of fraud.
For example, to open a bank account in the UK, you need to view documents such as a valid ID and recent utility invoices. As he demonstrated on stage, both are easily fake and can be difficult to discover electronically. Laggo agreed, especially after visiting people who announced the deepfake detection tool this week, but said there are some promising areas of deep discovery in the evidence.
“I saw some vendors in the black hat,” Laggo said. Register. “Personally, I didn't comment until I had the opportunity to actually properly test it, but from what I saw and some of the ongoing demonstrations, they looked interesting.”
Starting with metadata analysis, he argued that there are important things people have to do. For example, AI-generated metadata typically does not have any significant code, such as International Color Consortium (ICC) profiles. There is often vendor-specific metadata, such as Google's habit of embedding “Google Inc” in the metadata of all Android images, indicating the color balance used.
Edge analysis is also important, he suggested. This includes examining the edges of objects in the photo for blurry or inconsistency in brightness. Pixel variance – amounts of objects with different colors – can also be used to find operations.
Go with a voice
However, such techniques are less useful in finding deep fakes of the voice, and these types of vocal attacks are increasing.
In May, the FBI warned that fraud campaigns using voices generated by American politicians AI were being used to trick people into handing over access to a government system that could extract financial information. However, the FBI's advice to counter this was non-technical. He tells users that they need to individually verify the sources and listen to inconsistencies in vocabulary and accents, acknowledging that “the content generated by AI is often difficult to identify.”
The US federal government is not the only one worried about the spread of audio clones. Last year, the Federal Trade Commission sponsored a year-long competition to detect voices generated by AI, but paid only $35,000 in prize money.
Such voice cloning technologies have completely legal uses, such as transcription, voice dubbing in media, and adding voice capabilities to call center bots. Microsoft has it as a function of Azure that produces watermarked clone output (though these are not perfect) Register I tested the audio generator from Silicon Valley startup Zyphra and the results were bothering me.
However, such techniques can also be a great help to scammers. If someone is using recorded audio samples, they can clone without subject knowledge, and the longer the audio samples, the better the clones are.
A survey reported by consumers of nonprofit publications to six companies that offer voice cloning services found that two-thirds of them made little attempt to stop the abuse of their applications.
Only one AI-like company we tested required real-time audio clips to actually use the service, but the testers were able to fool it to some extent with recorded audio. However, the results of using this third-party audio were not very accurate due to healthy issues.
Many voice clinical companies are also beginning to add deepfake detection to similar product portfolios. CEO Zohaib Ahmed said Register What data cloning companies have on their servers is that they can generate valuable fake spotting tools.
“We have a large database of authentic and cloned voices, and comparing them to each other gives us some valuable insights,” he said. “We have identified a set of artifacts that cannot be detected by the human ear.
The rise of sanity tests and cancer
As we saw in traditional security areas, there is no 100% technical fix to discover malware and hacking. Just as absentee people can't stop clicking on files containing malware, we can't expect people to be fooled by deepfakes either.
“You have to take precautions,” said Eric Escobar, a red team leader at Sophos. Register. “Verification is absolutely important. Especially if money is involved, ask yourself, “Is this a character?” And check if you are completely uncertain. ”
This is particularly relevant to the financial industry, Tadinada proposed. While all use of Deepfake Scanning technology is doing well and good, as with other types of fraud, financial transactions should also be monitored as a sign of use.
Using a network of enemy generated (GANS) to improve deepfakes is something that bothers us who we've spoken about. GANS uses two AI engines, a generator and a responder to make the fake output more convincing. The generator creates the media, the responders try to find the manufactured content, and the two continue this process to improve the realism of the output.
The results are not perfect, and the process now could leave a clever signature on Deepfark's metadata, Laggo noted. However, the technology promises to produce unprecedented, realistic outcomes, leading to more success for scammers. ®
