Tag Archives: Fraudsters

iProov Study: UK public “overwhelmingly unaware” of deepfake threat

A nationwide study conducted by biometric facial authentication specialist iProov has revealed a sheer lack of awareness and education around deepfake technology among the UK public, with almost three-quarters (72%) of respondents saying they’ve never even heard of a deepfake video.  

Deepfake is a technique for human image synthesis based on Artificial Intelligence. It’s used to combine and superimpose existing images and videos on to source images or videos using a machine learning technique known as generative adversarial network. Due to these capabilities, deepfakes have been used to create fake videos. Deepfakes can also be used to create fake news and malicious hoaxes.

The research polled 2,000 respondents across the UK to reveal their attitudes towards (and understanding of) deepfake technology. The results highlight a need for awareness and education on the impact of deepfakes which, if not addressed, will have huge implications on personal and professional security.

Commenting on the findings, Andrew Bud (founder and CEO at iProov) said: “Awareness is the first defence against any cyber security threat, as we’ve already seen with attacks like phishing and ransomware. Deepfakes, however, represent a whole new kind of danger to businesses and individuals. Technology also has a big role to play in combating the threat, yet if the vast majority of people in the UK have such little awareness of deepfakes right now, they simply cannot begin to prepare themselves as they need to.”

Deepfake

Underlying societal threat 

Until recently, deepfakes were a nascent concept. Today, the technology behind deepfakes is threatening to undermine the notion of trust in moving images and is becoming increasingly accessible – be it through the creation of fake news or spoofing the identity checks required to log into a bank account.

However, the research has revealed members of the public to be largely unaware of the threats. Even once respondents were provided with the definition of a deepfake video, almost a third (28%) said they believed them to be completely harmless. More than two-thirds of respondents (70%) confessed they didn’t believe they would be able to tell the difference between a deepfake and a real video.

Detecting fraudulent identities

Interestingly, once those surveyed were provided with a definition of a deepfake video, they began to recognise the technology’s mounting threat. In fact, just under two-thirds (65%) of people said that their newfound knowledge of the existence of deepfakes undermined their trust in the Internet.

Notably, consumers went on to cite identity theft as the biggest concern (42%) for how they believed deepfake technology could be misused. Almost three-quarters (72%) of respondents also said they would be far more likely to use an online service with preventative measures in place to mitigate the use of deepfakes.

Despite the security implications of the specific concerns raised surrounding identity theft, more than half of all respondents (55%) surprisingly called out social networks as the party most responsible for dealing with deepfake synthetic videos.

Bud added: “Taking the fight to this new wave of fraud means that security measures in this new post-truth era simply have to be as creative, sophisticated and fast-moving as the fraudsters. While the adoption of biometric technology to crack down on deepfakes is growing among financial institutions, Governments and large-scale enterprises, the challenge ahead lies in the effective detection of a genuine human presence. It’s a challenge that should not be underestimated.”

Leave a comment

Filed under Risk Xtra

30% of NHS Trusts have experienced a ransomware attack” finds SentinelOne

30% of NHS Trusts in the UK have experienced a ransomware attack, potentially placing patient data and lives at risk. One Trust – the Imperial College Healthcare NHS Trust – admitted to being attacked 19 times in just 12 months. These are the findings of a Freedom of Information (FoI) request submitted by SentinelOne.

The Ransomware Research Data Summary explains that SentinelOne made FoI requests to 129 NHS Trusts, of which 94 responded. Three Trusts refused to answer, claiming their response could damage commercial interests. All but two Trusts – Surrey and Sussex and University College London Hospitals – have invested in anti-virus security software on their endpoint devices to protect them from malware.

Despite installing a McAfee solution, Leeds Teaching Hospital has apparently suffered five attacks in the past year.

No Trusts reported paying a ransom or informed law enforcement of the attacks: all preferred to deal with the attacks internally.

Ransomware which encrypts data and demands a ransom to decrypt it has been affecting US hospitals for a while now. The Hollywood Presbyterian Medical Center in Los Angeles notoriously paid cyber criminals £12,000 last February after being infected by Locky, one of the most prolific ransomware variants.

nhstrustsransomware

With the infected computers or networks becoming unusable until a ransom has been paid* or the data has been recovered, it’s clear to see why these types of attack can be a concern for business continuity professionals, with the latest Horizon Scan Report published by the Business Continuity Institute highlighting cyber attacks as the prime concern. This is a very good reason why cyber resilience has been chosen as the theme for Business Continuity Awareness Week in 2017.

“These results are far from surprising,” said Tony Rowan, chief security consultant at SentinelOne. “Public sector organisations make a soft target for fraudsters because budget and resource shortages frequently leave hospitals short changed when it comes to security basics like regular software patching. The results highlight the fact that old school AV technology is powerless to halt virulent, mutating forms of malware like ransomware. A new and more dynamic approach to endpoint protection is needed.”

Rowan continued: “In the past, some NHS Trusts have been singled out by the Information Commissioner’s Office for their poor record on data breaches. With the growth of connected devices like kidney dialysis machines and heart monitors, there’s even a chance that poor security practices could put lives at risk.”

*Note that the data isn’t always recovered even after a ransom has been paid

Leave a comment

Filed under Risk UK News, Uncategorized

Criminals target UK’s youth as cases of identity fraud increase

Cifas, the UK’s leading fraud prevention service, has released new figures showing a 52% rise in young identity fraud victims in the UK. In 2015, just under 24,000 (23,959) people aged 30 and under were victims of identity fraud. This is up from 15,766 in 2014, and more than double the 11,000 victims in this age bracket in 2010.

The figures have been published on the same day as a new short film, entitled ‘Data to Go’, is launched online to raise awareness of this type of fraud. Shot in a London coffee shop in March this year, the film uses hidden cameras to capture baffled reactions from people caught in a stunt where their personal data, all found on public websites, is revealed to them live on a coffee cup.

Identity fraud happens when a fraudster pretends to be an innocent individual to buy a product or take out a loan in their name. Often, victims don’t even realise that they’ve been targeted until a bill arrives for something they didn’t buy or they experience problems with their credit rating.

IdentityTheftNew

To carry out this kind of fraud successfully, fraudsters usually have access to their victim’s personal information such as name, date of birth, address, their bank details and information on who they hold accounts with. Fraudsters gain such detail in a variety of ways, including through hacking and data loss, as well as using social media to put the pieces of someone’s identity together. 86% of all identity frauds in 2015 were perpetrated online.

People of all ages can be at risk of identity fraud, but with growing numbers of young people falling victim, Cifas is calling for better education around fraud and financial crime.

Fraudsters are opportunists

Simon Dukes, CEO of Cifas, said: “Fraudsters are opportunists. As banks and lenders have become more adept at detecting false identities, so the fraudsters have instead focused on stealing and using genuine people’s details. Society, Government and industry all have a role to play in preventing fraud. However, our concern is that the lack of awareness about identity fraud is making it even easier for fraudsters to obtain the information they need.”

Dukes continued: “The likes of Facebook, Twitter, LinkedIn and other online platforms are much more than just social media sites – they’re now a hunting ground for identity thieves. We’re urging people to check their privacy settings today and think twice about what information they share. Social media is fantastic, and the way we live our lives online gives us huge opportunities. Taking a few simple steps will help us to enjoy the benefits while reducing the risks. To a fraudster, the information we put online is a goldmine.”

IdentityTheftSign

Commander Chris Greany, the City of London Police’s national co-ordinator for economic crime, added: “We’ve known for some time that identity fraud has become the engine that drives much of today’s criminality, and so it’s vitally important that people keep their personal information safe and secure. In the fight against fraud, education is key and it’s great that Cifas and its members are taking identity fraud seriously and working together to raise awareness of how the issue is now increasingly affecting young people through the launch of this film.”

As part of the campaign, Cifas commissioned a survey with Britain Thinks to find out more about 18-24 year olds’ attitudes towards personal data and identity fraud. The survey found that young people are alarmingly unaware that they’re at risk:

  • Only 34% of 18-24 year olds say they learned about online security when they were at school
  • 50% of the 18-24 year olds surveyed believe they would never fall for an online scam (compared to the national average of 37%)
  • Only 57% of 18-24 year olds report thinking about how secure their personal details are online (compared to 73% for the population as a whole)

They’re also less likely to install anti-virus software on their mobile phone than the national average (27% compared to 37%).

Organisations such as the City of London Police, Action Fraud, Get Safe Online, Her Majesty’s Government’s Cyber Streetwise campaign, Financial Fraud Action UK and Cifas members including Coventry Building Society, BT and Secure Trust Bank are all supporting the campaign and sharing the new film across their social media networks.

Cifas is also appealing to youth organisations, schools and universities to share the film so it reaches as many young people as possible.

Leave a comment

Filed under Risk UK News, Uncategorized