Ferrari deepfake scammer
I’ve posted about this kind of thing before, but it’s really interesting as it’s happening more and more. You can’t buy a solution to prevent this. It’s about people and process:
Ferrari exec foils deepfake attempt by asking the scammer a question only CEO Benedetto Vigna could answer
“Sorry, Benedetto, but I need to identify you,” the executive said.
“The executive was shocked and started to have suspicions, according to the people. He began to pick up on the slightest of mechanical intonations that only deepened his suspicious. ‘Sorry, Benedetto, but I need to identify you,’ the executive said. He posed a question: What was the title of the book Vigna had just recommended to him a few days earlier (it was Decalogue of Complexity: Acting, Learning and Adapting in the Incessant Becoming of the World by Alberto Felice De Toni)?”
How would you 2FA fellow Execs? Did you recommend a book or movie to the CFO recently? Do you know what the CEOs favourite food is? Regardless of who’s asking do you insist on an internal process to validate? That’d be interesting to produce a process for.
As an aside. Don’t just focus on the Execs. I think the Service Desk would be a good attack vector as well.