The Danger of Deepfakes: Staying Safe in the Era of AI-Generated Deception

Imagine waking up one day, having received a message from your friends: “Hey, you’re on the internet… naked!” You check out the link they sent you, and yes – there it is. Explicit images of yourself that you never took or posed for. You’re starting to sweat. You’re getting scared. How’s this possible?! This is just one example of what AI can do these days. And truth be told – this is most likely just the beginning.

Creating convincing fake images and videos has become disturbingly easy nowadays. With AI tools like SORA, Dall-E, ElevenLabs, or Midjourney, you can generate realistic content in a matter of seconds.

As you can imagine, this poses significant threats to individuals, businesses, and even national security.

Let’s dive a little further into the dangers posed by deepfakes, explore strategies to protect against them, and discuss proactive measures to combat this evolving cyber threat.

What are Deepfakes?

Simply put, deepfakes are digitally manipulated videos, audio, or images created using artificial intelligence, without informing viewers of their artificial nature.

As the fabricated media appears authentic, it’s becoming increasingly more difficult to distinguish between what's real and what's fake.

Originally, deepfakes provided a fun way to create content for entertainment and social media purposes. Think of putting celebrities’ faces onto different bodies or enabling realistic voice impersonations. Maybe you remember the America’s Got Talent act, where Elvis Presley came back to life?

The Threats & Risks of Deepfakes

According to research done by the (Belgian) Institute for the Equality of Women and Men, around 10% of Belgian youngsters have already experimented with the creation of deepfake (or deepnude) content.

As AI tools continue to mature, an ever-increasing amount of malicious deepfakes are being created and spread on the internet. Think of:

• Someone cloning your voice, calling your bank, and trying to access your bank account
• Someone posing as your boss, asking to transfer some money to an account
• Revenge, blackmail
• Spreading false information via AI-generated videos that look real, but are fake and misleading
• ...

Another example is the current geopolitical conflicts. Videos circulate of soldiers attacking civilians, but in another, nearly identical video, the roles are reversed with different groups committing the same acts.

This shows how hard it can be to tell what's genuinely real.

How can we protect ourselves?

The million-dollar question.

Protection against (AI) deepfakes is a combination of technical measures, knowledge, and awareness. Some things you can spot or check are:

1. Unnatural Eye Movements: Deepfakes often struggle with replicating natural eye movements and blinking patterns.
2. Audio/video sync issues: Check if the audio matches the speaker’s lip movements.
3. Color and shadow inconsistencies: Look for mismatched skin tones and incorrect lighting or shadows.
4. Unusual body movements: Notice any awkward or unnatural body language?
5. Check the metadata: Sometimes (not always), real photos contain additional information such as the brand and model of the camera, location, date and time the photo was taken. This is not available in deepfakes (unless they faked that too, one can never be too careful).
6. To aid in detecting deepfakes, you can use online tools like AI or Not or Fake Image Detector.

Technical measures

For technical measures, you can utilize protection tools from e.g. Microsoft, which uses various security technologies to help defend against deepfakes:

• URL Filtering and content blocking: Azure Security Center and Microsoft Defender for Endpoint can block malicious websites and filter URLs to prevent access to sources distributing deepfake content
• Content recognition and detection: AI and machine learning models in Azure Cognitive Services can analyze video and audio content for signs of manipulation

However, since most of this content will come to you via methods outside of your work environment, the best protection is awareness.

This is why you should adopt the following protection measures:

1. Raising Awareness and Training: education and awareness campaigns are crucial in combating the threat of deepfakes. Educating individuals and organizations about deepfakes, how to spot them, and their potential impact is essential.
2. Implementing Robust Verification Processes: Multi-factor authentication (MFA) and other verification processes can help protect against unauthorized access and fraud.
3. Regular Software and Security Updates: Keeping software and security measures up to date is always crucial, regardless of the threat.
4. Collaborating with External Experts: Have (or hire) a dedicated team of security analysts and cybersecurity experts who can help identify and mitigate threats effectively.

?

Technology and Regulation: A Combined Effort

Education, a robust verification process, advanced technology, software maintenance… Combating deepfakes requires a multi-faceted approach. And in the end, it’s mostly up to you.

Need information or help in securing your organization against deepfakes and other (outside) threats? Talk to one of our security experts.