How do we spot deep fakes? Don’t bother!
Mike Ouwerkerk
DON'T CLICK ON THAT! | Cyber Awareness & Culture | Live Training for Results
?
If you haven’t heard of deep fakes, it’s the use of technology to pretend to be someone. You can recreate someone’s voice and their face with computers, and this can be done in real time to create a realistic video chat impersonating someone you know. Artificial Intelligence (AI) will continue to make this process faster, cheaper, and better.
I highly expect cyber criminals will increasingly embrace deep fake and AI technology to trick people out of their information and money because it uses an incredibly powerful weapon against us – trust. Unfortunately, we’re well past the days of criminals just forging email addresses and phone numbers. Here’s a few scenarios for how it can be used against us in real life:
?This is happening now, and it’s going to be happening more and more soon. As you can see with the above examples, it doesn’t matter who you are or what you do - if you have money or valuable information you will be a target.
领英推荐
?So, we have to spot deep fakes to stay safe, right? Wrong!
Maybe you’re talking to artificial intelligence and there are tell tale signs like pauses in the voice that don’t seem natural. Maybe the computer-generated voice doesn’t sound quite right. But as the technology gets better and better, tell tale signs of fakery will disappear until we can no longer tell. Maybe technology / AI will be able to spot deep fakes for us? But again, how accurate will it be? Technology could look for cues like absent pulses in veins of the neck with video, and yet AI will just create pulses in the veins of the neck! It’s likely a losing battle.
But there is hope, and it’s actually a very simple set of rules that you should always use, at home and at work. Note that these rules come into play when you are dealing with someone “not” in person. i.e., You can’t touch them, because this is when we are worried that deep fake technology might be used. Here are the rules in very simple terms (and of course these can be built on as required):
The Rules
And that is the core of the solution! If you’re in a company, ensure that these processes are formalised and communicated to staff. At home, ensure family members understand how it can be used against them, and how to respond (e.g., Have a password for the family and ask for that password if in doubt).
Really at the core if it all, it’s a healthy dose of suspicion, simple procedures, and a phone call to confirm everything is ok. Do this consistently and potentially save yourself / your company a lot of money, time, and reputation!