New technologies, such as artificial intelligence (AI) and machine learning (ML), can be used by cybercriminals to commitetruffeed extortion, and “virtual kidnapping” is the new emerging cybercrime.
In the United States, the FBI has already warned the public about how cybercriminals are using deepfake technology to manipulate harmless photos and videos and convert them into profitable sextortion schemes. The Federal Trade Commission estimated that losses from these illicit activities reached $2.6 billion in 2022.
Table of Contents
Scams and artificial intelligence
A common scam involves the use of artificial intelligence-generated fake voice files, also known as audio deepfakes. Which can be created using even small amounts of biometric information gathered from personal content posted in public sources such as TikTok, Facebook, Instagram, and other social platforms, including government portals.
Artificial intelligence tools such as VoiceLab can process voice biometrics. Thus resulting in a deepfake voice that exactly mimics a specific person’s voice. This process is also called voice cloning and occurs when voice biometrics are used to commit extortion or fraud.
The virtual kidnapping
In April 2023, in Arizona, a woman received a call in which an anonymous caller claimed to have kidnapped her 15-year-old daughter and demanded a ransom of $1 million. Thus threatening to perform violence on the victim if she failed to pay.
The woman said she clearly heard her daughter’s crying, screaming and pleading voice in the background, even though the criminal refused to let her talk to her daughter on the phone. After several minutes of negotiation, the ransom amount dropped to $50,000.
Fortunately, before payment was made, the victim was able to verify that her daughter was safe and had not been kidnapped. The matter was immediately reported to the police, who then identified the call as a common scam.
When victims pay the ransom, they encourage the attackers to continue launching attacks against other victims. In addition, when victims pay the ransom, their information is added to a list of victims labeled as profitable, which is then resold to other attackers.
These attacks involve a level of abstraction that exceeds typical router-level security solutions. Therefore, identity-based anti-fraud techniques will be increasingly needed.