Voice Deepfake Scam, Smile-to-Pay in China & More News
This week in tech news: Fraudsters use voice deepfake to scam company of hundreds of thousands, China progresses with smile-to-pay technology and Twitter CEO got hacked through "SIM Swap" fraud.
Tech news you need to know, in two minutes or less.
Phone scams are nothing new, but the mark usually isn’t an accomplished CEO. Thieves used voice-mimicking software to imitate a company executive’s speech and dupe his subordinate into sending hundreds of thousands of dollars to a secret account, the company’s insurer said, in a remarkable case that some researchers are calling one of the world’s first publicly reported artificial-intelligence heists.
Now being developed by a wide range of Silicon Valley titans and AI start-ups, such voice-synthesis software can copy the rhythms and intonations of a person’s voice and be used to produce convincing speech. The rise of AI-based tools has its upsides and downsides. On one hand, it gives room for exploration and creativity. On the other hand, it also allows for crime, deception, and nearly (unfortunately) damn competent fraud.
China’s shoppers are increasingly purchasing goods with just a turn of their heads as the country embraces facial payment technology. In a country where mobile payment is already one of the most advanced in the world, customers can make a purchase simply by posing in front of point-of-sale (POS) machines equipped with cameras, after linking an image of their face to a digital payment system or bank account.
Despite the concerns over data security and privacy, consumers seem unperturbed as facial recognition payment hits the high streets. Alipay -- the financial arm of ecommerce giant Alibaba -- has been leading the charge in China with devices already in 100 cities. The firm is predicting enormous growth in the sector and recently launched an upgrade of its "Smile-to-Pay" system, using a machine roughly the size of an iPad. "(Facial payment) certainly has the potential to become popular with the wide push from major mobile payment players," says Mengmeng Zhang, an analyst at Counterpoint.
Even with considerable security precautions in place, Twitter chief executive Jack Dorsey became the victim of an embarrassing compromise when attackers took control of his account on the platform by hijacking his phone number. Dorsey became the latest target of so-called “SIM swap” fraud which enables a fraudster to trick a mobile carrier into transferring a number – potentially causing people to lose control not only of social media, but bank accounts and other sensitive information.
This type of attack targets a weakness in “two factor authentication” via text message to validate access to an account, which has become a popular break-in method in recent years. Some analysts say hackers have found ways to easily get enough information to get a telecom carrier to transfer a number to a fraudster’s account, especially after hacks of large databases which result in personal data sold on the so-called “dark web.” Twitter says it’s making the change “to protect people’s accounts.” It blamed mobile carriers, saying they need to address vulnerabilities that allow this kind of misuse.