The crimes of the future are here today, according to a court document connected to a $35 million bank heist in the United Arab Emirates. Per the document, investigators in Dubai say a bank manager "received a phone call that claimed to be from the company headquarters. The caller sounded like the Director of the company, so the branch manager believed the call was legitimate." The director told him that he needed $35 million to complete an acquisition, Forbes reports. The manager, who also received emails that appeared to be from the director and a lawyer he had been told was involved in the deal, authorized the transfers.
But it later emerged that the bank had been scammed by fraudsters who had used "deep voice" technology to clone the company director's voice, the document states. The cash was sent to numerous accounts across the world, including two in the US. In the document filed Wednesday, UAE authorities requested records on two US-based Centennial Bank accounts that received a total of around $400,000, Gizmodo reports. Investigators say the scam involved at least 17 "known and unknown" defendants.
This kind of deepfake scam is still rare—in the only previously known similar case, a British energy CEO transferred $240,000 in 2019 after what he thought was a call from the boss of the firm's parent company in Germany—but experts say it could easily happen again. Cybersecurity expert Jake Moore tells Forbes that "manipulating audio, which is easier to orchestrate than making deepfake videos," is likely to become a lot more common. Moore says that unless they take steps including improving authentication methods, "more businesses are likely to fall victim to very convincing conversations." (More deepfakes stories.)