Ten years ago, identity fraud typically meant people manually forging, but today’s threat actors work with purely-digital fakes with an increasingly-advanced toolset including ‘deepfakes’ that work even on live video feeds. At the same time, Twitter advertisers have seen billions wiped off their market caps as the platform struggles with its ID verification.
On top of the growing scale of digital fraudsters, a surprising amount of businesses are willing to let a small amount of fraud occur. Companies need to carefully plan how to avoid fraud, but more importantly learn from the experience of falling victim to scams.
This week, we spoke to Mike Tuchen, CEO of identity tech firm Onfido, to discuss the current threat landscape, how the tech sector can match threatening tech with detection systems, and best practice going forward.
Highlights
“It's currently neck and neck, but to your point, the quality of the deep fakes has gone way up. And so this is going to be an ongoing game of cat and mouse in the coming years, and so it's this combination of synthetic identities and deep fakes. That's really the cutting edge, that we'll see more and more fraudsters use.”
“You can't try to go back and say, "we'll shut down the dark net", that's not going to happen, right? We have to accept that that is out there. And it will always be out there, and so all we can really do is become increasingly sophisticated on the ‘ability to detect and protect’ side, as they're, as they ramp up their capabilities on that side.”
“Because of the so-called ‘blue check’, the verified thing, that was a complete fiasco and I'd say entirely preventable. But we've seen, you know, companies like Eli Lilly and Lockheed Martin get attacked and lose like $15 billion of market cap each. Because Twitter decided not to do, you know, any kind of verification aside from your willingness to pay eight bucks. I don't know if those were caused by people trying to manipulate the stock. But if they were, the trade off of making potentially millions of dollars by spending $8 on getting a blue check, it's a no brainer, right?”
Read the full transcript here.
Footnotes
- Identity theft: What it is, and how it can affect your business
- Onfido Fraud Report 2022
- Fraud detection and prevention market to hit $176 billion by 2030
- Deepfake attacks expected to be next major threat to businesses
- Real-time deepfakes are becoming a serious threat
- What are biometrics?
- What is the dark web?
- The rise of ransomware as a service
- UK gov unveils plan for nationwide digital identity scheme
- ID.me pushes for US-wide privacy legislation
- Data protection policies and procedures
- What is GDPR? Everything you need to know, from requirements to fines
- Review calls for urgent new laws over use of biometric technology
- Twitter's employee 'revolt' sparks survival concerns for a platform crumbling from within
- Businesses to receive unique Twitter verification badge in platform overhaul
- What are the pros and cons of AI?
- What is machine learning and why is it important?
Subscribe
-
What is polymorphic malware?Explainer Polymorphic malware constantly changes its code to avoid detection, making it a top cybersecurity threat that demands advanced, behavior-based defenses
-
Outgoing Kaseya CEO teases "this is just the beginning" for the companyOpinion We spoke to Fred Voccola who remains a key figurehead at the firm as it enters its next chapter...
-
April rundown: MITRE frights and Microsoft launches Recall (again)ITPro Podcast As CISA delivered an eleventh-hour reprieve for the CVE database, AWS reportedly began to pause some data center leases
-
The new era of cyber threatsITPro Podcast With AI-powered attacks and state-backed groups, security teams face face a new wave of sophisticated threats
-
Supply chain scares and Google’s AI codeITPro Podcast As the ransomware attack on Blue Yonder disrupts a wide range of firms, Google moves to lead by example on internal AI code
-
Halloween special: Cybersecurity horror storiesPodcast Join us for three terrifying tales sure to chill any IT professional to the core
-
Securing your business with education and trainingITPro Podcast Keeping your workforce updated on the latest threats requires a cohesive cyber skills strategy
-
Cracking open insider threatsITPro Podcast Leaders need to perform strict identity measures on would-be hires – and ensure employees who leave have access promptly removed
-
Protecting the public sector from hackersITPro Podcast With the public sector facing increasingly sophisticated threat actors, leaders need centralized security plans and better communication
-
How cyber attacks damage mental healthITPro Podcast As staff struggle to cope in the immediate aftermath of a cyber incident, leaders must do more to foster a culture of support
