New scam Deep Fake Boss

B2B Cyber ​​Security ShortNews

Share post

Unlike classic scams such as the email-based boss scam, the Deep Fake Boss method uses high-tech manipulation to steal money.

An employee, often in the finance department, appears to be personally instructed by company management to transfer money. The instructions are given convincingly in the form of a video conference in which the “boss” is supposedly present. Richard Werner, Business Consultant at Trend Micro: The “boss scam” is one of the so-called “confidence scams” ​​– i.e. fraud that has to do with the victim’s belief. The story and overall impression must be right. An email that is (or appears to be) sent from the company management account is often sufficient.

Protection from Deep Fake Boss

The best protection against the “boss scam” (also BEC) is to design the internal processes in such a way that they are not possible at the request or instruction of certain people, but rather have to go through a more complex approval process (principle of “double” confirmation). If the instructions came via email, we called and asked. If she came by phone, an email confirmation was requested. That still applies today. However, one should learn from the deep fake attack. The video and audio confirmation occurred - only there was no interaction, the employee just listened and watched. This allowed a video previously created using deep fakes to be played. The employee was deceived and transferred the money.

More at


About Trend Micro

As one of the world's leading providers of IT security, Trend Micro helps create a secure world for digital data exchange. With over 30 years of security expertise, global threat research, and constant innovation, Trend Micro offers protection for businesses, government agencies, and consumers. Thanks to our XGen™ security strategy, our solutions benefit from a cross-generational combination of defense techniques optimized for leading-edge environments. Networked threat information enables better and faster protection. Optimized for cloud workloads, endpoints, email, the IIoT and networks, our connected solutions provide centralized visibility across the entire enterprise for faster threat detection and response.


Matching articles on the topic

Report: 40 percent more phishing worldwide

The current spam and phishing report from Kaspersky for 2023 speaks for itself: users in Germany are after ➡ Read more

BSI sets minimum standards for web browsers

The BSI has revised the minimum standard for web browsers for administration and published version 3.0. You can remember that ➡ Read more

Stealth malware targets European companies

Hackers are attacking many companies across Europe with stealth malware. ESET researchers have reported a dramatic increase in so-called AceCryptor attacks via ➡ Read more

IT security: Basis for LockBit 4.0 defused

Trend Micro, working with the UK's National Crime Agency (NCA), analyzed the unpublished version that was in development ➡ Read more

MDR and XDR via Google Workspace

Whether in a cafe, airport terminal or home office – employees work in many places. However, this development also brings challenges ➡ Read more

Test: Security software for endpoints and individual PCs

The latest test results from the AV-TEST laboratory show very good performance of 16 established protection solutions for Windows ➡ Read more

FBI: Internet Crime Report counts $12,5 billion in damage 

The FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which includes information from over 880.000 ➡ Read more

HeadCrab 2.0 discovered

The HeadCrab campaign against Redis servers, which has been active since 2021, continues to successfully infect targets with the new version. The criminals' mini-blog ➡ Read more