What is a DeepFake?

In a broad sense, a DeepFake is a piece of media, whether it be photo, video, or audio, that replaces someone in the original with another person – typically in an unauthorized manner.  DeepFakes use techniques from common cybersecurity tools like AI and machine learning to achieve their aim – going a bit beyond Photoshop and MS Paint. These DeepFakes can cause unjustified reputational damage or be used for blackmail. Hackers now even use DeepFake techniques for social engineering attacks, in which they use artificially created audio as a soundalike for a company executive to ask for a quick financial transfer or proprietary data.

How to Recognize This Threat: Simply trusting the eye and ear test is not enough, as many DeepFakes are quite convincing. However, logic can help, in that if something doesn’t quite make sense for someone to be involved in, it may not be real. And in the case of the DeepFake social engineering attacks, pay attention to how the messages are delivered. Beyond behavior, there are also tools that help detect manipulated content, though those aren’t foolproof.

How to Prevent This Threat: In essence, DeepFakes are a prime reason to question everything. A skeptical nature and again, considering the source can help avoid falling for this manipulation. A more concrete method may be the legal process, as some locations are creating laws banning the practice. However, hackers typically aren’t too concerned with the law. To avoid being hurt by a DeepFake attack, strong, well-rounded cybersecurity procedures are vital, with the layered approach of training, the right hardware & software, and rock-solid procedures for things like financial transfers to ensure checks and balances are in place.