In today’s ever-connected modern business world, meetings conducted via video technology are a daily occurrence. The steady rise of remote work over the last few years has driven demand for video meeting software and services to an all-time high. Nearly every business, from large corporations to freelancers, utilizes this ability to connect with team members, clients, or customers to some degree.
As the widespread use of video meetings grows, so do the ways in which cybercriminals and threat actors focus on this medium as a means for fraud. Hijacked video meetings, hacked chats, and other types of compromise are occurring more often, presenting ongoing issues for companies and their employees. Examining how some now common video meeting scams play out can provide you with a better understanding of the threats that exist and how you can spot them.
Video Meetings and Business Email Compromise
One current video meeting scam is essentially a subtle tweak on business email compromise (BEC) threats that have been in action for years. A BEC scam often plays out as a cybercriminal duping an employee into following phony directions from the company’s CEO or other leader or executive. The scammer’s goal is to trick the employee into sending funds to resolve some sort of made-up issue, such as a refund to a customer. The CEO’s email is spoofed, tricking the employee into setting up a wire transfer under assumed direct order from the company’s higher-ups. But the whole thing is a fraud, and if the transfer is made the scammer makes off with the funds.
BEC attacks have been around for years and are fairly well-known in corporate security circles. But the same tactics have more recently been adapted to focus on video meetings rather than internal emails. The scam still starts with a compromised email from the CEO instructing an employee to hop on a video meeting. Then they impersonate the CEO using AI-assisted tactics involving deepfake audio, instructing the employee to again make a wire transfer or some sort of financial transaction.
This might sound like a stretch, but it has become increasingly effective over the last few years. There has been a steady uptick in the number of BEC attacks through virtual meetings since 2019. The rise corresponds with the drastic rise of video conferencing use at the onset of the pandemic as well as advancement in deepfake technologies.
While the scammers don’t attempt to impersonate the CEO outright using video, they often use a photo of the individual and accompanying audio to trick the employee into taking action. The scammers state that there are issues with the video feed but using faked audio can still have the employee believe that they are interacting with the CEO.
There is a quick red flag to be aware of if you suspect you may be involved in the scam. If a video meeting seems suspect, it’s always best to follow up with those involved directly through other means of communication to double-check. And if a request to make a financial transaction is part of the questionable video call, then there is even more reason to have doubts. Perhaps it is best to have a company policy requiring that an order to make a wire transfer payment be double-checked with the person making the request/order. Still, the scam remains effective as employees inherently want to follow directions from their higher-ups.
Scammers in the Shadows
Another angle scammers take relating to video meetings is lurking quietly in those virtual meeting in order to gather information and intelligence on the participating individuals or on the business. They typically gain access to the meetings by infiltrating an employee’s email inbox for the virtual meeting login information. With this access, they can simply be a fly on the wall during the video meeting in hopes of gaining any morsel of data or info to be used towards future fraud.
It’s alarming to envision a cybercriminal sitting in on a video chat, to say the least. But the possibility is very real, especially if lax security efforts exist internally within a company. Preventative measures are always best with that in mind, including having business fraud restoration services in place.
FBI Advice on BEC in Virtual Meeting Platforms
Spotting these scammers in the shadows can be challenging, and it’s important to take preventive measures to limit potential access. The FBI released an alert earlier in the year with some good suggestions on how to limit the risks of BEC attacks in virtual meeting platforms. These include the following, taken directly from the alert:
- Confirm the use of outside virtual meeting platforms not normally utilized in your internal office setting.
- Use secondary channels or two-factor authentication to verify requests for changes in account information.
- Ensure the URL in emails is associated with the business/individual it claims to be from.
- Be alert to hyperlinks that may contain misspellings of the actual domain name.
- Refrain from supplying login credentials or PII of any sort via email. Be aware that many emails requesting your personal information may appear to be legitimate.
- Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring that the sender’s address appears to match who it is coming from.
- Ensure the settings in employees’ computers are enabled to allow full email extensions to be viewed.
- Monitor your personal financial accounts on a regular basis for irregularities, such as missing deposits or strange outgoing payments.
Remaining alert and aware of the possibility of this type of fraud is also key. Nearly every video meeting software platform is susceptible to this scam, and cybercriminals will continue to adapt their strategies to plunder personal information wherever they can. As deepfake technologies continue to develop, spoofed audio and video are poised to become even more commonplace and realistic. This certainly brings an element of alarm for all businesses and individuals who use video software. But with adequate education and awareness, it is possible to spot the scams as they arise and limit the risks that they pose to yourself or your business.
LibertyID provides full service, fully managed identity fraud restoration to its subscribers. With a 100% success rate in resolving all 31+ forms of identity fraud. LibertyID Business Solutions provides Business fraud remediation, full pre-breach preparation with custom WISP protocols, post breach regulatory response, customer, and employee identity fraud restoration management, advanced employee training and third-party vendor management tools.