I recently read that a Wall Street Journal report highlighted how a gang of hackers used AI software to mimic the voice of an energy company’s CEO and successfully stole over £200,000. The CEO of an unnamed UK energy company received a phone call from the German chief CEO of the parent company. The UK chief was convinced that he was talking to his German boss and, when instructed to, agreed to transfer €220,000 (£201,000) to the bank account of a Hungarian supplier. It was only when the caller rang again requesting a second substantial payment that suspicions were aroused. It emerged that the fraudsters had used AI base voice altering software to carry out the deception. By the time the con was discovered the money had been transferred from the Hungarian account to an account in Mexico and subsequently dispersed to accounts located all over the world. The attack goes to emphasise how companies can be victim to increasingly sophisticated deceptions and phishing raids. Companies should guard against such attacks by educating staff, including senior executives, about the risks and instigating robust checks and verification procedures including chain of command authorisation.
