As deepfakes become more prevalent, phishing attacks on companies have become more complex and harder to identify.
Last week, at the largest advertising agency in the world, London-based communications and advertising firm WPP, hackers attempted to solicit money from employees by using the voice and likeness of the company’s CEO.
Hackers used WPP CEO Mark Read’s public photo to connect to a fake WhatsApp account to schedule a Microsoft Teams video call with company executives.
Related: Microsoft’s President Says Deepfakes Are AI’s Biggest Problem
On the call, the bad actors used voice cloning technology and YouTube footage to make it appear like Read was really there in the meeting with employees.
“The pretext was that the individual targeted was being asked to set up a new business with the ultimate aim of extracting personal details and money,” Read sent in an email to colleagues originally viewed by The Guardian. “Fortunately the attackers were not successful.”
Related: Mr Beast Slams Deepfakes, Says the Tech Is a ‘Serious’ Problem
WPP works with major international companies including, Dell, Wendy’s, Uber, Johnson & Johnson, and Victoria’s Secret.
Read warned employees against “red flags” that may indicate that they are being duped, including asking employees for personal information like passport numbers or anything that pertains to money transfers or payments that are asked to be kept “secret.”
“We have seen increasing sophistication in the cyber-attacks on our colleagues, and those targeted at senior leaders in particular,” Read told employees. “Just because the account has my photo doesn’t mean it’s me.”
Ironically, the company announced last year that it would be teaming up with chipmaker Nvidia to create generative AI advertisements.
“Generative AI is changing the world of marketing at incredible speed. This new technology will transform the way that brands create content for commercial use,” Read said in a statement at the time.
WPP currently has an estimated market cap of $11.43 billion.