this post was submitted on 06 Feb 2024
230 points (97.9% liked)

Technology

58174 readers
3291 users here now

This is a most excellent place for technology news and articles.

Our Rules

  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
[email protected]
230
Deepfake scammer walks off with $25 million in first-of-its-kind AI heist (arstechnica.com)
submitted 7 months ago by [email protected] to c/[email protected]
23 comments fedilink hide all child comments
 

Deepfake scammer walks off with $25 million in first-of-its-kind AI heist::Hong Kong firm tricked by simulation of multiple real people in video chat, including voices.

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 38 points 7 months ago (5 children)

What kind of company let's a single employee transfer that amount of money without multiple different password entries or checks from different people though, seriously?

Doesn't matter if they had a conference call with what appeared to be certain people as the article says they could easily have used key pair verification such as pgp. Sounds like poor security all around especially considering the amounts involved.

[–] [email protected] 2 points 7 months ago* (last edited 7 months ago)

Somewhere I worked the CEOs email got hacked and they asked the head of finance to change the bank account details for a 100k payment that was due to go out.

Luckily they thought to double check with them. But it came really close to happening.

This all happened via a phishing email.

Social engineering is how most hacks happen. Doesn't matter what protection you put in place. People are always the weakest link.

[–] [email protected] 1 points 7 months ago

Or just have everyone's phone number on file and pick up the phone and call them first.

[–] [email protected] 5 points 7 months ago (2 children)

lets* a single employee

[–] [email protected] -1 points 7 months ago

It's yes tits, I think.

[–] [email protected] 5 points 7 months ago

Good catch, autocorrect is a bastard :p

[–] [email protected] 6 points 7 months ago

lol Finance is sometimes hilariously low tech. Lookup how ACH works, it’s a fucking farce.

[–] [email protected] 15 points 7 months ago* (last edited 7 months ago) (3 children)

PGP? Have you ever dealt with any banking or financial corporations? You'd have better luck getting the money handlers and decision makers to authenticate transactions with magic.

Hong Kong and Japan are the absolute worst I've experienced. Their online banking UI's and processes are stuck in the late 90's to early 2000's.

[–] [email protected] -3 points 7 months ago (1 children)
  • online lbanking UIs*
  • the late '90s*
  • early 2000s*
[–] [email protected] 1 points 7 months ago

It's stylistically acceptable to put an apostrophe for plurals in cases where the plural thing isn't a "normal" word, as is the case for initialisms like UI or numbers like the latter two you caught.

Obviously a given body may make its own rules in this regard, but luckily English has no overall authority, and this is informal communication outside the domain of any minor ones (beyond, perhaps, idle pedants and prescriptivists).

[–] [email protected] 2 points 7 months ago

Has South Korea moved on from Internet Explorer for their banking yet?

[–] [email protected] 9 points 7 months ago

Japan:

your second authentication factor will be stored on this 3.5” floppy drive