[Linux-aus] Security conferences (was: LUGs)
Russell Coker
russell at coker.com.au
Sun Jul 9 22:00:59 AEST 2023
On Friday, 7 July 2023 23:06:13 AEST Adam Nielsen via linux-aus wrote:
> The latest social engineering trick being discussed is how AI can be
> used to fake the voice of real people. It will only be a matter of time
> until there are breaches because someone gets a call from their boss who
> forgot their password and needs some files urgently, and they just need
> them e-mailed to their personal GMail address. The files will
> dutifully get e-mailed because nobody wants to disappoint their boss,
> only to find out later the confidential files were just e-mailed
> directly to a scammer. MFA won't help you there.
AI for fake voice might make such things easier, but they can be done without
it. Not a lot of people at big companies know the voices of their management
chain that well.
If someone was to fake my boss the accent would be the easy part, the hard
part would be the manner of speaking. But that's even easier for ML systems
to do if the attacker can access sent email.
The solution to a lot of these things is to not allow communication outside
channels and to have encryption for everything. Using a protocol like Matrix
that supports end to end encryption would help in this regard.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog http://doc.coker.com.au/
More information about the linux-aus
mailing list