Last month, after his deepfake video went viral on the internet, criticising prime minister Narendra Modi over unemployment and inflation, Bollywood actor Ranveer Singh reacted by saying, ''Deepfake se bacho dostonnnn". He is not the lone victim of deepfakes – almost everybody from Sachin Tendulkar to Ratan Tata, Mukesh Ambani, NR Narayana Murthy and many movie stars have been victims along with ordinary people who don't make news like celebrities do.
Social engineering scams coupled with misinformation and disinformation spread through artificial intelligence (AI)-generated deepfakes and fake content are becoming the biggest threat on the internet. While it is too tedious a task to curb these scams, law enforcement agencies (LEAs) and the department of telecom (DoT) from India are doing some really good work on the ground. Over the past few months, DoT blocked 1.86 lakh mobile handsets for involvement in cybercrime and financial fraud. But more about it later.
While social engineering scams are rising exponentially, deepfakes are hitting social media influencers, too. According to social media service-provider
Twicsy, 84% of social media influencers fall victim to deepfake pornography. Twicsy analysed 22,847 influencers across Twitch, TikTok, Instagram, YouTube, and X, alongside data from three top porn sites with about 3.52mn (million) videos.
"Social media influencers thrive on engagement. They typically adhere to the unwritten rule of posting content multiple times per week to stay relevant and connected with their audience. This often involves sharing a stream of personal or close-up images and videos," it says.
It takes only one close-up photo to create a deepfake which makes influencers particularly susceptible to exploitation. In addition, the accessibility and affordability of creating deepfakes have significantly reduced barriers for those seeking to misuse them maliciously.
With advancements in AI and machine learning, creating a 60-second deepfake pornographic video now requires less than 25 minutes and can be done at less than a US dollar. "This accessibility opens the floodgates for widespread abuse, allowing anyone with minimal technical skill to generate convincing deepfake content," Twicsy says.
Female influencers are 99 times more likely to fall victim to deepfake pornography compared to their male counterparts, the study says. "We found out that female influencers are more vulnerable in 44 out of 46 investigated industries compared to male influencers. Notably, the fashion, entertainment, fitness and health, and beauty industries have over 80% of their female influencers as victims of deepfake porn, while less than 20% of male influencers in these sectors are targeted. This difference not only demonstrates the targeted nature of this exploitation but also reflects social norms fueling the sexualisation of women's images in these industries."
Separately, according to
Avast's first quarter (Q1) of 2024 threat report, there is a notable rise in social engineering scams, with a staggering 90% of all mobile and 87% of desktop threats falling into this category. These scams are designed to trick users into giving away their credentials, personal information, and credit card information to steal money.
More shocking is that YouTube, with its 2.5bn (billion) users, has become a major target for cybercriminals, Avast says. "This platform's combination of automated advertising systems and user-generated content serves as fertile ground for malicious activities. The rise of deepfake videos is particularly concerning, as they can be used to spread misinformation. Adding to the risks, YouTube is full of fake comments, dangerous links, and phishing and scamming landing pages."
"The rise of deepfake videos on YouTube poses significant risks by realistically mimicking people or events, misleading viewers, and spreading disinformation. In Q1, we observed multiple compromised YouTube accounts with more than 50 million subscribers hijacked to spread crypto scam deefake videos," the report added.
Avast says online scams have seen a significant surge (61% on mobile and 23% on desktop), fuelled by malvertising and the proliferation of malicious push notifications. Moreover, it says scam authors are deploying increasingly sophisticated tactics, including deepfake technology, AI-manipulated audio synchronisation, and the hijacking of popular YouTube channels to disseminate fraudulent content, amplifying the potential for financial harm.
While both reports highlight the dangers of online scams, you may wonder where the findings leave you.
Well, for starters, on a compromised video on YouTube, you could become a victim of malicious links masquerading as legitimate software downloads related to gaming, productivity tools, or even antivirus programs that trick you into downloading malware.
Fraudsters also post tutorial videos or offers for cracked (pirated) software under the guise of helping users with helpful tools. This tactic takes advantage of users seeking free access to otherwise paid services or software, leveraging YouTube's search and recommendation algorithms to target potential victims.
Further, YouTube also serves as a conduit to traffic distribution systems (TDS), directing users to malicious sites and supporting scams ranging from fake giveaways to investment schemes.
A few months ago, an eminent doctor from Delhi was lured to become a member after watching videos of a 'wealth management' firm. She deposited money several times after seeking 'profits' from her 'investment'. In the end, she lost over Rs2 crore.
In short, always remember, the cyber threat landscape is dynamic and ever-evolving and you have no alternative but to remain vigilant or alert against online threats.
DoT, LEAs in Action Mode
Here is some good news. Under the Chakshu – Report Suspected Fraud Communications' facility of the Sanchar Saathi portal (www.sancharsaathi.gov.in/sfc), 52 principal entities, involved in sending malicious and phishing SMSs to citizens have been blacklisted.
While de-activating 700 SMS content templates, 348 mobile handsets were blocked on a pan-India basis across all telecom operators.
Following reports on Chakshu and complaints on cyber-crime helpline number 1930 and www.cybercrime.gov.in, 10,834 suspected mobile numbers were flagged for re-verification by telecom operators. Of these, 8,272 mobile connections are permanently disconnected, failing re-verification as of 30 April 2024.
In addition, 186,000 mobile handsets used in cybercrime and financial frauds have been blocked across the country.
The Indian Cyber Crime Coordination Centre (I4C), in collaboration with Microsoft, has blocked more than 1,000 Skype IDs involved in blackmail, extortion and digital arrests by cybercriminals posing as police authorities or officials of central bureau of investigation (CBI), narcotics department, Reserve Bank of India (RBI), enforcement directorate (ED) and other LEAs.
Stay Alert, Stay Safe!
