Synthetic media is on the rise, but new methods are being established to classify and fight social engineering attacks.

Unfortunately, social engineering attacks are becoming more prevalent in the modern world.

Synthetic media is becoming more and more indiscernible from authentic media content. Deepfake technology is becoming very realistic. It’s getting more difficult to fight against the consequences of this media.

Cyber attackers use this technology to develop complex social engineering attacks. One example is virtual kidnapping. Virtual kidnapping uses deepfake virtual media to make a victim believe a loved one is in danger. Many times, attackers use these tactics to extort money from unsuspecting victims.

new-framework-hackers

Often, attackers use these methods to influence and brainwash people across the globe.

Of course, many attackers use these methods for all kinds of malicious purposes. In fact, one example happened in 2019. Someone impersonated a chief executive’s voice, which led to a sum of $243,000 stolen.

In March of 2021, the FBI warned, “Malicious actors almost certainly will leverage synthetic content for cyber and foreign influence operations in the next 12-18 months.” The FBI classifies synthetic media as a “broad spectrum of generated or manipulated digital content.” This content includes text, images, video, and audio content.

Attackers use programs like Photoshop to create this synthetic content. They use advanced AI technology to distribute the content itself. It’s the combination of these methods that are becoming harder to fight.

new-framework-coding

Understanding Synthetic Media Social Engineering Attacks

Matthew Canham, CEO of Beyond Layer 7, has researched the ins and outs of the perpetrators as well as the victims. After researching, Canham created a framework to understand and fight against these attacks.

Canham developed knowledge of the motives and methods of social engineering attacks. At first, one of his experiences involved a gift card scam using bot technology.

Attackers lured victims in using scripted conversations, followed by communication without scripts. Canham noted these scammers knew what they were doing. They had considerable practice in their methods.

So, this goes to show that attackers and scammers evolve right along with the methods of defense. Without a doubt, they find holes and exploit weaknesses in the defensive structures.

Yet, the average person doesn’t have the knowledge to defend against the attacker’s knowledge and experience.

new-framework-social-media

Canham’s Defensive Framework Against Social Engineering Attacks

Canham developed a framework to defend against these synthetic media social engineering attacks. In this framework, he offers a way to gather insights into many types of possible threats.

Of course, gathering this information is crucial for the intended target of these attacks. Also, this tool allows you to take a step back and view the possible threat from a more objective perspective.

Canham’s framework involves gathering five points of information if confronted with an attack.

new-framework-social-engineering-attacks

The framework consists of five dimensions:

  1. Medium — Is the attack using text, audio, video, or a combination of these elements?
  2. Interactivity — Is the attack pre-recorded, asynchronous, or occurring in real-time?
  3. Control — Is the attack controlled by a human, software, or a combination of the two?
  4. Familiarity — Is the attacker posing as someone familiar to you? Unfamiliar? Or someone very close to you?
  5. Intended target — Is the attack meant for an individual target or meant for a broader audience?
new-framework-media

Identify and Combat Social Engineering Attacks

This framework will help weed out and identify a genuine threat from a fake threat. Some pose no real threat to one’s safety or financial situation.

People can gain valuable knowledge about these social engineering attacks through these metrics. One such metric that Canham places emphasis on is Familiarity. He calls it “a game-changing aspect of synthetic media.”

So, this metric is important. If the intended target is able to identify the Familiarity aspect within an attack, they are able to look closer for inconsistencies.

new-framework-combat

Also, you can ask for proof-of-life statements as another defensive tactic. For example, ask questions that only the family member knows.

Using this framework to gather information about a suspected attack is crucial. Most important, it will allow you to discern truth from reality.

If the attack is genuine, it’s important to contact the proper authorities.

In conclusion, this defensive framework is a useful tool in the arsenal against these attackers. As time goes on, it will help people keep up with the evolution of synthetic media social engineering attacks.

Share This Story, Choose Your Platform!

Let’s have a 15-minute video call

We are now taking on new clients.