A deepfake ‘CFO’ tricked the British design firm behind the Sydney Opera House in $25 million scam


Arup, the 78-year-old London-based architecture and design firm, has many feathers in its cap. Employing over 18,000 people across 34 offices globally, its achievements include designing the iconic Sydney Opera House and the Etihad Stadium in Manchester, while it is currently working on completing the structure at La Sagrada Familia in Spain.

Now it has become the latest high-profile victim of multimillion-dollar deepfake fraud.

Earlier this year, an employee at the company’s Hong Kong office was roped into a video call with deepfakes of Arup’s CFO and other staff members, CNN Business reported. After putting aside his initial suspicions, the employee later transferred $25.6 million (200 million Hong Kong dollars) to the fraudsters over 15 transactions.

He later realized he had been scammed after checking with the design company’s U.K head office. The ordeal lasted a week from when the employee was contacted to when the company began looking into the matter.

Earlier reports on the deepfake scam didn’t identify Arup as the victim.

“We can confirm that fake voices and images were used,” a spokesperson at Arup told Fortune. “Our financial stability and business operations were not affected and none of our internal systems were compromised,” the person added.

The police are still investigating the case.

Seeing is no longer believing

Arup’s deepfake encounter adds to the list of recent high-profile targets involving false images, videos or audio recordings used to misrepresent people. Whether it’s celebrities like Taylor Swift and Drake, companies like ad firm WPP, or a regular school principal, fraudsters are leaving no stone unturned in their attacks. Two years ago, an executive at crypto exchange Binance revealed scammers had made a “hologram” of him in order to get access to project teams.

Because of how realistic the deepfakes can appear, they’ve been successful in swindling money from innocent victims. If shared on the internet, deepfakes—such as the famous one impersonating Pope Francis—can also go viral and become hard-to-control disinformation.

The latter is especially concerning because it can manipulate voters at a time when numerous countries face elections.

Attempts to defraud companies have risen sharply using various forms from phishing scams to WhatsApp voice cloning, Arup’s chief information officer Rob Greig told Fortune.

“This is an industry, business and social issue, and I hope our experience can help raise awareness of the increasing sophistication and evolving techniques of bad actors,” he said.

As with most tech tools, deepfakes are becoming increasingly sophisticated. That means businesses must keep up with the state of the latest threats and new ways to address them.

Although deepfakes can be very realistic, there are ways to catch them. The best trick is simply to ask a person on a video call to turn—if the camera struggles to capture the rest of their profile or the face gets skewed, it’s probably worth probing. Sometimes, it can also help to ask people to use a different light source or pick up a pencil as this can help expose deepfakes.

It might make for some awkward exchanges on video calls, but that’s a small price to pay when large amounts of money and private data are at risk.

This story was originally featured on Fortune.com


Leave a Reply

Your email address will not be published. Required fields are marked *