What does 'Whaling with Deepfake' refer to in the context of cybersecurity?

A highly targeted social engineering attack aimed at senior executives or high-profile individuals, using AI-generated fake audio or video (deepfakes) to impersonate a trusted person.

Which of the following are common characteristics or tactics used in Whaling with Deepfake attacks? (Select all that apply)

Impersonating a CEO or CFO in a video call, instructing an employee to transfer funds or share sensitive information. Additionally, Using AI-generated voice recordings that mimic a senior executive's voice to authorize urgent, unusual financial transactions over the phone. Additionally, Extensive prior research on the target and their relationships to make the deepfake impersonation highly believable.

You receive a video call request that appears to be from your CEO, who is currently on vacation. In the call, the CEO's voice and appearance are slightly off, but the request is urgent: to approve an immediate wire transfer for a critical acquisition. What is the most appropriate action?

Disconnect the call, and independently verify the request through a known, official communication channel (e.g., call the CEO on their known direct line, or message them on a verified internal chat system).

Whaling With A Deepfake

Recognize how attackers combine deepfake video technology with domain spoofing to target senior executives and manipulate them into authorizing fraudulent, large-scale financial transactions.

What You'll Learn

Recognize whaling attacks that specifically target high-level executives with access to financial systems
Understand how deepfake technology can create realistic video impersonations of trusted leaders
Learn to identify subtle domain spoofing techniques that mimic legitimate corporate email addresses
Master verification protocols for urgent financial requests through independent communication channels
Understand the importance of multi-factor authentication and secondary approval processes for large transactions
Develop skills in immediate incident response and coordination with financial institutions

Training Steps

Introduction

Alice, VP of Finance at Nexlify Solutions, is having a busy Friday afternoon. She's scheduled to leave for a two-week vacation to Europe starting Monday morning, and there are numerous financial reports to finalize and approvals to complete before her departure. Alice sits at her desk, reviewing quarterly budget allocations on her laptop. Her calendar shows back-to-back meetings for the rest of the day, and her email inbox displays 47 unread messages. She takes a sip of coffee and sighs, knowing it's going to be a long evening of catching up on work.
An Unexpected Meeting Invitation

Alice's email notification chimes. She opens her email application and sees a new message from what appears to be CEO's email with the subject line 'URGENT: Confidential Board Meeting - Immediate Attention Required'
Joining the Zoom Meeting

Despite feeling slightly rushed, Alice notices the urgency in the CEO's tone and immediately clicks the Zoom link. The meeting loads quickly, and she sees what appears to be Michael Thompson on camera. The video quality seems slightly pixelated, but Alice attributes this to network issues.
Joining the Video Call

Alice joins the call. She does not know that this entire call is a pre-recorded AI-enhanced video and CEO's face that appears on screen is actually an AI-generated deepfake. CEO begins speaking immediately. The voice sounds exactly like Michael Thompson, and the facial features are convincing despite some minor video artifacts.
The Secret Acquisition

Michael informed the call participants that the company is secretly acquiring TechFlow Industries and requires a rapid response. The board has approved the deal, but a $2.8 million wire transfer must be arranged by the finance department before the end of the day to secure the deposit. The matter is highly confidential, and banking details will follow soon. CEO emphasized not to contact them directly, as he will be occupied in continuous legal meetings for the rest of the day.
The Wire Transfer Instructions Arrive

Twenty minutes later, another email arrives from the same sender address. Alice is still at her desk, trying to wrap up her vacation preparations.
Accessing Payment System

Alice logs into Nexlify's financial portal and initiates a wire transfer to the bank account details provided in Michael email.
Submitting The Transfer Details

She enters all the banking details from the email: the beneficiary name 'TechFlow Acquisition Holdings LLC,' the account number, routing number, and the amount of $2,850,000. Alice double-checks the numbers against the email and proceeds with the authorization. The transaction is successfully submitted and will be processed within 24 hours. She feels accomplished having handled this urgent request efficiently before her vacation.
The Real CEO's Email

Three hours later, as Alice is about to leave the office for the weekend, she receives another email. This time it's from the real CEO's actual email address.
The Realization

Alice goes back to review the earlier email from the CEO. Something doesn't look right. She examines the sender's email address more closely.

Knowledge Check Questions

This training includes a 6-question quiz to test your understanding of Whaling with Deepfake threats and defenses.

What does 'Whaling with Deepfake' refer to in the context of cybersecurity?
Which of the following are common characteristics or tactics used in Whaling with Deepfake attacks? (Select all that apply)
You receive a video call request that appears to be from your CEO, who is currently on vacation. In the call, the CEO's voice and appearance are slightly off, but the request is urgent: to approve an immediate wire transfer for a critical acquisition. What is the most appropriate action?
What are potential consequences of falling victim to a Whaling with Deepfake attack? (Select all that apply)
Which of these are effective measures to defend against Whaling with Deepfake attacks? (Select all that apply)