Crypto entrepreneurs beware of deceptive deepfakes, as reported by Sandeep Nailwal.
In the rapidly evolving world of cryptocurrencies, a new threat has emerged: deepfake scams. These sophisticated attacks, combining deepfake impersonation with social engineering tactics, are targeting employees and investors in the crypto industry, aiming to gain unauthorized access to crypto assets.
Recent incidents have highlighted the growing danger of these scams. Sandeep Nailwal, co-founder of Polygon, has raised an alarm about deepfake video scams impersonating his image. The scams started with the hacking of a high-ranking executive's Telegram account at Polygon Ventures. One such incident involved Kaavya Prasad, co-founder of Rabble, who received a Zoom 'deepfake' call link from someone on the Polygon team.
The scams operate by tricking victims into joining video calls where deepfaked versions of senior leaders appear. During these calls, participants encounter deepfake videos of Nailwal, other Polygon executives, and a woman posing as part of the Polygon team. Scammers then request the installation of a software development kit (SDK), which is actually malware designed to steal sensitive information.
Similar attacks have been reported in the crypto ecosystem, such as the case of Kenny Li, co-founder of Manta Network. The absence of audio in these video calls raises suspicions in some participants, making it easier for scammers to manipulate the situation.
To combat these deepfake scams, several measures need to be taken. Awareness and education are crucial. Learning to spot subtle inconsistencies in deepfake videos or audio such as unnatural eye movements, irregular blinking, flat emotional tones, or timing mismatches can help users to be skeptical of suspicious content.
Verification protocols also play a vital role. Always verify the authenticity of communications, especially those urging urgent decisions or financial transfers. Cross-check videos or voice messages using trusted sources or look for official public statements to avoid emotionally driven scams.
Technical defenses, such as AI-based deepfake detection tools and browser extensions that flag synthetic media in real-time, can be effective defenses. Robust cybersecurity is also essential to prevent unauthorized software or extensions during calls.
Improved identity verification is necessary, as deepfakes and biometric spoofing are also used to bypass identity checks. Companies should strengthen verification systems with multi-factor authentication and AI-driven fraud detection tools adapted to these emerging threats.
Regulatory and investigative vigilance is essential. Organizations should employ forensic expertise and continuous monitoring to respond swiftly to incidents and to preserve evidence, thereby improving resilience against digital deceptions in the crypto space.
Nailwal emphasizes the need for closer collaboration between tech companies and users to strengthen security in the crypto ecosystem. He urges the crypto community to stay alert and share information about potential scams to protect themselves collectively. He also recommends separating wallet signing activities from daily device use to reduce the risk of malware infiltration.
As cryptocurrencies are adopted globally, deepfake scams are likely to become more sophisticated. The crypto community must be proactive in responding to these threats, implementing education, caution, and strict security protocols to protect their assets and the integrity of the crypto ecosystem.
In the world of cryptocurrencies, where deepfake scams pose a growing danger, the use of AI-based deepfake detection tools and technology can be an effective defense against these sophisticated attacks. Furthermore, it's crucial for companies in the crypto industry to strengthen identity verification systems with multi-factor authentication and AI-driven fraud detection tools, as deepfakes and biometric spoofing are increasingly being used to bypass identity checks.
