Thinking Outside the Email Inbox
How to STOP Deepfake Attacks
Slow Down, Trust Less, Origin Verification, Process, Policy, Procedure
How to STOP Deepfake Attacks
As we enter Security Awareness Training Month, it’s time to broaden our focus beyond email-based phishing.
Emerging risks like synthetic media attacks—including deepfakes—are growing at an alarming rate. Recent studies indicate that 49% of businesses have encountered a deepfake attack, it’s not a matter of “if” but “when.” The key point? These attacks are no longer primarily delivered just through email.
New Attack Vectors are Emerging
Instead of email, phone calls, social media, SMS phishing, and video conferences are fast becoming new methods for cybercriminals to deliver these threats.
Why is this shift happening?
New Vectors and Media Types: Deepfake audio can now be convincingly delivered through a phone call or an audio file via SMS. Likewise, video conferencing platforms are susceptible to live deepfake impersonations, making it harder to detect fraud in real time. This is opening the attack surface and making it broader.
Improved Email Security: Organizations are getting better at blocking phishing attacks at the email gateway level, forcing adversaries to adopt new tactics. As users become more aware of email based threats, attackers will switch tactics.
When faced with resistance, attackers pivot to more creative and less monitored platforms, bypassing traditional security measures.
Is Your Security Awareness Training Evolving?
Time to Adapt.
When your adversaries change tactics, your defense strategy should evolve as well. This Security Awareness Month, ask yourself: Does your current program truly prepare your team for the new wave of cyber threats, including deepfake and social engineering attacks delivered through phone calls, video conferences, and social media?
If not, now is the time to adapt. Staying ahead of these emerging risks will require updated training, awareness, and vigilance across all platforms—not just email.
In some of these cases, user awareness training is your only line of defense. There’s no other option.
Using the STOP Framework to Combat Deepfakes through Security Awareness Training
Deepfakes are becoming a growing threat to individuals and organizations. These highly convincing, AI-generated audio and video forgeries can be used for social engineering attacks, fraud, or malicious misinformation campaigns. While technical solutions are essential for detecting deepfakes, security awareness training is equally critical to empower employees to recognize and respond to potential threats.
A powerful approach to embedding these defenses into an organization is the STOP framework: Slow Down, Trust Less, Origin Verification, Processes, Policy, Procedure.
In this blog, we’ll explore how this framework can be integrated into security awareness training to combat deepfakes effectively.
Slow Down
The fast pace of digital communication often encourages hasty decisions. In the case of deepfakes, attackers rely on speed to create a sense of urgency, leading individuals to take actions without verifying the authenticity of a message or call.
Security awareness training should encourage employees to pause and assess situations where something feels off. For example, a deepfake might mimic a senior executive instructing a wire transfer. By training employees to slow down, critically analyze the situation, and follow established protocols, the risk of falling for such attacks is significantly reduced.
Tips for Training:
– Reinforce that it’s okay to take a moment before responding.
– Provide scenarios where employees can practice identifying cues that signal deepfakes or suspicious content.
Trust Less
In the digital world, even familiar faces and voices can be falsified. Trusting less doesn’t mean fostering paranoia, but instead cultivating healthy skepticism.
Teach employees that appearances can be deceiving. Just because a video or voice appears to be from a trusted source doesn’t guarantee authenticity. They should maintain a cautious mindset, especially when requests involve sensitive data or financial transactions.
Tips for Training:
– Conduct simulated phishing and vishing attempts using deepfake-like techniques to test employee awareness.
– Educate teams on the indicators of AI manipulation, such as being pressured or a sense of urgency.
Origin Verification
One of the most important aspects of combating deepfakes is ensuring the source of information is authentic. Security awareness programs should emphasize the need to verify the origin of communications before taking action.
For example, when receiving an unusual request, employees should verify the source through secondary channels, such as a phone call or an in-person confirmation, to ensure that the message wasn’t generated by a deepfake or other deceptive means.
Tips for Training:
– Train employees to cross-check any high-stakes communication through multiple channels.
– Teach them how to use available tools for verifying the source of emails, phone calls, or video messages.
Processes, Policy, and Procedure
Having well-defined processes, policies, and procedures in place is critical in stopping deepfake-related attacks. A strong organizational policy for verifying sensitive communications can drastically reduce the risk posed by deepfakes.
For example, a policy requiring dual authentication for financial transactions or sensitive data transfers can act as a safeguard against deepfake-initiated fraud. Regularly reviewing and updating these processes ensures they stay relevant and effective as new threats emerge.
Tips for Training:
– Ensure employees are familiar with the organization’s verification protocols and why they exist.
– Offer workshops or refresher courses to keep employees updated on any procedural changes.
Conclusion
Deepfakes are a rapidly evolving threat, but by incorporating the STOP framework into security awareness training, organizations can equip their employees with the skills and knowledge needed to defend against them.
By teaching teams to slow down, trust less, verify origins, and follow established processes, companies can reduce the risk of falling victim to deepfakes, while fostering a culture of heightened security awareness. As with all cybersecurity measures, the human factor is crucial, and empowering employees with the right tools and mindset is a powerful defense.
Let’s make this Security Awareness Month about covering the threats that lurk outside the inbox. After all, the best defense is a well-informed team capable of identifying and responding to threats in real time, no matter where they appear.