What I find strange about this is you dont need it to be "deepfake".
Just an inside job.
If a large company allows a single employee to transfer millions to a new bank account/vendor that has no history, on "their belief" the instruction came from an approved person (i.e. their boss, CFO etc) - that company has major governance issues that are not related to deepfake.
Imagine the more simple scenario - an employee transfers millions, knowingly fraudulantly, to some people they are working with. They then simply supply some "deep fake" pictures and a story how it was an accident - and boom; you walk away with millions.
Checks and balances exist for many reasons - deepfake doesnt overcome those by itself. This company is just missing basic steps that would have protected itself here.
edit: in fact- its even more obviously some inside job; put the deepfake aside for a moment. How was the meeting even booked? Their PR person said "none of our internal systems were compromised". So this meeting magically appeared in someone's calendar? Using their internal video system (Skype or Teams or whatever). And the criminals knew to target this person, with enough knowledge of random office people to deep fake them? Come on...
You're the only commenter using critical analysis, everyone else is just flapping their jaws.
I hate discussing deepfakes. I'm one of the original patent holders of automated actor replacement technology. I developed it for personalized advertising, after having been an actor replacement specialist in a bunch of VFX film you probably saw.
I spent from 2002 to '08 creating a VFX pipeline, with global patent protections, and an ethical guidance that included public education on this fundamental new technology. Long story short, I needed financing, went to VCs and angels and they were perfectly winning to fund a porn company, but not what I'd planned: an ethical rollout of a sensitive and very powerful technology with many legs, few realize even today.
By '13 I was bankrupt, burned out, and one of my tech partners, a global leader in facial recognition hired me. That's a different story. Actor replacement technology is a fundamental capability with applications far more important than fraud and pornography. But our civilization is far far too immature to realize any of them.
> went to VCs and angels and they were perfectly winning to fund a porn company, but not what I'd planned: an ethical rollout of a sensitive and very powerful technology with many legs
Well, yes, that's kind of what the rest of us have come to expect from the industry. Ethical rollout is always going to take a back seat to raking in as much money as possible. I'm slightly surprised they were willing to touch porn though, not for "ethical" concerns but because it's treated as radioactive by payment services.
It was absurd. My refusals began when they would insist on a technology proof that was creating nude celebrities in an image with them as the 2nd person. It was really amazing. Always guys, unable to contain their glee being horny, and insisting, insisting the company make porn. This was every single VC, it met with all of them. Angel investor groups too. It darkened my view of humanity.
Just an inside job.
If a large company allows a single employee to transfer millions to a new bank account/vendor that has no history, on "their belief" the instruction came from an approved person (i.e. their boss, CFO etc) - that company has major governance issues that are not related to deepfake.
Imagine the more simple scenario - an employee transfers millions, knowingly fraudulantly, to some people they are working with. They then simply supply some "deep fake" pictures and a story how it was an accident - and boom; you walk away with millions.
Checks and balances exist for many reasons - deepfake doesnt overcome those by itself. This company is just missing basic steps that would have protected itself here.
edit: in fact- its even more obviously some inside job; put the deepfake aside for a moment. How was the meeting even booked? Their PR person said "none of our internal systems were compromised". So this meeting magically appeared in someone's calendar? Using their internal video system (Skype or Teams or whatever). And the criminals knew to target this person, with enough knowledge of random office people to deep fake them? Come on...