Password management company LastPass recently revealed a sophisticated scam attempt against one of its employees. The fraudster created a WhatsApp account impersonating LastPass CEO Karim Toubba, reaching out to the employee with messages and an audio deepfake of Toubba’s voice.
The vigilant employee recognized the red flags in the unusual communication method and sense of urgency within the messages. They did not fall for the scam and reported the incident. LastPass confirms there was no impact from this attempt.
The company warns this isn’t an isolated threat. Deepfakes are increasingly used for executive impersonation fraud. Other companies like Binance have been targeted. Sometimes, these scams succeed – a $25 million fraud against a Hong Kong multinational used video deepfakes of multiple executives.
Key Takeaway: Be suspicious of any unusual requests, especially if they come outside of regular communication channels and display a sense of urgency.