'Using publicly available videos on YouTube, scammers created elaborate deepfakes of the company's CFO and coworkers of the target'
Nearly a quarter of organisations in the United States have become victims of payment frauds as a result of AI-driven attacks, according to a new report from Trustmi.
The report surveyed 516 finance professionals, including CFOs, treasurers, and accounts payable professionals, to look at the state of their business payment security processes.
It found that 22% of organisations became victims to AI-driven attacks, such as AI-driven deepfake (9.6%) and executive impersonation (12.3%).
These types of attacks have been "quickly gaining momentum" as of late, according to the report, which recalled a similar incident in Hong Kong where a multinational company lost HK$200 million after an employee fell victim to a sophisticated deepfake video conference scam.
The conference scam included a fake video conference where all the participants except the victim were AI-generated deepfake personas.
"Using publicly available videos on YouTube, scammers created elaborate deepfakes of the company's CFO and coworkers of the target," the report read.
Meanwhile, the report found that human error remained the top cause for business payment fraud among US organisations, as cited by 50% of the respondents.
The report attributed this to organisations' reliance on "legacy technologies" that struggle to keep up with increasing number of payment cycles and transaction volumes.
"This leads to human errors such as duplicate payments, lost invoices, and payments for incorrect amounts, highlighting the urgent need for more robust systems and processes," the report read.
After human errors, business email compromise (BEC) is the second-highest cause of payment fraud, as cited by 42.47% of the survey participants.
Source: Trustmi's The State of Business Payment Security
Shai Gabay, Trustmi co-founder and CEO, said their findings show the "unprecedented challenges" of finance teams in terms of payment fraud, which includes battling as emerging AI-powered threats while trying to identify and stop losses stemming from avoidable human error.
"To overcome these issues, businesses need AI-powered, end-to-end fraud prevention technology capable of automating their B2B payment processes while providing the visibility required to prevent fraud from all attack vectors and loss from needless human errors," Gabay said in a statement.