Digital theft demonstration: Ethical hacker scams 60 Minutes employee | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

When a 60 Minutes staffer got a call that appeared to be from correspondent Sharyn Alfonsi, she picked up. 

A voice on the other end, generated by artificial intelligence to mimic Alfonsi’s voice, asked for some help. Clips from television had been used to clone Alfonsi’s voice. It took about five minutes.

“Elizabeth, sorry, I need my passport number because the Ukraine trip is on,” the fake Alfonsi said. “Can you read that out to me?”

The woman behind the call was not Alfonsi, but Rachel Tobac, an ethical hacker and CEO of data protection firm Social Proof Security. Tobac, who advises companies and private citizens on their vulnerabilities, was hired by 60 Minutes to show how easy it is to use information found online to scam someone. 

Click here to view related media.

click to expand

Alfonsi is a public figure whose voice is out there in many recordings, but Tobac said anybody can be spoofed. 

“Oftentimes attackers will go after people, they don’t even know who these people are, but they just know this person has a relationship to this other person,” she said. “And they can impersonate that person enough just by changing the pitch and the modulation of their voice that [someone will say], ‘I believe that’s my nephew and I need to really wire that money.'”

Tobac found Elizabeth’s cellphone number on a business networking website, then used a spoofing tool to call her as Alfonsi. An AI-powered app mimicked Alfonsi’s voice to dupe the 60 Minutes employee.

During an interview about digital theft, Tobac played back the recording for the 60 Minutes staffer and Alfonsi to share what she’d done.

“Oh, so I was hacked and I failed, failed ..

Support the originator by clicking the read the rest link below.