FRESH

Hacker News

Bay Area mom out thousands after scammers use AI to mimic daughter's voice

32 points by arkadiyt

by daemin

0 subcomment

This scam has existed for decades, just hasn't used "AI" before to fake the voice. My grandma was often a target of scammers calling up and pretending to be her daughters or grandsons and wanting to get money out of her. She was luckily mentally quick enough to realise what was happening and hang up.

by pmw

0 subcomment

TOTP can be used today to authenticate a couple to each other over an untrusted medium.
It’s rather high friction; you have to set it up in advance, and then read a six digit number over the phone. And I am not sure that it mitigates the threats… in this situation, I suspect it wouldn’t. It could even make the situation worse if the daughter is genuinely in trouble but can’t access the authenticator.
But I can’t think of a better solution. Any other ideas?

by user68858788

0 subcomment

A friend’s parents were recently targeted by AI scammers that impersonated family members. This shocked me because her parents are pretty poor, and I imagine it’s not free to make targeted scams like this. So, why were they targeted?
My guess is that my friend is listed on a company website as an executive, and scammers are using company pages to find targets worth spending money on. Scams like these aren’t free, but they’re cheap enough to cast wide nets. The nets are only going to get wider as AI becomes cheaper and more available.
Security by obscurity, as effective as it was, is coming to an end. AI enables scammers to spear phish indiscriminately.

by Cider9986

0 subcomment

66 trackers blocked in Brave on this website. Can someone explain what all these trackers are needed for versus on websites with less? Facebook or Discord or Twitter only have 1 or 0 blocked and I'm sure they are tracking my just as much.

by BenFranklin100

0 subcomment

This seems to be partly a technological problem. We will soon need secured, authenticated modes of communication that can verify a person’s voice.
A similar problem is emerging for photos and videos. We also soon need cryptographically signed devices in order to be used in journalism or to be admissible in court.
Otherwise we are going back 150 years where we depend on in-person communication and eyewitness accounts.

by aaron695

0 subcomment

by Cider9986

1 subcomments

This is why we need to prevent data breaches by not collecting the data in the first place as well as move to non-persistant identifiers for contacts. Nobody could scam you if you only used Signal usernames or SimpleX addresses because you just change them for each contact and they don't get breached because services don't ask for them.
This scam wouldn't have been possible if the scammer couldn't easily look up someone's name, pay a few dollars, and see where they live, their phone numbers, email addresses, and family members. It's not as much of a problem in Europe because of the GDPR, but in France their government cybersecurity is nonexistant so everything has been breached repeatedly so it's the same effect.
It's insane this type of data broker hasn't been banned and why I will never register to vote.
Every piece of data you give away is a liability, not just for the services tracking you, which some people might defend, but for cybercrime and data breaches.