Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Top WPP advertising executive hit by scammers using voice cloning attack

Robot typing text on a typewriter. Artificial intelligence generated text and future of journalism concept. Vector illustration.

Hackers recently tried to scam WPP executives into giving away sensitive information and money. 

As reported by the Financial Times, the scam was quite elaborate, and used a combination of deepfake videos and AI voice software to trick the executives into thinking they were discussing a business venture with their peers.

In a letter sent to employees explaining the incident, WPP chief executive officer Mark Read said unnamed threat actors used a publicly available photo of him to set up a fake WhatsApp account. Then, they arranged a Microsoft Teams call with an agency head and another senior executive. 

Increasing sophistication

That other senior executive was impersonated using YouTube footage and a voice clone, and the fake Read was off-camera and only participated in the discussion via chat. 

“The pretext was that the individual targeted was being asked to set up a new business with the ultimate aim of extracting personal details and money,” Read said in the email. “Fortunately the attackers were not successful.”

In recent times, WPP had experienced an “increasing sophistication in the cyber attacks on our colleagues, and those targeted at senior leaders in particular,” Read added.

For a few years now, cybersecurity researchers and experts have been warning of increasing sophistication in cyberattacks, especially since the proliferation of Artificial Intelligence (AI) tools. Deepfakes have gotten so good that they are often indistinguishable from authentic videos, while voice-cloning tools, for obvious reasons, are even more dangerous.

To defend against the increasing use of AI in cybercrime, businesses should also invest more and, ironically enough, deploy AI themselves, the researchers said. However, since most of these attacks are aimed at employees (often on low-level positions, first), investing in tools without investing in employee education won’t bear much fruit.

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.