By Federico Alessandri, Of Counsel – Corporate Compliance, New Technologies and Cyber Security
The latest news is the case of a scam that recently targeted some of Italy’s best-known entrepreneurs and professionals, using the name of Defence Minister Guido Crosetto. The scammers, probably using advanced technologies such as artificial intelligence to imitate the minister’s voice, contacted the victims posing as members of his staff. They demanded large sums of money for alleged ransoms of Italian journalists kidnapped abroad, promising that the funds would be reimbursed by the Bank of Italy.
The identified victims include Massimo Moratti, former president of Inter, Giorgio Armani, Marco Tronchetti Provera, Diego Della Valle, Patrizio Bertelli, the Caltagirone and Del Vecchio families, and the Berettas. At least one of the entrepreneurs made a transfer of around EUR 1 million to a foreign account, believing in the veracity of the request.
Minister Crosetto promptly denounced the incident, stressing the professionalism of the fraudsters and the importance of spreading the alert to prevent further victims. The Milan Public Prosecutor’s Office launched an investigation to identify those responsible and recover the transferred funds.
This episode highlights the increasing use of sophisticated technologies, such as artificial intelligence, in scams, making it increasingly difficult to distinguish between genuine and fraudulent communications. The authorities call for vigilance and prompt reporting of any suspicious activity.
How do we protect our businesses from these risks?
Deepfake and voice cloning technologies are evolving rapidly, bringing with them new risks to the security of corporate communications. It is essential to take appropriate measures to protect our businesses from these threats. Here are some key actions to defend yourself effectively.
-
Identity Verification:
In an environment where voice cloning technologies are able to reproduce perfect voices in seconds, it becomes essential to implement multi-factor verification methods. These systems must be used especially for confidential communications, such as those by phone or email, involving sensitive information.
-
Education and Awareness
Companies must train their employees, especially those who handle important communications, to recognise suspicious signs and anomalies in received messages. This includes, for example, analysing the content of communications and identifying discrepancies in tone or details that could raise doubts.
-
Updating Security Policies:
It is essential to regularly review the company’s information security policies. New threats, such as deepfakes, require the integration of advanced security technologies that can identify and prevent these new forms of attack. The adoption of solutions such as biometric authentication software and communication monitoring systems is an essential step forward.
-
Innovation must not compromise Security
New technologies offer undeniable benefits, but they must never be at the expense of data protection and secure corporate communications. Companies that embrace innovation must do so with a conscious and proactive approach, integrating security best practices to protect themselves and their partners.
Technology can be a powerful ally, but if not accompanied by proper security measures, it can become a boomerang for businesses. With the right precautions and continued education on cyber security, companies can minimise the risks posed by these new and sophisticated threats.
Federico Alessandri, Of Counsel – Corporate Compliance, New Technologies and Cyber Security