The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) has issued a warning to financial institutions about a surge in fraudulent deepfake schemes targeting the sector. This alert aims to help companies identify suspicious activity tied to the use of generative artificial intelligence (GenAI) and deepfake technology.
“Beginning in 2023 and continuing in 2024, FinCEN has observed an increase in suspicious activity reporting by financial institutions describing the suspected use of deepfake media in fraud schemes targeting their institutions and customers,” FinCEN stated.
According to FinCEN, these schemes often involve criminals altering or creating fake identity documents to bypass identity verification processes. The agency warned that deepfake media use is just “one of several risks” that GenAI poses to banks and their customers.
To address this threat, FinCEN has released a list of nine red flag indicators to assist financial institutions in recognizing potential deepfake or GenAI-based scams. FinCEN clarified that each indicator should be considered as part of a broader assessment, as “no single red flag is conclusive by itself.”
The red flags outlined by FinCEN include:
An internal inconsistency in a customer’s photo (e.g., signs of digital alteration) or an inconsistency with other identifying information (e.g., a photo that does not match the apparent age indicated by the customer’s date of birth).
Presentation of multiple identity documents that conflict with each other.
A customer using a third-party webcam plugin or switching communication methods during a live verification check.
Refusal by a customer to use multifactor authentication to verify their identity.
A reverse-image search or open-source lookup revealing a customer’s identity photo in an online gallery of GenAI-created faces.
A customer’s photo or video flagged by deepfake detection software.
GenAI detection software identifying potential GenAI-generated text in a customer’s profile.
Inconsistencies between a customer’s geographic or device data and their identity documents.
Rapid transaction patterns in newly opened or low-activity accounts, such as high payment volumes to potentially risky payees like gambling sites or cryptocurrency exchanges.
FinCEN Director Andrea Gacki emphasized the importance of vigilance in combating this emerging risk: “While GenAI holds tremendous potential as a new technology, bad actors are seeking to exploit it to defraud American businesses and consumers,” she said. “Vigilance by financial institutions to the use of deepfakes, and reporting of related suspicious activity, will help safeguard the U.S. financial system and protect innocent Americans.”
FinCEN also advised financial institutions to reference these red flags when filing suspicious activity reports (SARs) related to suspected deepfake scams.
By fLEXI tEAM
Comments