Ferrari was saved from a major cyber attack planned by WhatsApp AI with this simple question

In some cases, cyber attacks are solved not by complex systems, but by common sense. An example of this was what recently happened to Ferrari, which fell victim to an attempted deepfake attack on WhatsApp in which the identity of its CEO Benedetto Vigna was impersonated by artificial intelligence. But one simple question prevented financial disaster.

This attempted attack was carried out through WhatsApp The target was another auto company executive who stopped the threat from spreading by asking a question that only a real person could answer.

It all started one Tuesday morning when the head of an Italian company began receiving a series of unusual messages on his WhatsApp. The messages appeared to come from Benedetto Vigna, Ferrari’s CEO, and spoke of a major acquisition the company was planning.“Hey, have you heard about the new acquisition we’re planning? “I could use your help,” one message read.

While the messages seemed legitimate at first glance, there were details that didn’t add up. For starters, the messages weren’t coming from Vinya’s regular number, but While the profile photo showed the CEO wearing glasses and a suit in front of the Ferrari logo, it was not the photo he usually wore.

The messages continued in a tone of urgency and confidentiality. “Be prepared to sign the confidentiality agreement that our lawyer is about to send you,” another message said. “The Italian market regulator and the Milan Stock Exchange have already been informed. “Be vigilant and please exercise the utmost discretion.”

In an attempt to continue the scam, the scammer explained that this was not a regular CEO number because the deal was too sensitive and there might be obstacles in China. Depending on history, this may require an unspecified currency hedging transaction.

The scammer’s next move was even bolder. He decided to call using voice deepfake technology that perfectly imitated Vigna’s southern accent. The voice was surprisingly convincing, but the manager became suspicious due to the slightly mechanical intonations in the interlocutor’s voice.

The alleged CEO mentioned that he was calling from another number because he needed to discuss something confidential. He was talking about a deal that could solve problems related to China and would require a currency hedging deal.

Despite the quality of the deepfake, the Ferrari manager decided to test the identity of the alleged CEO with a question that only Vigna could answer. “Sorry, Benedetto, but I need to identify you,” the manager said. He asked her the name of the book that Vinya had recently recommended to her. Suddenly the call was cut off.

Following the attempted fraud, Ferrari launched an internal investigation. Representatives of the company in Maranello, Italy, declined to comment on the incident. However, This event highlights the growing sophistication of the methods used by cybercriminals and the importance of constant vigilance.

This is not an isolated case of deepfakes being used to commit fraud. In May, it was reported that Mark Read, the CEO of WPP Plc, was also the target of a similar scam that involved attempts to impersonate him during a Teams call. While the attempt was unsuccessful, it shows that cybercriminals are refining these techniques.

However, some companies have fallen victim to these scams. Earlier this year, an unnamed multinational company lost HK$200 million (approximately US$26 million) after scammers defrauded its Hong Kong employees using deepfake technology. The fraudsters fabricated testimony from the company’s CFO and other individuals during a video call and convinced the victim to transfer money.

Companies like cybersecurity firm CyberArk are already training their executives to spot bot fraud. The key is to pay attention to the smallest details and be skeptical of any situation that seems unusual or overly urgent.