Top WPP advertising executive hit by scammers using voice cloning attack

In a letter sent to employees explaining the incident, WPP chief executive officer Mark Read said unnamed threat actors used a publicly available photo of him to set up a fake WhatsApp account. Then, they arranged a Microsoft Teams call with an agency head and another senior executive. 

Increasing sophistication

That other senior executive was impersonated using YouTube footage and a voice clone, and the fake Read was off-camera and only participated in the discussion via chat. 

“The pretext was that the individual targeted was being asked to set up a new business with the ultimate aim of extracting personal details and money,” Read said in the email. “Fortunately the attackers were not successful.”

In recent times, WPP had experienced an “increasing sophistication in the cyber attacks on our colleagues, and those targeted at senior leaders in particular,” Read added.

For a few years now, cybersecurity researchers and experts have been warning of increasing sophistication in cyberattacks, especially since the proliferation of Artificial Intelligence (AI) tools. Deepfakes have gotten so good that they are often indistinguishable from authentic videos, while voice-cloning tools, for obvious reasons, are even more dangerous.

To defend against the increasing use of AI in cybercrime, businesses should also invest more and, ironically enough, deploy AI themselves, the researchers said. However, since most of these attacks are aimed at employees (often on low-level positions, first), investing in tools without investing in employee education won’t bear much fruit.

More from TechRadar Pro

• AI-powered cyberattacks are the biggest concern for IT - and most are unprepared for them
• Here's a list of the best firewalls today
• These are the best endpoint protection tools right now