Full Report
New Hiya data finds 26% of UK consumers encountered a deepfake scam call in Q4 2024
Analysis Summary
This is a summary of an intelligence report concerning the rise of deepfake voice scams targeting consumers, specifically drawing on data from the UK and US populations.
# Incident Report: Surge in Deepfake Voice Scams
## Executive Summary
The final quarter of 2024 saw a significant global increase in unwanted and fraudulent calls, with deepfake technology being a major contributor. A substantial portion of UK and US consumers reported exposure to AI-generated voice scams, resulting in financial loss and personal data theft for many victims. The incident highlights a growing threat where sophisticated voice impersonation is successfully deceiving the public.
## Incident Details
- Discovery Date: Q4 2024 (Data compiled from a January survey)
- Incident Date: Q4 2024 (Refers to the period analyzed)
- Affected Organization: Global Consumers (Specific focus on UK and US demographics)
- Sector: Telecommunications / Consumer Fraud
- Geography: Global, with specific data points for UK, US, Canada, and France.
## Timeline of Events
Due to the nature of this report (a survey summary regarding general trends rather than a specific organizational breach), a precise attack timeline is not available.
### Initial Access
- Date/Time: Ongoing throughout Q4 2024.
- Vector: Voice calls, utilizing sophisticated AI-powered deepfake technology to impersonate trusted entities or individuals.
- Details: Consumers received calls that were highly convincing due to voice manipulation.
### Lateral Movement
*N/A - This is a consumer-facing scam model, not an enterprise network intrusion.*
### Data Exfiltration/Impact
- What was stolen or damaged: Financial loss and personal information theft.
- 40% of exposed Brits and 45% of exposed Americans who encountered deepfakes admitted to falling for them.
- 35% of Brits and 34% of Americans claimed to have lost money.
- 32% of both groups reported having personal information stolen.
### Detection & Response
- How it was discovered: Analysis of global call data on the Hiya Voice Intelligence Network combined with a January survey of 12,000 global consumers for the **Q4 2024 Global Call Threat Report**.
- Response actions taken: The report itself serves as a warning and awareness mechanism regarding the threat landscape.
## Attack Methodology
This report focuses on the *execution* methodology targeting individuals, rather than a typical enterprise intrusion kill chain.
- Initial Access: Social engineering via voice calls.
- Persistence: *N/A*
- Privilege Escalation: *N/A*
- Defense Evasion: Highly convincing AI-generated voice impersonation (Deepfake technology).
- Credential Access: Not explicitly detailed, but implied through social engineering leading to information disclosure.
- Discovery: *N/A* (Attacker reconnaissance is external to the scope of the report data).
- Lateral Movement: *N/A*
- Collection: Theft of sensitive personal information.
- Exfiltration: Direct transfer of funds or data reported by victims.
- Impact: Financial loss and identity compromise.
## Impact Assessment
- Financial:
- Average loss in the UK: £595 ($751 USD).
- Average loss in the US: $539 USD.
- Average loss in Canada: CA$1479 ($1037 USD).
- Average loss in France: €1089 ($1141 USD).
- Data Breach: Victims reported having personal information stolen (32% in UK/US).
- Operational: *N/A (Consumer impact)*
- Reputational: High potential for reputational harm to perceived impersonated entities or general loss of consumer trust in voice communications.
## Indicators of Compromise
As this involves unsolicited phone calls, traditional IoCs are limited to call metadata.
- Network indicators: High volume of outbound calls flagged as spam/fraud from various sources (Defanged context: Suspicious calling patterns detected by voice intelligence systems).
- File indicators: *N/A*
- Behavioral indicators: Voice pattern recognition flags indicating AI-generation or known fraudulent scripting.
## Response Actions
Response actions are framed around public awareness and operational filtering:
- Containment measures: Voice intelligence platforms identifying and blocking known spam/fraud sources.
- Eradication steps: *N/A (Not applicable to a massive, distributed threat)*
- Recovery actions: Victims reporting losses to banks and authorities for potential case recovery.
## Lessons Learned
- The maturation of AI deepfake technology presents an extremely effective and scalable social engineering vector against consumers.
- A significant percentage of the population (up to 45% exposed) are vulnerable even when presented with deepfake calls.
- The financial damage from these voice scams is substantial on an individual level.
- What could have been done better: Increased proactive public education campaigns emphasizing the risk of deceptive voice calls prior to or concurrent with the rise of deepfakes.
## Recommendations
- **Implement Voice Biomarker/Authentication Checks:** For high-value transactions or sensitive information sharing over the phone, implement secondary authentication methods that rely on non-voice verification.
- **Public Awareness:** Conduct widespread campaigns reinforcing skepticism toward unsolicited calls, especially those demanding immediate action or financial transfers, regardless of the voice quality.
- **Carrier/Platform Filtering:** Leverage advanced voice intelligence services (like Hiya's) at the carrier level to block known spam and potentially AI-generated fraudulent calling patterns before they reach the end-user.