Get 24/7 incident response assistance from our global team
Please review the following rules before submitting your application:
1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.
2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.
In this report, we share our key investigative findings and observations, including UNC2891’s tactics, techniques, and procedures.
Learn more
Advancements in AI voice cloning and weaknesses in telecom systems have given rise to deepfake vishing attacks, where cybercriminals combine cloned voices with caller ID spoofing to impersonate trusted executives or officials. With just a few seconds of audio-often taken from public sources-fraudsters can create highly convincing voice replicas at minimal cost and with no technical expertise.
To demonstrate this threat, Group-IB and Channel News Asia (CNA) conducted an experiment where a journalist’s voice was cloned using an online platform. The test revealed how quickly and cheaply realistic deepfake voices can be generated, exposing the growing risks to businesses and individuals. This experiment highlights the urgent need for stronger identity verification, awareness training, and defenses against AI-driven social engineering.
AI-powered voice cloning is making vishing attacks more convincing than ever, with global losses from AI-enabled fraud projected to reach US$40 billion by 2027, up from US$12 billion in 2023.Publicly available voice cloning platforms require only seconds of audio and minimal technical expertise, with subscription fees as low as a few dollars per month—putting powerful impersonation tools in the hands of cybercriminals.Weaknesses in global telecom infrastructure allow attackers to spoof trusted phone numbers, making fraudulent calls appear legitimate and bypassing traditional security checks.Real cases, including a US$243,000 scam in the UK and an $18.5 million stablecoin theft in Hong Kong, show how combined voice cloning and caller ID spoofing can result in major financial and reputational losses.In a controlled test with Channel News Asia (CNA), a journalist’s voice was cloned using a free trial of a voice cloning platform, demonstrating how quickly and affordably realistic deepfakes can be created - reinforcing the urgent need for multi-factor verification and awareness training.Group-IB’s security ecosystem provides comprehensive protection for your IT infrastructure based on our unique cyber intelligence and deep analysis of attacks and incident response.
We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:
