Are cybercriminals hijacking your voice?

Voice-directed services are now part of everyday life but they also present hackers and fraudsters with new opportunities to attack. 

Billions of virtual digital assistants now listen and respond to our voices. They’re increasingly a feature of mobile phones and computers, and they’re in cars and on home devices. We ask these bots to carry out myriad tasks and, as they extend their potential to enhance people’s daily lives, they also present a potent new cyberthreat.

Writing for MIT Sloan Management Review, Paul Mee and Gokhanedge Ozturk say two thirds of firms plan to use voice recognition customer interaction. They explain the risks and tell you how to safeguard your business and your customers.

THE NATURE OF THE THREAT

“Much of today’s voice fraud, known as ‘vishing’, involves controlling voice assistants by methods such as embedding undetectable audio commands, replaying voice recordings and modifying fraudsters’ voices to match the pitch of their victims’ voices.”

The most sophisticated applications, known as ‘deep fakes’, are so good they create voices that are almost impossible to tell from the real thing. Using this software, a hacker could rip off customers or impersonate a CEO and give verbal agreement for staff to pay substantial cash sums to thieves.

HOW TO DEFEND YOURSELF

Fraudsters are constantly developing new and more advanced machine methods for capturing and manipulating voice commands. Leaders must implement the following strategies to protect themselves and their customers:

1. 1. 1. Only offer voice-recognition for basic fact checking on things like account balances. Stick to manual methods or fingerprint and face recognition for any transactions.
      2. Improve customer security. Match the strength of your voice-activated services to that of your existing digital offering and alert customers when they appear to depart from their usual purchasing patterns. Make sure you provide customers with regular updates about current scams and suspicious approaches, and share how your company is acting to protect them from these risks. Ask for extra identity confirmation as part of your voice responsive services – fingerprint ID, or unique information. And prepare to invest in voice-filtering technology that boosts your ability to distinguish real from fake voices.
      3. Test your cybersecurity regularly to check for weakness in your systems. Prepare tactics to detect and respond to voice-led cyber crimes when they arise, based on scenarios that could happen in your organisation.
      4. Report breaches of voice-related customer safety and security to the appropriate regulators in your location. Share your experiences with other businesses in your industry so you can fight threats and seek solutions collectively.

As people ask digital assistants to handle more sensitive information and even give advice on personal financial matters, it’s imperative to make cybersecurity a top priority to protect your customers and inspire trust in your services.