The FBI has warned internet users to be cautious when posting or direct messaging personal photos and videos, after noting complaints about sexually explicit deepfakes circulating on the web.
Malicious actors are using the AI-based technology to manipulate benign images or videos of victims into explicit content. As deepfake innovation advances, such content is becoming more life-like and cheaper for bad actors to access.
Read more on deepfakes: FBI: Beware Deepfakes Used to Apply for Remote Jobs.
The photos and videos are typically captured from victims’ social media accounts or the open web, although sometimes they are directly requested from the victim.
Once altered, they are posted to social media, pornographic websites and other publicly available websites.
The main motivations for this new campaign of deepfakes appear to be payment in money or gift cards, or to force the victim to send real nude and/or sexually themed content.
It is a concerning but long-predicted update to the classic sextortion attack in which victims are tricked or coerced into sending explicit content to their perpetrator. The latter then demands money or more content, threatening to share the images/videos publicly or with the victim’s family and friends if they don’t comply.
Both children and adults have been reported as victims, with the FBI warning that it can be “extremely difficult if not impossible” to have manipulated content removed once posted online.
The bureau urged individuals to consider the following:
- Monitor their children’s online activity and discuss with them the risks of sharing personal content online
- Use discretion when posting publicly, especially content including children
- Run frequent online searches of themselves and their children
- Apply privacy settings to social media accounts to limit the exposure of photos and videos
- Use reverse image searches to locate photos or videos of them
- Exercise caution when accepting friend request or sending images to unknown individuals online
- Do not send money to online extortionists
- Secure social accounts with complex, unique passwords and multi-factor authentication
- Be aware that friends’ social accounts can be hijacked by malicious actors