Saturday, November 04, 2023

Fraudsters impersonate African Union chair using AI


Moussa Faki Mahamat, Chair of the African Union Commission, delivering remarks at the launch of Rays of Hope during a side event at the Summit of Heads of States of the African Union, Addis Ababa, Ethiopia, February 4, 2022. Image by  on Flickr (CC BY 4.0 DEED).

This story was originally published by Africa Feeds, and an expanded version is republished on Global Voices as part of a content-sharing partnership agreement.

Fraudsters have employed artificial intelligence (AI) to impersonate the chairman of the African Union Commission, Moussa Faki Mahamat. The African Union Commission (AUC) functions as the executive and administrative branch, serving as the secretariat of the African Union (AU), and can be loosely compared to the European Commission.

Faki recently fell victim to cybercrime as perpetrators utilized AI tools to mimic his identity and sought to make contact with other leaders under false pretences.

As chair of the AUC, Faki routinely sends formal communications to global leaders when arranging meetings, a process known as a “note verbal.” These diplomatic notes are a standard procedure for scheduling meetings between the leadership of the African Union and representatives of other countries or international organizations.

In a post on X (formerly Twitter), the spokesperson for the chair of the AUC, Ebba Kalondo, disclosed that fraudsters successfully imitated Faki's voice, making video calls to European capitals, ostensibly for arranging meetings. She stated:

According to a statement by the AUC, the cyber criminals utilized counterfeit email addresses, posing as the organization's deputy chief of staff to arrange calls between leaders of foreign countries and Faki. They also conducted meetings with various European leaders, employing deepfake video alterations to impersonate Faki.

The statement from the AUC expressed regret over these incidents, emphasizing that the commission exclusively employs official diplomatic channels for communication with foreign governments, typically through their embassies in Addis Ababa, where the AU headquarters is located.

“The African Union Commission reiterates its strict adherence to diplomatic protocol and exclusive usage of note verbale for high-level engagement requests,” Kalondo said in a tweet.

The AU statement referred to these deceptive emails as “phishing,” indicating the intent of the perpetrators to potentially steal digital identities for unauthorized access to privileged information.

Deepfakes, the technology exploited by cybercriminals, are increasingly gaining popularity in Africa and are sometimes utilized by certain entities to disseminate misinformation and propaganda on the continent. These techniques involve using artificial intelligence tools to create convincing video or audio of someone saying or doing things they haven't actually done.

In January of this year, videos began circulating on social media in Burkina Faso, showing a diverse group of people urging Burkinabe citizens to support the military junta. These deceptive videos were created using Synthesia, an artificial intelligence software designed for video generation. Similar videos were circulated in Mali last year. Also, in a notorious case in Gabon in 2018, a suspected deepfake video nearly toppled the government, as reported by Africa Defense Forum magazine (ADF).

According to research conducted by the IFC and Google, Africa's e-economy is poised to make a significant contribution of USD 180 billion to the overall economy by 2025. Nonetheless, rapid digitalization also brings with it potential threats, with estimates suggesting that cybercrime alone could cost Africa as much as USD 4 billion annually, as reported on the Investment Monitor website.

While the AUC expressed regret over the cybercrime incident that targeted Moussa Faki Mahamat, and emphasized its commitment to adhering strictly to diplomatic protocol, the organization did not offer any details regarding the investigation and arrest of the perpetrators, nor any measures that the AUC plans to implement to prevent future deepfake attacks.

No comments:

Post a Comment