Threat Report: Increasing Risk for Finance Executives

Overview

For the past several months, Doppel has conducted exhaustive scans focused on prominent finance executives, revealing a concerning surge in impersonation activities across various social media platforms. This includes instances of direct account replication, deep fakes, and sponsored advertisements on platforms such as YouTube, TikTok, X (formerly Twitter), Instagram, Facebook, and Telegram. 

Our mission is to armor security teams with critical insights to fortify executive protection strategies, mitigating corporate risk and shielding stakeholders from imminent threats of phishing and disinformation campaigns.

Risks to Business

These attacks go beyond mere impersonations; they pose a substantial risk to business operations. From compliance and regulatory challenges to threats against executive security and potential damage to investor and media relations, the implications are profound. This report delves into the multifaceted risks and offers insights into protecting your organization.

These risks to the business include:

Compliance and Regulatory Risk:

• Challenge: Stringent regulations on executive communication.
• Action: Proactively prevent incidents to comply with SEC requirements.

Executive Security:

• Challenge: Tarnished executive image leading to potential security threats.
• Action: Implement vigilant measures to safeguard executive reputation and ensure physical security.

Investor Relations:

• Challenge: Impersonation risks impacting investor trust.
• Action: Deploy proactive strategies to detect and counteract impersonation, preserving investor confidence.

Media Relations:

• Challenge: Impersonation threats compromising company image.
• Action: Establish robust measures to detect and counteract impersonation, ensuring media credibility.

Employee Social Engineering:

• Challenge: Fake executive DMs posing internal risks.
• Action: Implement safeguards and awareness programs to mitigate social engineering threats.

Summarized Results:

Our scans targeted key figures in finance, including: Cathie Wood, Ken Griffin, Larry Fink, Jamie Dimon, Brian Moynihan, Michael Bloomberg, Stephen Schwarzman.  

The findings reveal alarming examples of deep fakes, ad campaigns, and direct impersonations across platforms, including these specific examples:

• YouTube Deep Fakes: Here an attacker posted a deep fake of Cathie Wood on YouTube to promote a phishing scheme, targeting retail.

• Facebook Ads: Here an attacker ran sponsored ad campaigns claiming to be from Stephen Schwarzman on Facebook to promote research reports to retail investors.

• Reposting Official Content on Instagram: To develop credibility, Ken Griffin impersonators post official content from Citadel. This can dupe media and investors as they believe this is the official Ken account.

• Telegram Impersonators: Brian Moynihan impersonators are active daily, on a platform, Telegram, that’s grown super popular globally.

• Official Content Reposts on X (Twitter): Similar to the Instagram strategy, Stephen Schwarzman impersonators on Twitter can take advantage of the lack of an official account and retweet corporate tweets. This enables them to gain credibility on the platform with third-party stakeholders.

• TikTok with High Followers and Likes: Larry Fink personas on TikTok have 1M+ likes and 67k+ followers, ensuring their content always stays at the top of users’ algorithms. TikTok is a ripe target with a younger audience and algorithmic autoscroll content.

‍

The time to act is now.

Fortify your defenses against executive impersonation threats by considering taking the following actions:

1. Stakeholder Engagement: Proactively inform your stakeholders about this pervasive threat.
2. Global Social Media Monitoring: Monitor social media activity in international markets to thwart attacks on a global scale.
3. Proactive Monitoring Solutions: Deploy a robust monitoring and takedown solution to combat social media impersonation effectively.
4. Collaborate with Industry Leaders: Engage with FS-ISAC and social media platforms to implement preventative measures collectively.

By adopting these recommended actions, organizations can fortify their defenses, foster resilience, and collectively contribute to a safer digital landscape for executives and stakeholders alike.