nsKnox https://nsknox.net/ Protect every payment by automatically detecting and preventing fraud attempts in real time Tue, 08 Jul 2025 08:11:40 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.1 https://nsknox.net/wp-content/uploads/2019/03/fav.pngnsKnoxhttps://nsknox.net/ 32 32 Rising awareness promptsinvestment in IT defenceshttps://nsknox.net/resources/rising-awareness-promptsinvestment-in-it-defences/ https://nsknox.net/resources/rising-awareness-promptsinvestment-in-it-defences/#respond Tue, 08 Jul 2025 08:00:52 +0000 https://nsknox.net/?p=22125The 2025 Treasury Dragons Payment Fraud
Index indicates a growing maturity in how
firms are responding to the challenge.

The post Rising awareness promptsinvestment in IT defences appeared first on nsKnox.

]]>

Now in its third year, the 2025 Treasury Dragons + nsKnox Payment Fraud Index continues to reveal critical trends in B2B payment fraud, from the rise of deepfake-enabled attacks to the growing adoption of automated fraud defenses.

This year it reveals a worrying gap: while awareness of key fraud threats like AI impersonation is now over 60%, confidence in managing them remains stubbornly low.

📊 Awareness is growing each year—but are businesses truly prepared to respond?

More insights from the report:

  • 73% of firms experienced at least one payment fraud attack this year
  • 84% now use automated systems, but many underuse key fraud prevention features
  • Less than half of companies have a clear fraud policy in place


As fraud evolves, so must the defenses. Discover why more companies are turning to bank account certificates and automated controls to stay ahead.

👉 Download the full report to learn more.

If this content interests you – click HERE to watch our Payment Fraud Masterclass

The post Rising awareness promptsinvestment in IT defences appeared first on nsKnox.

]]>
https://nsknox.net/resources/rising-awareness-promptsinvestment-in-it-defences/feed/ 0
Your Success, Our Obsession: A Deep Dive into the nsKnox Customer Success teamhttps://nsknox.net/blog/your-success-our-obsession-a-deep-dive-into-the-nsknox-customer-success-team/ Sun, 29 Jun 2025 16:44:36 +0000 https://nsknox.net/?p=22067Discover the proactive strategies and unwavering commitment that define superior customer relationships at nsKnox, ensuring your continuous security and success.

The post Your Success, Our Obsession: A Deep Dive into the nsKnox Customer Success team appeared first on nsKnox.

]]>

Discover the proactive strategies and unwavering commitment that define superior customer relationships at nsKnox, ensuring your continuous security and success.

In the world of payment security, where speed, risk, and complexity intersect, customer success is often treated as a reactive function. But for Gil, VP of Customer Success at nsKnox, it’s something else entirely – a strategic role built on trust, clarity, and long-term connection.

Throughout this conversation, Gil shares how he approaches customer success not just as a service but as a relationship – one grounded in full transparency and guided by honest care. From managing high-stakes situations to anticipating future needs, Gil and his team offer a perspective shaped by experience but always focused on what’s next.

“With a good relationship, you can build anything; the sky is the limit”.
That belief isn’t aspirational – it’s operational. It guides how challenges are met, how trust is earned, and how progress is sustained over time.

– Gil Bechor, VP Customer Success, nsKnox

Q. Customer success means different things to different
companies. For you, what does it truly represent – and
how did you find your way to it?

I actually started out on the technical side – as a software developer. However, early on, I recognized that my true strengths and passions lay elsewhere; theyn were in connecting with people. That insight led me through product and program roles, eventually landing me in customer success, where I truly foundn my place.

What drew me to this field and what keeps me in it is the transformative power of relationships. I genuinely believe that with a strong relationship, the sky is the limit. That belief shapes not only how I lead but how our entire team operates.

At nsKnox, customer success is about more than onboarding and support. It’s about building long-term partnerships and ensuring that customers receive genuine, ongoing value from our platform.

My team serves as the bridge between our customers and the rest of the
company, translating customer needs, raising flags, sharing insights, and
ensuring the right conversations are happening across teams such as Product,
R&D, and Operations.
That connection is essential to making sure our customers aren’t just using our product, but truly succeeding with it. And that starts with trust, clarity, and a relationship that grows over time.

Q. What are the top challenges customers face with payment fraud prevention?

Two of the challenges that come up time and again in our conversations with new customers are the following:

The first is fundamental: how can you be sure that the account your AP team is about to pay belongs to the intended recipient and not a fraudster? 
 It’s a critical concern, especially when dealing with large volumes and international vendors. That’s precisely where our Global Account Validation solution comes in. It enables organizations to verify any account anywhere in the world, bringing confidence to every transaction.

The second pain point is the trade-off between speed and certainty. Global businesses need to move fast, but they can’t afford to compromise on verification and security. The challenge is to find a way to ensure both rapid processing and security. While this remains a known industry gap, we continually think about it as part of our broader mission to protect payments at scale.

Q. How do you translate these pain points and needs into
product feedback, innovation, or education?

For us, customer feedback is more than a support function—it’s a strategic asset. When we identify recurring challenges, we don’t just log them; we use them to guide product thinking, shape internal priorities, and inform how we support and educate our customers.

One of the most effective things we’ve done is connect other teams, such as R&D and Product, directly with customers. Hearing needs and challenges firsthand, rather than through a summary or secondhand notes, leads to sharper solutions and faster alignment. It creates a shared understanding that accelerates innovation.

Not every challenge requires a new feature – sometimes, it’s about clarity, communication, or guidance. That’s where education comes in. We see part of our role as helping customers stay ahead, not just with tools but with knowledge. At the end of the day, every pain point is a signal. We listen, we collaborate, and we build – always intending to stay one step ahead of the threats our customers face.

Q. In your view, what should customers prioritize when
evaluating fraud prevention solutions today?

The most valuable solutions are the ones that solve both today’s problems and tomorrow’s challenges. That’s how we approach everything at nsKnox – through a dual focus on immediate impact and long-term value. Whether it’s the product itself or the service around it, both are designed to adapt, evolve, and respond to real-world needs. That’s something our customers consistently appreciate and a commitment we’re deeply dedicated to preserving.

But it doesn’t stop there. We believe in being fully transparent about our direction. Sharing our roadmap and strategic direction isn’t just about visibility – it’s about building shared momentum.

We want every customer to know that nsKnox isn’t just solving for now. We’re actively building solutions for what’s coming next in the world of payments and fraud prevention.

Q. In a fast-growing customer landscape, how do you preserve the personal connection, and how do you apply it in high-pressure situations?

For me, it all comes down to the personal touch. That’s not a slogan – it’s a mindset. I’ve always believed in meeting people where they are, not where I want to “put” them.

Even as the customer base grows, we remain committed to this mindset. It’s not about “the customer is always right” – it’s about understanding where they’re coming from.

At the customer success team, we constantly practice what I call “role reversal”: putting ourselves in the other person’s shoes. It provides us with a deeper, more human understanding of what constitutes the right course of action.

In high-stakes moments, that perspective becomes even more critical. One of the most valuable lessons I’ve learned – and I credit a great former manager for this – is the importance of stepping back to get the whole picture.

I try to take a step back, zoom out, and view the challenge like a chessboard. When you view the field from above, patterns emerge, priorities become clearer, and you’re able to act with intention instead of emotion.

That combination of personal empathy and strategic perspective is what allows our team to navigate complexity without losing sight of the person on the other end of the conversation, and this is what drives the nsKnox service principle.

Q. You mentioned the importance of building trust. Let’s dive into that – how does it shape nsKnox’s work, and why is it so vital?

At nsKnox, we’ve learned through extensive experience that trust and transparency are not a risk; they are a fundamental strength. This understanding forms the bedrock of our approach to customer relationships and reflects how we operate as a company.

Our team is anchored by a commitment to complete honesty – not partial or selective, but crystal-clear communication, even when navigating complex situations. This mindset drives every interaction, ensuring our customers receive direct, honest, and reliable engagement from every member of our team. When we engage with new customers, we communicate this philosophy upfront: this is how we work, and we value the same in return. We believe that real trust is impossible without transparency, making it the essential foundation of every strong partnership. This commitment becomes a powerful differentiator, not only in how we collaborate but also in how customers perceive the genuine value nsKnox delivers.

A prime example of this in action involved a relatively new customer who reached out with a vague concern about a vendor – purely based on intuition, without any major red flags. Our team immediately prioritized the issue, jumping on a call with the customer and their CFO to investigate. Through this collaborative effort, we uncovered a significant fraud attempt.

That pivotal moment of early trust, the customer’s confidence in us to raise a concern without hesitation, ultimately made the difference in preventing a major incident.

This illustrates our broader vision: trust built at one level opens doors at another. Our goal at nsKnox isn’t merely to support the individuals we interact with daily; it’s to cultivate trust across the entire organization – fostering strong, secure partnerships from company to company, and from people to people.

Q. Last one—what’s the biggest myth people still have about customer success?

One of the biggest misconceptions is that customer success is solely the responsibility of the customer success (CS) team. Yes, it’s a dedicated function – and an essential one for maintaining strong human relationships, but it can’t operate in isolation. The responsibility of truly supporting and growing customer relationships belongs to the entire company.

That belief drives how we work at nsKnox. We make a conscious effort to bring together other teams – such as R&D, Product, and the customer-facing team. It builds alignment, creates more relevant solutions, and shows our customers that they’re not just interacting with one team but with a whole company that’s fully invested in their success

The post Your Success, Our Obsession: A Deep Dive into the nsKnox Customer Success team appeared first on nsKnox.

]]>
Upcoming NACHA Fraud-Monitoring Rulehttps://nsknox.net/resources/upcoming-nacha-fraud-monitoring-rule/ https://nsknox.net/resources/upcoming-nacha-fraud-monitoring-rule/#respond Sun, 29 Jun 2025 16:35:28 +0000 https://nsknox.net/?p=22060NACHA, the governing authority of the ACH Network, has introduced significant rule
changes aimed at strengthening fraud prevention and enhancing the ability to recover funds in the event of fraud.

The post Upcoming NACHA Fraud-Monitoring Rule appeared first on nsKnox.

]]>

NACHA, the governing authority of the ACH Network, has introduced significant rule
changes aimed at strengthening fraud prevention and enhancing the ability to recover funds in the event of fraud.

These new requirements apply to all companies and public sector organizations, with compliance mandatory by June 2026.

Download this whitepaper for a deeper insight on these new regulations, and learn how
nsKnox’s PaymentKnox™ can help align with them. 

The post Upcoming NACHA Fraud-Monitoring Rule appeared first on nsKnox.

]]>
https://nsknox.net/resources/upcoming-nacha-fraud-monitoring-rule/feed/ 0
The Payments Fraud Index Webinar: How AI raises the threat level for treasury – and what to do about ithttps://nsknox.net/resources/treasury-dragons-annual-webinar/ https://nsknox.net/resources/treasury-dragons-annual-webinar/#respond Sun, 29 Jun 2025 16:23:42 +0000 https://nsknox.net/?p=22042The Treasury Dragons Payment Fraud Index, now in its third year, provides a unique window into how treasury teams across the globe are dealing with the growing threat of payment fraud.

The post The Payments Fraud Index Webinar: How AI raises the threat level for treasury – and what to do about it appeared first on nsKnox.

]]>
The Treasury Dragons Payment Fraud Index, now in its third year, provides a unique window into how treasury teams across the globe are dealing with the growing threat of payment fraud.

In this one-hour webinar, Mike Hewitt unveils the results of this year’s survey, with insights for everyone concerned with securing AP, AR and treasury functions against theft.

Mike will be joined by Nancy Petras, Director, Global Accounts Payable and T&E at Ansys who will tell the firm’s story of experiencing fraud and going on to secure the business against future attempts, and by Nithai Barzam, CEO of nsKnox, who will share insights into how the best firms are making themselves more secure.

This webinar is essential for anyone responsible for corporate treasury, AP, AR or shared services.

If this content interests you – click HERE to read our full Payment Fraud Report

The post The Payments Fraud Index Webinar: How AI raises the threat level for treasury – and what to do about it appeared first on nsKnox.

]]>
https://nsknox.net/resources/treasury-dragons-annual-webinar/feed/ 0
The Parker Company Secures Global Payment Operations with nsKnoxhttps://nsknox.net/resources/the-parker-company-secures-global-payment-operations-with-nsknox/ https://nsknox.net/resources/the-parker-company-secures-global-payment-operations-with-nsknox/#respond Sun, 29 Jun 2025 14:21:54 +0000 https://nsknox.net/?p=21992Through seamless global bank account validation and master data protection, The Parker Company eliminated fraud risks and redefined how payment security works at scale.

The post The Parker Company Secures Global Payment Operations with nsKnox appeared first on nsKnox.

]]>
  

The post The Parker Company Secures Global Payment Operations with nsKnox appeared first on nsKnox.

]]>
https://nsknox.net/resources/the-parker-company-secures-global-payment-operations-with-nsknox/feed/ 0
Inside Job: How Bad Insiders Bypass Traditional Controlshttps://nsknox.net/resources/inside-job-how-bad-insiders-bypass-traditional-controls/ https://nsknox.net/resources/inside-job-how-bad-insiders-bypass-traditional-controls/#respond Thu, 22 May 2025 07:50:37 +0000 https://nsknox.net/?p=21946In this webinar, nsKnox and AP expert Debra R. Richardson will discuss identifying and stopping insider fraud.

The post Inside Job: How Bad Insiders Bypass Traditional Controls appeared first on nsKnox.

]]>
Internal fraud is one of the most damaging—and often overlooked—threats to organizational finances. In this webinar, nsKnox and AP expert Debra R. Richardson will discuss identifying and stopping insider fraud. You’ll gain practical guidance on manual controls you can apply immediately, and discover how PaymentKnox™ for AP automates bank account validation and protects your entire P2P process. 

Key takeaways include: 

  • How insiders bypass payment controls 
  • Immediate internal fraud prevention tactics 
  • The annual audit every organization should perform 
  • How automation enhances detection and reduces human risk

The post Inside Job: How Bad Insiders Bypass Traditional Controls appeared first on nsKnox.

]]>
https://nsknox.net/resources/inside-job-how-bad-insiders-bypass-traditional-controls/feed/ 0
Q&A: How Innovation is Driving the Future of B2B Payment Securityhttps://nsknox.net/blog/qa-how-innovation-is-driving-the-future-of-b2b-payment-security/ Mon, 07 Apr 2025 07:28:42 +0000 https://nsknox.net/?p=21899Fraud never sleeps—and is evolving at an unprecedented pace. For companies operating in the high-stakes world of B2B payments, staying ahead means constant innovation.

The post Q&A: How Innovation is Driving the Future of B2B Payment Security appeared first on nsKnox.

]]>

Fraud never sleeps—and is evolving at an unprecedented pace. For companies operating in the high-stakes world of B2B payments, staying ahead means constant innovation.

While much of the focus is often spent on creating better workflows and executing daily tasks, the real breakthroughs are happening behind the scenes, in the R&D team, where new technologies are being developed to detect, prevent, and outsmart evolving fraud tactics—all while trying to keep operations efficient.

The challenge is no longer just about stopping fraud—it’s about how to do so in a way that allows corporations and banks to maintain trust without slowing down transaction processing.

Q. We hear more finance and payment professionals discussing the need to validate bank accounts using technology. Why is complete end-to-end B2B payment fraud prevention needed?

A. We’re all focused on validating bank accounts—it’s a fundamental step in preventing fraud. Whether onboarding a new vendor or updating details for an existing one, companies need to ensure they’re sending funds to the right place. Banks want to be able to validate accounts for their corporate clients as well. At nsKnox, we make that possible globally, providing a clear “yes” or “no” answer.

But is that enough?

We’ve seen organizations validate account details correctly, only to have those records tampered with later inside their ERP systems. Even with the right data on file, an unauthorized change can redirect funds without detection.

That’s why fraud prevention needs to cover the entire payment process—not just one step. End-to-end protection is no longer a nice-to-have. It’s the only way to stay ahead of today’s evolving threats.

In banks, we provide technology that ensures that every beneficiary paid by the bank is legitimate, authorized by the corporate client, and the verified owner of the account. This requires more than just validating an account.

Q. What strategies does your R&D team use to stay one step ahead of increasingly sophisticated fraud tactics in a constantly shifting threat landscape?

A. The very nature of our technology and the architecture it was built around “dictates” that we are always putting a strong emphasis on the robustness of our solution, making it rigid when it comes to getting that “yes” or “no” answer to our customers. This allows us to stay one step ahead and ensure that fraudulent attempts are stopped on time. I’ll give you an example – Deepfake AI and its associated stories keep Treasurers awake at night and for a good reason… No one wants to make a callback to their alleged vendor or make a payment according to instructions they get from their boss only to find out they were speaking to a fraudster mimicking the voice of the person they were supposed to talk to.

When we validate an account using actual data from the banking system, we eliminate the chance deepfake AI will dupe our customers.

Our patented Cooperative Cyber Security™ (CCS™) framework powers all our solutions. nsKnox’s roots are deep in cybersecurity—our founding and R&D teams come from that world—so from day one, it was clear that protecting sensitive data like bank account details had to meet the highest possible standards.

CCS™ delivers that protection by breaking sensitive data into multiple encrypted “shreds” and distributing them across different systems. That means no single system holds enough information to expose or manipulate the data. Even if one system is compromised, the information is useless without the rest. This architecture not only prevents data tampering, but it detects and flags any attempt to manipulate information in real time.

Our R&D team continues to refine and evolve these technologies based on real-world fraud scenarios, emerging threat patterns, and close collaboration with our customers. It’s not just about building strong defenses—it’s about making fraud prevention smarter, more resilient, and involving as little friction as possible.

Q. What emerging trends in the B2B payments fraud space are you watching closely, and how is your team preparing for them?

A. There’s no doubt that the B2B payments fraud space is getting the focus of attention from fraudsters and sophisticated cybercriminals. The advancement of AI creates “opportunities” for fraudsters to exploit vulnerabilities in the payment systems. When we recently asked corporate finance executives and banks professionals which type of B2B fraud is a significant concern to them, 73% answered that it is Business Email Compromise (BEC). We see that despite being an older threat, BEC continues to evolve, as fraudsters are now using AI-generated emails that mimic legitimate communication even more convincingly, which can easily lead to payment fraud.

Deepfake AI is probably the most worrisome advancement in B2B payment fraud, as it becomes easier to impersonate executives or key decision makers and use it to divert funds to fake accounts. Using AI, fraudsters will create entirely new identities using a combination of real and fake information, which makes detection difficult. This is called – Synthetic Identity Fraud.

We look at AI and machine learning as important tools in our ecosystem that can greatly help in detecting patterns and shortening processes, but they’re always part of a broader, layered approach where data integrity, verifiable authentication, and tamperproof controls come first.

 

Another important trend, that nsKnox is leading, is looking at B2B payment fraud in a holistic approach, which looks at outgoing and incoming payments and the connection between corporations and banks, as the key to solving the global payment fraud problem. When we recently asked corporate finance executives and banks professionals

Q. How does your R&D team collaborate with other departments (mainly sales and customer success) to ensure your solutions align with customer needs?

A. Cross-functional collaboration is a core part of how our R&D team operates. While we’re focused on building secure, scalable solutions, we rely heavily on input from teams closer to the customer—like Sales, Customer Success, and Product Management—to ensure that what we build truly addresses real-world needs.

For example, our Customer Success team regularly brings us insights from support cases or onboarding feedback, helping us identify patterns or pain points that might not appear in the data alone. Similarly, Sales shares what prospects are asking for in the field —whether it’s specific integration needs, regional requirements, or new fraud scenarios we should consider.

We use these inputs, along with inputs received from our Product team, as valuable data points that directly inform our research and development priorities. They keep us aligned with customer experiences while enabling us to drive innovation in ways that are both strategic and quickly impactful.

Q. What’s your unique edge – What sets our company’s fraud prevention technology apart from competitors?

A.

There are two key elements that set nsKnox apart in the B2B payment fraud prevention space.

First, is our ability to validate any account anywhere in the world. We have our own database that is growing all the time and can provide an immediate answer, in most cases. Other times, we have partnerships with banks, payment rails and systems that can provide us with the validation data if it is not found in our existing database.

Additionally, we can validate any account using data extracted from the bank by using our own technology and methodology. This is unique to nsKnox and enables us to truly declare that we can validate any account, anywhere.

Second, we bring a holistic approach to the market. We’ve developed tailored solutions that serve both sides of the equation—banks and corporations. For banks, we offer tools that help protect their corporate clients. For enterprises, we provide technologies that secure their financial operations end to end. Our expertise on both sides allows us to bridge the gap, innovate more effectively, and help reshape the B2B payments landscape.

Finally, I believe that having a talented team of dedicated software engineers, who all believe in the same goal, helps us in providing an edge to our customers and company.

Q. What emerging trends in the B2B payments fraud space are you watching closely, and how is your team preparing for them?

A. There’s no doubt that the B2B payments fraud space is getting the focus of attention
from fraudsters and sophisticated cybercriminals. The advancement of AI creates
“opportunities” for fraudsters to exploit vulnerabilities in the payment systems. When we recently asked corporate finance executives and banks professionals which type of B2B fraud is a significant concern to them, 73% answered that it is Business Email Compromise (BEC). We see that despite being an older threat, BEC continues to evolve, as fraudsters are now using AI-generated emails that mimic legitimate communication even more convincingly, which can easily lead to payment fraud.

Deepfake AI is probably the most worrisome advancement in B2B payment fraud, as it becomes easier to impersonate executives or key decision makers and use it to divert funds to fake accounts. Using AI, fraudsters will create entirely new identities using a combination of real and fake information, which makes detection difficult. This is called – Synthetic Identity Fraud.

We look at AI and machine learning as important tools in our ecosystem that can greatly help in detecting patterns and shortening processes, but they’re always part of a broader, layered approach where data integrity, verifiable authentication, and tamperproof controls come first.

Another important trend, that nsKnox is leading, is looking at B2B payment fraud in a holistic approach, which looks at outgoing and incoming payments and the connection between corporations and banks, as the key to solving the global payment fraud problem.

Q. Looking ahead, how do you see payment fraud prevention evolving – and what innovations are you excited about?

A. Payment fraud prevention is becoming increasingly integrated, intelligent, and holistic. The days of relying on manual checks, static controls, or narrow fraud detection are fading. As fraud tactics become more sophisticated, prevention must move earlier in the process and become embedded into how organizations manage payments.

Also, we expect greater collaboration between corporates and banks in the fight against fraud. That is why we invest in developing solutions tailored to each side of the equation, as we believe they are tied together. Bridging both ecosystems will play a significant role in reshaping the way B2B payments are secured.

The rapid development of AI can also contribute to payment fraud prevention, if done right and not dependent upon. I am excited over the opportunities this technology will bring. The future of payment fraud prevention isn’t just about blocking attacks—it’s about creating a smarter, safer infrastructure that eliminates opportunities for fraud before they arise.

“Fraud never stops evolving, and neither does innovation at nsKnox. In the R&D team, we’re developing advanced technologies to detect and prevent B2B payment fraud, all while keeping trust and efficiency intact. Our goal is simple: stay ahead of the most sophisticated threats, so businesses and banks can transact securely.”

– Tomer Brook, VP of R&D, nsKnox

The post Q&A: How Innovation is Driving the Future of B2B Payment Security appeared first on nsKnox.

]]>
Strategic Treasurer Webinarhttps://nsknox.net/resources/strategic-treasurer-webinar/ Tue, 25 Mar 2025 11:13:29 +0000 https://nsknox.net/?p=21878Criminals are becoming increasingly sophisticated in their attempts to defraud corporations – and both banks and businesses must stay one step ahead to protect their payments and accounts.

The post Strategic Treasurer Webinar appeared first on nsKnox.

]]>

Criminals are becoming increasingly sophisticated in their attempts to defraud corporations – and both banks and businesses must stay one step ahead to protect their payments and accounts.

That’s why Strategic Treasurer and nsKnox have teamed up for this fast-paced, insightful webinar that dives into the criminal playbook – and explores the next-generation defenses that can stop them in their tracks.

In this webinar, we will:

  • Uncover the tactics and tools criminals are using to commit payments fraud today
  • Explore key techniques from the defenders’ playbook, including enhanced control over bank letters and expanded positive payment services
  • Share real-life case studies to demonstrate how these methods are used in practice
  • Highlight the evolving roles of banks and corporates in strengthening their security posture

This session is ideal for finance, treasury, and AP professionals looking to build a deeper understanding of how to reduce vulnerabilities and proactively combat payment fraud.

We’ll hear from:

Craig Jeffery, Founder and Managing Partner of Strategic Treasurer, will walk us through the evolving threat landscape and defense strategies.
Nithai Barzam, CEO of nsKnox, will share practical insights on how to protect corporate funds with advanced fraud prevention techniques.

The post Strategic Treasurer Webinar appeared first on nsKnox.

]]>
Inside the $25M Hong Kong Deepfake Scam: A Comprehensive Analysishttps://nsknox.net/blog/inside-the-25m-hong-kong-deepfake-scam-a-comprehensive-analysis/ https://nsknox.net/blog/inside-the-25m-hong-kong-deepfake-scam-a-comprehensive-analysis/#respond Sun, 19 Jan 2025 18:36:10 +0000 https://nsknox.net/?p=21123Leveraging nsKnox’s expertise, this analysis unpacks how the deepfake scam in Hong Kong likely transpired and what businesses can learn to protect themselves

The post Inside the $25M Hong Kong Deepfake Scam: A Comprehensive Analysis appeared first on nsKnox.

]]>

In February 2024, a Hong Kong-based multinational firm fell victim to a sophisticated deepfake scam, losing $25 million USD.

The attackers employed AI technology to create convincing video deepfakes of the company’s CFO and other executives, which they used during a video conference to deceive an employee into authorizing large fund transfers.

Drawing on nsKnox’s understanding of how deepfake payment fraud attacks are typically executed, here is our perspective on how the $25 million Hong Kong deepfake scam likely transpired. This is based on the steps outlined in an interview with nsKnox’s CISO, Yaron Libman (also featured in this newsletter).

1. Targeting and Reconnaissance:

  • Information Gathering: The attackers likely conducted extensive research on the target organization to identify the key decision-makers, particularly those involved in financial approvals, such as the CFO.
  • Data Collection: Harvesting audio and video footage of the company’s CFO and other executives. This could have been sourced from public interviews, webinars, or social media
    platforms. Such material was critical for training AI models to convincingly replicate their speech patterns and facial expressions.
  • Identifying Vulnerabilities: Through phishing attacks, insider knowledge, or social engineering tactics, the attackers gained information on internal workflows, payment protocols, and approval authority chains.

This survey gave the attackers the necessary data to build convincing deepfake models and craft a legitimate-appearing scenario

2. Deepfake Creation:

With sufficiently collected raw data, the attackers, most likely, employed advanced deepfake AI technology to:
  • Develop Hyper-Realistic Models: Using state-of-the-art algorithms widely available today to most users, they replicated the CFO’s facial features, voice, and micro- expressions, ensuring the deepfake could perform convincingly in real-time video interactions.
  • Enhance Real-Time Adaptability: The deepfake system was probably fine-tuned to respond fluidly during live communication, seamlessly simulating the CFO’s responses to eliminate suspicion.
  • Authenticate the Setup: The attackers likely mirrored legitimate internal video conferencing systems or spoofed official meeting links, further reducing suspicion.

3. The Attack Execution:

The attackers initiated a video call, leveraging the deepfake CFO to instruct the targeted employee with financial authority.

  • Manipulating Trust: During the call, the deepfake executives instructed the employee to transfer funds to specified bank accounts, framing it as urgent and confidential.
  • Creating Urgency: The deepfake ‘CFO’ likely framed the request as an urgent, high-stakes transaction, leveraging their perceived authority to discourage hesitation or secondary verification.
  • Exploiting Trust: The employee, trusting the visual and verbal cues of the supposed CFO, authorized the transfer of $25 million to the fraudulent accounts provided during the call.

This stage relied on exploiting technological and psychological vulnerabilities, such as employees’ inherent trust in senior leadership and reluctance to challenge high level directives.

4. Completion and Concealment

Once the funds were transferred, the attackers likely employed a series of steps to obscure their tracks:
  • Delayed Realization: The fraud was discovered only after the funds had been transferred, and subsequent communications raised suspicions, leaving little room for recourse as, by then, the funds had already been ‘laundered’ and become irretrievable.
  • Layered ‘Money Laundering’: The funds were likely dispersed through multiple mule accounts and shell companies across numerous jurisdictions, making tracing or recovering the funds challenging@
  • Operational Anonymity: The attackers likely operated through anonymized networks, leaving minimal digital footprints that could tie them to the crime.
  • Investigation: Upon investigation, it was revealed that the video conference had been manipulated using deepfake technology, leading to the unauthorized transfer.

How Can Companies Prevent Such Attacks?

In today’s era of synthetic reality, the increasing prevalence of deepfake technology has rendered voice and video verification methods unreliable, making traditional approaches inadequate. Corporations must require a technology-driven solution that can securely and accurately validate bank account details without the need for phone or video callbacks. By adopting a deterministic approach to verifying payee bank account information, businesses can eliminate the need for fraud-prone phone calls and video conferencing.

PaymentKnox™ for Corporates by nsKnox is a comprehensive payment validation platform designed to address the complexities of modern financial fraud. It provides deterministic account validation by cross-referencing transaction details against verified databases and can validate any account anywhere in the world using bank KYC data.

This ensures that payments are routed only to legitimate and pre approved recipients, significantly reducing the risk of fraud.

While video conferencing has become a regular part of our
daily workplace routines, it’s important to be aware of
potential risks.

Below are steps to help your teams protect themselves from external threats during calls and video conferences. However, it’s crucial to stress that these precautions alone are not sufficient when it comes to transferring funds:

  • Employee Training: Regularly educate employees on the risks of deepfake threats and provide them with the tools and training to recognize red flags for signs of fraudulent communications.
    • Questioning unusual requests and verifying them through alternative channels, even when they
 appear to come from senior executives.
    • Double-check any instructions or requests received that bypass standard protocols, such as changes in payment processes, high-pressure demands, or deviations from typical communication channels.
    • Encourage employees to confirm sensitive instructions through established independent channels,
 even if the request appears urgent.

  • Voice and Video Verification Systems: Leverage AI driven tools designed to detect deepfake anomalies. Platforms like Sensity and Microsoft Video Authenticator can identify issues such as unnatural lip-syncing, irregular speech patterns, audio-visual inconsistencies, discrepancies in facial light reflections, or other subtle details indicative of deepfake contet.

Conclusion

The $25 million deepfake scam in Hong Kong highlights how advanced AI-driven fraud can manipulate trust and authority within financial operations.

As deepfake technology continues to evolve, voice and video verification can no longer be relied upon, rendering traditional methods insufficient. To address this, companies must adopt technology-based solutions that verify bank account details without depending on phone or video callbacks.

Additionally, measures such as employee training and the implementation of voice and video authentication systems can help mitigate vulnerabilities associated with deepfake AI.

The post Inside the $25M Hong Kong Deepfake Scam: A Comprehensive Analysis appeared first on nsKnox.

]]>
https://nsknox.net/blog/inside-the-25m-hong-kong-deepfake-scam-a-comprehensive-analysis/feed/ 0
Q&A: The Growing Threat of Deepfake AI in B2B Paymentshttps://nsknox.net/blog/qa-the-growing-threat-of-deepfake-ai-in-b2b-payments/ https://nsknox.net/blog/qa-the-growing-threat-of-deepfake-ai-in-b2b-payments/#respond Sun, 19 Jan 2025 18:00:25 +0000 https://nsknox.net/?p=21108In today's rapidly evolving digital landscape, the rise of deepfake AI technology has introduced a new and significant threat to B2B payment security

The post Q&A: The Growing Threat of Deepfake AI in B2B Payments appeared first on nsKnox.

]]>

In today’s rapidly evolving digital landscape, the rise of deepfake AI technology has introduced a new and significant threat to B2B payment security.

With cybercriminals using artificial intelligence to create highly convincing fake videos, audio, and images, businesses are at risk of falling victim to sophisticated fraud attempt.

These attacks can easily bypass traditional security measures, leading to unauthorized transactions, stolen data, financial losses, and reputational damage. In this interview with nsKnox’s CISO, Yaron Libman, we explore the dangers posed by deepfake AI, its impact on B2B payments, and how companies can safeguard themselves against this emerging

Q. What are Deepfakes, and how do they work?

A. Deepfakes are highly realistic but fabricated digital content created using artificial intelligence (AI) and machine learning (ML). By training algorithms on massive amounts of real data, such as voice recordings, videos, and images, deepfake technology can generate media that closely mimics actual individuals. This means a person’s voice, facial expressions, and videos can be convincingly faked. These deepfakes can impersonate company executives, stakeholders, or clients to manipulate financial transactions or obtain sensitive data.

Q. What is the future of deepfakes in the context of B2B payment security?

A. Deepfake AI attacks are effective because humans have a natural tendency to trust the data they receive. However, companies must verify and validate this data, regardless of its source. As deepfake technology advances and becomes more accessible, these attacks will likely increase in frequency and become more challenging to detect. The future of payment security will likely rely on more sophisticated, technology-driven tools capable of identifying deepfakes in real time. Additionally, closer collaboration between private payment protection companies and security firms and the implementation of
regular audits and employee training will be critical in developing systems and frameworks that can stay ahead of this evolving threat.

Q. Why are Deepfake scams such a significant threat to B2B payment security, and how are they used in fraud?

A. Deepfake AI poses a serious risk to B2B payment security by enabling cybercriminals to impersonate trusted individuals or entities with alarming accuracy. Criminals can create deepfake videos or audio messages of executives—such as CEOs, CFOs, or Treasurers—directing employees to authorize fraudulent transactions or redirect payments. Without proper verification protocols, these impersonations can lead to substantial financial losses, data breaches, and reputational damage.

Deepfakes can be deployed in multiple ways to manipulate payment systems.
For example:

  • Executive Fraud: Scammers create deepfake content mimicking a senior executive to pressure employees into transferring funds to fraudulent accounts.
  • Invoice Manipulation: Attackers use deepfake-generated voices or signatures to alter
    payment details or submit fake invoices, tricking finance teams into processing
    unauthorized payments.
  • Social Engineering Attacks: Cybercriminals craft realistic deepfake communications
    from clients or vendors requesting sensitive information or urgent payments.

These attacks are especially dangerous because they are designed to bypass traditional security measures like email verification or invoice checks. Even well-trained staff can be deceived, highlighting the critical need for multi-factor authentication, independent and
technology-based account validation technology, and robust employee training to
mitigate these risks.

Q. Is there a specific case that serves as a wake-up call for businesses about deepfake fraud?

A. Consider this scenario: you’re on a video call with your company’s CFO. They appear exactly as you’ve always known them—the same voice, mannerisms, and familiar expressions you’ve observed over years of meetings. They urgently request a multi- million-dollar transfer to a vendor’s account for a time-sensitive deal. Would you question it?

This is exactly how the $25 million deepfake scam in Hong Kong unfolded. Attackers used advanced AI to create a highly realistic video of the CFO and conducted a live video call with an unsuspecting employee, completely mimicking the CFO’s appearance and behavior. By leveraging trust, authority, and a sense of urgency, the scammers persuaded the employee to bypass standard verification procedures and approve the transfer. By the time the fraud was discovered, the funds were long gone.

What makes this case so alarming is how authentic the deception was—these are not basic scams but sophisticated and carefully planned schemes. The distinction between real and fake is increasingly blurred, leaving companies at risk. Without advanced, technology-based protections—such as deterministic account validation and deepfake fraud detection tools—any business could fall victim. In today’s landscape, even seeing and hearing can no longer be trusted.

Q. How can companies stay ahead of deepfake-related risks?

A. Staying ahead of deepfake attacks involves continuous investment in technological,
automated security solutions, regular employee training, and raising awareness and alertness to unexpected or unusual payment requests.

Businesses should also conduct regular security audits of their Master Vendor Files (MVF) and ERP systems, stay informed about emerging AI threats, and implement proactive measures such as automated fraud detection technologies. By adopting strong security protocols and keeping abreast of technological advancements, companies can stay one step ahead of cybercriminals and protect their financial systems from fraud, including deepfake attacks.

Q. How does nsKnox’s solution protect companies from deepfake attacks?

A. nsKnox PaymentKnox™ solution protects companies from deepfake attacks by offering a multi-layered approach to continuously verify account ownership and protect payments throughout the transaction journey. It focuses on deterministically verifying account data based on details from the banking system instead of trusting or trying to confirm the source.

nsKnox ensures that every transaction adheres to a verified payment process, making it extremely difficult for fraudsters to carry out deepfake impersonations or manipulations. This robust, multi-layered verification system offers companies a powerful defense against evolving threats like deepfakes, safeguarding payment security and maintaining trust across the entire B2B transaction process.

Deepfake AI presents a severe and growing threat to B2B payment security. Businesses must adopt robust safeguards and remain vigilant to mitigate the risks posed by this emerging technology. While the threat landscape evolves, so must our defenses against it.

The post Q&A: The Growing Threat of Deepfake AI in B2B Payments appeared first on nsKnox.

]]>
https://nsknox.net/blog/qa-the-growing-threat-of-deepfake-ai-in-b2b-payments/feed/ 0