Be careful what you say and where you say it. That’s the message to be taken away from recent research into voice hacking by the University of Alabama at Birmingham in the US.
Cyber criminals are out to steal your voice so they can empty your bank account.
Only a few minutes of voice samples are needed – recorded from a conversation you had in the pub garden, for instance, or from a cold call, or from videos you posted on social media or YouTube.
Voice Hacking Software
With voice-morphing software, these few minutes can be turned into a tool that the hacker can use to impersonate the victim. Then all they need to do is telephone the victim’s bank, get past the voice-authentication system and plunder the account.
Automated voice-authentication uses biometrics to determine the identity of an individual based on unique characteristics of their speech. The researchers in Alabama succeeded in tricking state-of-the-art automated systems in 80% to 90% of tests – a bit worrying when you consider that these are the normal systems used by banks and credit card companies.
Even when tested against a real person, they achieved a 50% success rate.
We’re used to protecting our property from theft, but our voice?
Cyber criminals are always looking for new ways to get access to personal data. Systems that can positively identify a live speaker need to be developed urgently.