Reported Audio Deepfake Impersonating CEO Karim Toubba Targets LastPass Employee via WhatsApp

April 10, 2024

A LastPass employee was targeted by an audio deepfake impersonating CEO Karim Toubba via WhatsApp, demonstrating the potential risks of voice-cloning AI in social engineering attempts. The employee identified red flags and prevented a breach. This incident underscores the importance of safeguards for trustworthy AI and highlights the role of Project Cerebellum in promoting harm prevention through governance and mapping of AI incidents.

Join Us in Shaping Responsible AI Governance: JOIN US

Matched TAIM controls

Suggested mapping from embedding similarity (not a formal assessment). Browse all TAIM controls

MANAGE 4.3 — similarity 0.621, rank 1. TAIM detail and related incidents →
MAP 1.6 — similarity 0.620, rank 2. TAIM detail and related incidents →
MEASURE 2.10 — similarity 0.620, rank 3. TAIM detail and related incidents →

Alleged deployer: unknown-scammers, unknown-scammer-impersonating-karim-toubba
Alleged developer: unknown-deepfake-technology-developers, unknown-voice-cloning-technology-developers
Alleged harmed parties: karim-toubba, lastpass-employee, employees-of-lastpass, general-public

Source

Data from the AI Incident Database (AIID). Cite this incident: https://incidentdatabase.ai/cite/1100

Data source

Incident data is from the AI Incident Database (AIID).

When citing the database as a whole, please use:

McGregor, S. (2021) Preventing Repeated Real World AI Failures by Cataloging Incidents: The AI Incident Database. In Proceedings of the Thirty-Third Annual Conference on Innovative Applications of Artificial Intelligence (IAAI-21). Virtual Conference.

Pre-print on arXiv · Database snapshots & citation guide

We use weekly snapshots of the AIID for stable reference. For the official suggested citation of a specific incident, use the “Cite this incident” link on each incident page.