INC-24-0001 confirmed critical Hong Kong Deepfake CFO Video Conference Fraud (2024)
Unknown threat actors developed and deployed real-time deepfake video and audio synthesis system, harming Arup, the engineering firm defrauded of $25.6 million and Defrauded employee ; contributing factors included intentional fraud and social engineering.
Incident Details
| Date Occurred | 2024-01 | Severity | critical |
| Evidence Level | primary | Impact Level | Organization |
| Domain | Information Integrity | ||
| Primary Pattern | PAT-INF-002 Deepfake Identity Hijacking | ||
| Secondary Patterns | PAT-INF-006 AI-Enabled Fraud |, PAT-SEC-009 AI-Powered Social Engineering |, PAT-SEC-001 Adversarial Evasion | ||
| Regions | asia, hong kong | ||
| Sectors | Corporate, Finance | ||
| Affected Groups | Business Organizations | ||
| Exposure Pathways | Adversarial Targeting | ||
| Causal Factors | Intentional Fraud, Social Engineering | ||
| Assets & Technologies | Voice Synthesis, Identity Credentials, Biometric Data | ||
| Entities | Unknown threat actors(developer, deployer), ·Arup(victim) | ||
| Harm Type | financial | ||
Fraudsters used real-time deepfake video and audio to impersonate a company's chief financial officer and other executives in a video conference, deceiving an employee into transferring approximately $25.6 million.
Incident Summary
In January 2024, an employee at the Hong Kong office of a multinational corporation was deceived into transferring approximately $25.6 million USD (HK$200 million) through an elaborate deepfake video conference scam.[1]
The employee received what appeared to be a video call invitation from the company’s UK-based Chief Financial Officer. Upon joining the call, the employee observed multiple participants who appeared to be senior company executives, all of whom were AI-generated deepfakes.
During the video conference, the fraudsters instructed the employee to make a series of money transfers. The employee executed 15 separate transfers totaling HK$200 million to five local bank accounts before the fraud was discovered.[2]
Key Facts
- Financial loss: $25.6 million USD (HK$200 million)
- Method: Multi-participant deepfake video conference
- Target: Finance department employee at multinational firm
- Detection: Employee contacted head office to verify after transfers completed
- Law enforcement: Hong Kong police investigation opened; six arrests made
Threat Patterns Involved
Primary: Deepfake Identity Hijacking — AI-generated video and audio used to impersonate multiple executives
Secondary: Adversarial Evasion — Deepfakes bypassed visual identity verification
Significance
This incident represents one of the largest confirmed financial losses from a deepfake-enabled attack. It demonstrates:
- Multi-participant deepfakes — Attackers can generate convincing deepfakes of multiple individuals simultaneously
- Real-time interaction — Deepfake technology has advanced to enable live video conferencing
- Sophisticated social engineering — Attacks combine technical capability with understanding of corporate procedures
- Verification gaps — Traditional visual confirmation is no longer sufficient for high-value transactions
Timeline
Employee receives video conference invitation appearing to be from UK-based CFO
Employee joins call with multiple participants, all AI-generated deepfakes
Employee instructed to transfer HK$200 million (~$25.6 million USD)
15 transfers made to five Hong Kong bank accounts
Fraud discovered after employee checks with head office
Hong Kong police confirm incident and open investigation
Outcomes
- Financial Loss:
- $25.6 million USD (HK$200 million)
- Arrests:
- Six arrests made by Hong Kong police
- Recovery:
- Unknown
Glossary Terms
Use in Retrieval
INC-24-0001 documents hong kong deepfake cfo video conference fraud, a critical-severity incident classified under the Information Integrity domain and the Deepfake Identity Hijacking threat pattern (PAT-INF-002). It occurred in asia, hong kong (2024-01). This page is maintained by TopAIThreats.com as part of an evidence-based registry of AI-enabled threats. Cite as: TopAIThreats.com, "Hong Kong Deepfake CFO Video Conference Fraud," INC-24-0001, last updated 2026-02-15.
Sources
- Hong Kong Police Statement (primary, 2024-02)
https://www.scmp.com/news/hong-kong/law-and-crime/article/3250851/everyone-looked-real-multinational-firms-hong-kong-office-loses-hk200-million-after-scammers-stage (opens in new tab) - CNN Coverage (news, 2024-02)
https://www.cnn.com/2024/02/04/asia/deepfake-cfo-scam-hong-kong-intl-hnk/index.html (opens in new tab) - CNN Follow-up: Arup Confirmed as Victim (news, 2024-05)
https://edition.cnn.com/2024/05/16/tech/arup-deepfake-scam-loss-hong-kong-intl-hnk (opens in new tab) - Financial Times Coverage (news, 2024-05)
https://www.ft.com/content/b977e8d4-664c-4ae4-8a8e-eb93bdf785ea (opens in new tab) - World Economic Forum Analysis (news, 2025-02)
https://www.weforum.org/stories/2025/02/deepfake-ai-cybercrime-arup/ (opens in new tab)
Update Log
- — Merged duplicate INC-26-0002; added CNN follow-up, FT, and WEF sources
- — Fixed SCMP source URL (corrected truncated slug)
- — Added arrest information from follow-up reporting
- — First logged (Status: Confirmed, Evidence: Primary)