Apparently Ontario Travel Blog is ripping off Bredemarket’s posts, including my December 8 post “‘Tis the Season to Be Scammy.“
Ontario Travel Blog’s version tries to cover its tracks by changing key words in its verison of the post, leading to hilarious results.
“However earlier than you reply to that mysterious “secret Santa” and ship that reward (or these reward playing cards) TODAY to obtain a highly-valued reward in return…know your corporation.”
“Welcome to [Your Blog Name]! Your privacy is important to us. This Privacy Policy explains how we collect, use, and protect your information when you visit our website.”
David Hentschel: ARP 2500 synthesizer (uncredited)
The video doesn’t match this list. According to the video, Elton played more than the guitar, and Bernie Taupin performed on the track.
So while we didn’t use the term “deepfake” in 1973, this promotional video meets at least some of the criteria of a deepfake.
And before you protest that everybody knew that Elton John didn’t play guitar…undoubtedly some people saw this video and believed that Elton was a guitarist. After all, they saw it with their own eyes.
During this shopping season, you will be offered incredible deals if you act NOW.
But before you respond to that mysterious “secret Santa” and send that gift (or those gift cards) TODAY to receive a highly-valued gift in return…know your business.
We all agree that deepfakes can (sometimes) result in bad things, but some deepfakes present particular dangers that may not be detected. Let’s look at how deepfakes can harm the healthcare and legal professions.
But I don’t want to talk about the general issues with believable AI (whether it’s Sora 2, Nano Banana Pro, or something else). I want to hone in on this:
“Sora 2 security risks will affect an array of industries, primarily the legal and healthcare sectors. AI generated evidence continues to pose challenges for lawyers and judges because it’s difficult to distinguish between reality and illusion. And deepfakes could affect healthcare, where many benefits are doled out virtually, including appointments and consultations.”
Actually these are two separate issues, and I’ll deal with them both.
Health Deepfakes
It’s bad enough that people can access your health records just by knowing your name and birthdate. But what happens when your medical practitioner sends you a telehealth appointment link…except your medical practitioner didn’t send it?
Grok.
So here you are, sharing your protected health information with…who exactly?
And once you realize you’ve been duped, you turn to a lawyer.
This one is not a deepfake. From YouTube.
Or you think you turn to a lawyer.
Legal Deepfakes
First off, is that lawyer truly a lawyer? And are you speaking to the lawyer to whom you think you’re speaking?
Not Johnnie Cochran.
And even if you are, when the lawyer gathers information for the case, who knows if it’s real. And I’m not talking about the lawyers who cited hallucinated legal decisions. I’m talking about the lawyers whose eDiscovery platforms gather faked evidence.
Liquor store owner.
The detection of deepfakes is currently concentrated in particular industries, such as financial services. But many more industries require this detection.
I still receive “snail mail” at home. And every time I look at it I get enraged.
In fact, I’m this close to opening most of the pieces of mail, removing the postage-free reply envelope, and returning it to the originator with the following message:
Thank you for contributing to rampant identity theft.
How do companies, possibly including YOUR company, contribute to identity theft? Read on.
Snail mail, a treasure trove of PII
Let me provide an example, heavily redacted, of something that I received in the (snail) mail this week. I won’t reveal the name of the company that sent this to me, other than to say that it is an automobile association that does business in America.
John Bredehoft
[HOME ADDRESS REDACTED]
John Bredehoft…
You and your spouse/partner are each eligible to apply for up to $300,000.00 of Term Life Insurance reserved for members – and with Lower Group Rates ROLLED BACK to 2018!
… SCAN THIS [QR CODE REDACTED] Takes you right to your personalized application
OR GO TO [URL REDACTED] and use this Invitation Code: [CODE REDACTED]
So that’s the first page. The second page includes a Group Term Life Insurance Application with much of the same information.
And there’s the aforementioned return envelope…with my name and address helpfully preprinted on the envelope.
What could go wrong?
Google Gemini.
Dumpster divers
Now obviously the sender hopes that I fill out the form and return it. But there is a very good chance that I will NOT respond to this request, in which case I have to do something with all these papers with personally identifiable information (PII).
Obviously I should shred it.
But what if I don’t?
And some dumpster diver rifles through my trash?
Perhaps the dumpster diver will just capture my name, address, and other PII and be done with it.
Or perhaps the dumpster diver will apply for term life insurance in my name and do who knows what.
Thanks, sender, you just exposed me to identity theft.
But there’s another possible point at which my identity can be stolen.
Mailbox diverters
What if this piece of snail mail never makes it to me?
Maybe someone breaks into my mailbox, steals the mail, and then steals my identity.
Or maybe someone breaks into a mail truck, or anywhere on the path from the sender to the recipient.
Again, I’ve been exposed to identity theft.
All because several pieces of paper are floating around with my PII on it.
Multiply that by every piece of mail sent to every person, and the PII exposure problem is enormous.
Email marketers, you’re not off the hook
Now I’m sure some of you are in a self-congratulatory mood right now.
John, don’t tarnish us with the same brush as junk mailers. We are ecologically responsible and don’t send snail mails any more. We use email, eliminating the chance of pieces of PII-laden paper floating around.
Perhaps I should break the news to you.
Emails are often laden with the same PII that you find in traditional snail mail, via printed text or “easy to use” web links.
Emails can be stolen also.
Google Gemini.
So you’re just as bad as the snail mailers.
What to do?
If you’re a marketer sending PII to your prospects and customers…
Stop it.
Don’t distribute PII all over the place.
Assume that any PII you distribute WILL be stolen.
Because it probably will.
And if you didn’t know this, it won’t make your prospects and customers happy.
On Tuesday I will write about a way to combat document signature fraud, but today I will focus on extremely obvious fraudulent activity.
You probably haven’t tried to alter your appearance before going through an airport security checkpoint, but it’s hard to pull off.
Um…no.
The most obvious preventive measure is that airport security uses multi factor authentication. Even if the woman in the video encountered a dumb Transportation Security Administration (TSA) expert who thought she truly was Richard Nixon, the driver’s license “Nixon” presented would fail a security check.
But not all fraud is this easy to detect. Not for job applicants, not for travelers.
In reality, job applicant deepfake detection is (so far) unable to determine who the fraudster really is, but it can determine who the fraudster is NOT.
Something to remember when hiring people for sensitive positions. You don’t want to unknowingly hire a North Korean spy.
Another SoCal Tech Forum presentation on Saturday, this one on banking technology from Carey Ransom of BankTech Ventures.
FoundrSpace.
Only a small reference to financial identity, but excellent nonetheless. While I live-posted the event here on my personal LinkedIn account, I wanted to summarize my three main takeaways from Bredemarket’s perspective.
One: Differentiate
Yes, community banks need to differentiate. Perhaps back in the 1980s before the advent of national banks, community banks could offer a standard suite of services for their communities. But now they’re competing against national banks that do business in their prospects’ communities, and in their prospects’ phones. (We will get to phones in a minute.)
One example Ransom gave: why do community banks offer credit cards? Are their credit cards better than the credit cards from the Really Big (Banking) Bunch? Probably not.
But unlike the Capital Ones and Chimes of the world, community banks know their communities. And they know what local businesses need, and are ideally suited to deliver this. (We will get to services in two minutes.)
Yes, I know that Bank of America may have someone attending and sponsoring your local events, but that person is not Brian Moynihan. And if you don’t know who Moynihan is, your prospects don’t know him either.
But John, you may be saying to yourself, you can’t bank on a phone. How do you deposit checks? And how do you get cash?
Well, let’s look at this:
Bredemarket hasn’t received a check in over three years, but when one of my clients was paying me by check, I would use my phone to take a picture of it and deposit it.
And as for cash, this is needed less and less, especially since many merchants take Apple Pay and Google Pay.
In fact, bank branches are so irrelevant to today’s—and tomorrow’s—bank prospects and customers that Ransom referred to a $3 million dollar bank branch as a really expensive billboard. Probably none of the people who are reading this post WANT to go into a bank branch.
And those that do? Here’s a little secret: if the average age of the people who bank at your bank is in their 70s, they will…um…not be long-term bank customers. The 18 year olds that will bank for decades? They’re opening accounts on their phones. Can they use a phone to open an account at your bank? And why would they do so? (See the differentiation discussion above.)
Three: Supplement
One way a bank can differentiate is via the services they offer.
At the most basic level, a bank can make money by loaning the funds they receive from deposits.
But they can offer many more services to 21st century clients, thanks to legislation such as the Gramm-Leach-Billey Act that allow financial holding companies to own financial or complementary firms.
And not just investments and wealth management.
Ransom provided an illustrative example: cybersecurity.
Banks need to have expertise in cybersecurity to stay alive, and to comply with Know Your Customer and other financial regulations.
So why not offer cybersecurity services to their customers?
This not only gives the banks another revenue stream, but also reduces the risk that their own customers will experience fraud from hacks.
Four: Market
I know I said there were three takeaways. I lied.
Ransom also noted that CapitalOne spends 20% on marketing, including everything from TV ads to cafes. Your typical community bank spends much less, maybe 1%.
How are your prospects going to know what differentiates your bank if they don’t have awareness of those differentiators?
Or perhaps you need proposal or analysis services.
Bredemarket, a provider of content, proposal, and analysis services to technology (and identity) firms, can work with you to create the words you need. Learn about my offerings and book a free meeting here.
Bredemarket 