By Veriti Research, April 24th
The infamous “Nigerian prince” scam, once a laughable email trope, has taken on a far more dangerous form in the era of Generative AI (GenAI). Veriti Research has uncovered a new campaign that demonstrates just how sophisticated and personalized these scams have become, leveraging deepfake technology to manipulate, deceive, and financially exploit unsuspecting users.
PLEASE NOTE THE VIDEO BELOW IS A SCAM, A DEEPFAKE, AND NOT ELON MUSK
PLEASE NOTE THE VIDEO ABOVE IS A SCAM, A DEEPFAKE, AND NOT ELON MUSK
The Classic Scam Goes High-Tech
For over two decades, the “Nigerian prince” scam has been a punchline – an outlandish email pitch requesting help to transfer vast sums of gold in exchange for a cut. However, today’s scammers aren’t sending poorly written emails anymore, they’re using AI-powered deepfakes to impersonate trusted figures and convince victims through sight and sound.
As James Veitch hilariously illustrated in his TED Talk “This Is What Happens When You Reply to a Spam Email,” these scams have long relied on emotional manipulation. Now, that manipulation is backed by hyper-realistic visuals and audio generated by GenAI tools.
Veriti Research Uncovers a Deepfake Elon Musk Campaign
Our research uncovered a fraudulent Facebook campaign originating from South Africa. The scam involved a deepfake video of Elon Musk encouraging viewers to claim a “15,000 RAND prize”, a persuasive offer in a region where the median monthly salary is just over $1,500.
Though the post was eventually taken down, it garnered significant engagement. The scam video used actual source material from a recent conversation between Elon Musk and Dr. Peter Diamandis (from the #FII8 conference on AI). By extracting both voice and video from this legitimate interaction, the attackers created a believable but entirely fake call-to-action.
Deepfake Verification & Domain Analysis
To confirm the authenticity of the video as a deepfake, Veriti Research used Deepware[.]ai powered by Seferbekov’s deepfake detection framework. The tool reported a 98% probability that the video was artificially generated.
We also analyzed the phishing domain used in the scam – appshift[.]tech. Despite the content being aimed at South African victims, the domain showed activity patterns not entirely local, suggesting a potentially broader or globally distributed campaign infrastructure.
From Veriti’s perspective, this scam represents more than just a clever ruse, it signals a shift in the cyber threat ecosystem. Deepfakes lower the barrier for impersonation and fraud at scale, making it easier for cybercriminals to gain victims’ trust by mimicking authority figures. These aren’t just scams anymore. They’re automated social engineering campaigns capable of manipulating massive populations with seemingly authentic video content.
Veriti’s Strategic Recommendations
Veriti Research believes deepfake mitigation must start at the vendor level. Platforms that allow video and image uploads, particularly social networks and communication apps must integrate real-time deepfake detection into their content moderation workflows.
Furthermore, browser protection solutions should incorporate detection algorithms that flag and block deepfake content before it reaches the user. As most deepfakes are delivered through the browser, embedding these capabilities directly in browser security layers is a strategic necessity.
