This engineering firm was hit by a deepfake fraud. Here's what it learned

This video is part of: Centre for Cybersecurity

In early 2024, fraudsters stole $25 million from Arup. They used a digitally cloned version of a senior manager to deceive an employee into making financial transfers. This wasn’t a cyberattack in the usual sense, says Rob Greig, Global Chief Information Officer of Arup, as no systems were compromised. A better term might be 'technology-enhanced social engineering'.

Topics:

Share:

Forum Stories newsletter

Bringing you weekly curated insights and analysis on the global issues that matter.

Subscribe today

More on Cybersecurity
See all

How cybersecurity can best navigate geopolitics to secure a resilient and open digital future

Ellie Winslow and Joanna Bouckaert

February 5, 2026

How to prioritize cyber resilience in the healthcare sector

The 4 profiles of cyber-resilient organizations: which colour are you?

Quantum-safe migration: Why now is an opportunity to modernize cryptography for the new age

Preparedness paradox: Understanding AI risk and reward in the cyber ecosystem

When an organization gets hacked, who pays the price?