Arup
Arup has been named in 2 documented digital harm incidents. The most common harm domain is Fraud & Financial.
Documented Incidents
2deepfake_fraud: AI-Generated Video Call Deceives Arup Employee into Sending £20 Million to Criminals — Arup
A British engineering firm, Arup, fell victim to a deepfake scam in early 2026, in which an employee was deceived into transferring HK$200 million (£20 million or $25 million) to criminals via AI‑generated video calls mimicking senior executives. The fraud involved fake voices and images presented during a video conference call with multiple participants, leading the employee to make 15 transfers to five local bank accounts. Arup stated that its financial stability and operations were not significantly affected, and no internal systems were compromised. The Hong Kong police are investigating the case as "obtaining property by deception," with no arrests made yet. Similar deepfake scams have also targeted other high‑profile individuals, including WPP CEO Mark Read and a South Korean woman impersonated as Elon Musk.
Scammers use AI deepfake to steal $25M from engineering firm Arup
In early 2024, scammers employed AI‑generated deepfake video and audio to impersonate the chief financial officer of British engineering firm Arup. The fraudsters convinced an employee to transfer roughly HK$200 million (about US$25 million) to five Hong Kong bank accounts. Hong Kong police identified the scheme after the employee reported the transfers, and Arup notified authorities. Experts warned that generative AI is lowering the barrier for sophisticated financial fraud and urged CFOs to adopt stricter verification controls.