AI Security

Deepfake Fraud: Detection and Defense for Organisations

Standarity Editorial Team·GenAI Security & Fraud Practitioners
··9 min read

Deepfake fraud is the use of AI-generated audio, video or images to impersonate a real person or fabricate a synthetic one, in order to deceive a victim into transferring money, disclosing credentials or approving an identity. Unlike traditional social engineering, deepfake fraud attacks the evidence of identity itself: the face on the video call, the voice on the phone, the selfie in a KYC check. For organisations, that means the visual and auditory cues employees have relied on for decades to confirm who they are dealing with can no longer be trusted at face value.

This is no longer a theoretical risk. In early 2024, a finance employee at the Hong Kong office of British engineering firm Arup joined a video call with what appeared to be the company chief financial officer and several colleagues. Every participant except the victim was a deepfake, assembled from publicly available footage. Over 15 transactions the employee transferred roughly US$25 million (around HK$200 million) to the fraudsters (Fortune, CNN, May 2024). We use this case throughout because it shows how convincingly the pieces now fit together.

What Is Deepfake Fraud?

Deepfake fraud combines generative media with a classic fraud objective. The generative layer produces a synthetic likeness — a cloned voice, a face-swapped video stream, a fabricated identity document or selfie. The fraud layer wraps that likeness in a plausible pretext: an urgent wire request from the CEO, a call from IT support, or a new-customer onboarding. Because the synthetic media targets the exact signals people and systems use to authenticate identity, it can defeat caller ID, voice familiarity, video presence and even automated biometric checks in a single motion. We explored the broader mechanics in our guide to how GenAI is being used in social engineering attacks; deepfake fraud is the highest-stakes variant of that trend.

How Deepfake Fraud Attacks Work

Most incidents fall into a handful of recurring patterns. Understanding the specific vectors is the first step to briefing the teams who will be targeted.

  • Voice clone scams — a synthesized executive voice, buildable from as little as three seconds of public audio, calls to authorise an urgent payment or reset
  • Live deepfake video calls — real-time face and voice synthesis puts a fake executive on a Teams or Zoom call, as in the US$25 million Arup case
  • CEO and business email compromise hybrids — a spoofed email primes the target, then a voice or video deepfake closes the deal under manufactured urgency
  • Synthetic identity fraud — an entirely fabricated persona, built from a LinkedIn profile and a couple of public clips, is used to open accounts or gain trusted access
  • KYC and onboarding bypass — AI-generated faces, injected document images and real-time webcam face swaps defeat identity verification during account opening
  • Deepfake extortion and impersonation — fabricated compromising media or fake executive statements used to coerce staff or manipulate markets

The economics matter. Fraudsters can now pass a KYC check with an AI-generated face that costs under US$20 and about 30 minutes to produce (Zyphe, 2025). Three technical vectors dominate KYC bypass: synthetic identity fraud, document injection that swaps the image inside the data stream before it reaches the verification system, and real-time face swaps streamed over a virtual webcam. Basic liveness checks that ask a user to blink, smile or turn their head no longer prove a human is present, because tools like DeepFaceLive can perform those actions on a synthetic face on demand.

Why Deepfake Fraud Is Rising So Fast

The volume growth is steep by any measure. Sumsub's Identity Fraud Report 2025-2026 recorded a 2,100% global increase in deepfake attacks, with a 94% year-over-year rise in deepfake attempts in the United Kingdom alone. Roughly one in five biometric fraud attempts observed by identity-verification vendors over the past year involved a deepfake. The FBI's 2025 Internet Crime Report logged more than 22,000 AI-related fraud complaints with losses exceeding US$893 million.

Deloitte projects that generative-AI-enabled fraud losses in the United States will climb from US$12.3 billion in 2023 to US$40 billion by 2027 — a compound annual growth rate of about 32% (Deloitte Center for Financial Services, via AI CERTs, 2024). North American deepfake-enabled fraud losses already exceeded US$200 million in the first quarter of 2025 alone.

Three forces drive the curve. First, generation quality crossed the threshold from obviously fake to plausible under time pressure. Second, the tooling commoditised: what once needed a specialist now runs from a consumer app or an open-source model. Third, the raw material is everywhere — earnings calls, conference talks, podcasts and social video give attackers all the training data they need to clone a specific executive. The result is a threat that scales like software while exploiting a very human weakness.

How to Detect Deepfake Fraud

No single detector is reliable on its own, and human perception is a poor last line of defence. Effective detection layers several complementary approaches so that a fake has to defeat all of them at once.

  • Passive liveness and biometric analysis — validate the capture source and read signals like subtle blood-flow colour changes and 3D depth rather than prompted actions that a synthetic face can fake
  • Multi-frame temporal analysis — examine many frames over time for inconsistencies in lighting, blinking cadence, lip-sync and edge artefacts that single-frame checks miss
  • Real-time audio deepfake detection — models that score a live call second by second can flag cloned or synthetic speech while the conversation is still in progress
  • Content provenance and C2PA — cryptographically signed manifests record what device captured a file and whether generative AI touched it; a broken or absent signature on media that should be authentic is a strong warning sign
  • Injection and virtual-camera detection — spot document-image injection and virtual webcam feeds that indicate a manipulated capture pipeline during onboarding
  • Behavioural and transaction analytics — flag requests that deviate from normal patterns, unusual payment destinations and out-of-hours activity independent of whether the media itself looks real

Provenance deserves a caveat. Missing C2PA credentials or watermarks do not prove that a file is fake, and their presence does not prove it is genuine, so provenance must be combined with watermark checks, reverse-image search, metadata forensics and human judgement. Detection technology is a tripwire, not a verdict. For security teams building this capability into the SOC, our piece on GenAI in security operations from a defender's perspective covers how to fold these signals into existing monitoring.

How Organisations Defend Against Deepfake Fraud

The good news is that the strongest controls are process controls, not products — and they work even when the deepfake is flawless. We recommend layering the following, in order of impact.

  • Mandate out-of-band verification callbacks — for any request to move money, change payment details or grant access, verify through a separate trusted channel using a stored number, never a contact detail supplied in the request
  • Adopt pre-agreed code words — arm executives and finance staff with confidential challenge phrases to confirm identity on calls, so a familiar voice alone is never sufficient authority
  • Enforce dual authorisation and payment controls — require two independent approvers for high-value or unusual transfers, with hard limits and mandatory cooling-off checks for new payees
  • Kill the urgency and secrecy loophole — treat any request that combines urgency with a demand to bypass normal approvals or keep the transaction secret as an automatic red flag requiring escalation
  • Deploy layered technical detection — combine passive liveness, provenance checks and real-time audio detection so no single fake can defeat the whole stack
  • Run deepfake-specific awareness training — generic security awareness does not prepare finance and executive-support staff for convincing voice and video fakes; drill the callback and code-word procedures until they are reflexive

That last point is where most programmes fall short. Deepfake defence is a behaviour, and behaviours have to be rehearsed. The same discipline that makes a phishing simulation programme work applies here: realistic, repeated exercises that build muscle memory rather than one-off briefings. Fold deepfake scenarios into the broader security awareness programme so the callback reflex is triggered automatically the moment an urgent, unusual request arrives — regardless of how real the face or voice appears.

The Arup employee had the technology working against him and no procedural backstop to catch the fake. Organisations that pair layered detection with non-negotiable verification callbacks, dual authorisation and rehearsed awareness convert deepfake fraud from a near-certain loss into a manageable risk. The attacks will keep getting better; the defences that matter most are the ones that do not depend on spotting the fake at all.

Frequently Asked Questions

What is deepfake fraud?

Deepfake fraud is the use of AI-generated audio, video or images to impersonate a real person or fabricate a synthetic identity, in order to trick a victim into transferring money, disclosing credentials or passing an identity check. Because it targets the very signals people use to confirm who they are dealing with, it can defeat caller ID, voice familiarity and video presence at once.

How much money has deepfake fraud cost organisations?

One of the most cited cases is British engineering firm Arup, which lost roughly US$25 million in early 2024 after an employee joined a video call populated by deepfakes of the CFO and colleagues. Deloitte projects US generative-AI-enabled fraud losses rising from US$12.3 billion in 2023 to US$40 billion by 2027, and North American deepfake-enabled losses exceeded US$200 million in Q1 2025 alone.

How can you detect a deepfake?

No single method is reliable, so effective detection layers several: passive liveness that reads blood flow and 3D depth, multi-frame temporal analysis, real-time audio deepfake scoring on live calls, content provenance via C2PA signed manifests, injection and virtual-camera detection, and behavioural transaction analytics. Human perception alone is unreliable and should never be the last line of defence.

How do deepfakes bypass KYC and identity verification?

Attackers use three main vectors: fully synthetic identities built from scraped public data, document injection that swaps an image inside the data stream before it reaches the verification system, and real-time face swaps streamed over a virtual webcam. AI-generated faces that pass KYC now cost under US$20 and take about 30 minutes to make, and basic blink-or-smile liveness checks no longer prove a human is present.

What is the best defence against deepfake CEO fraud?

The single strongest control is a mandatory out-of-band verification callback: for any request to move money or grant access, verify through a separate trusted channel using a stored number, never a contact detail from the request itself. Pair this with pre-agreed code words, dual authorisation on high-value transfers, and deepfake-specific awareness training so the callback becomes reflexive.

Can watermarking and C2PA stop deepfake fraud?

Content provenance standards like C2PA help by embedding cryptographically signed metadata that records how media was created and whether generative AI was involved, and a broken or missing signature on media that should be authentic is a strong warning sign. However, missing credentials do not prove content is fake, and their presence does not prove it is genuine, so provenance must be combined with other detection methods and human judgement.

Explore Courses on Udemy

Intermediate

Cybersecurity Defense with GenAI

Intermediate

Risks and Cybersecurity in Generative AI

Intermediate

Social Engineering with Generative AI (GenAI)