A deepfake is synthetic content, video, audio or image, generated by artificial intelligence models that imitate a real person with increasing realism. The technique was born in academic and research circles, passed through a phase of playful and disinformative use, and in 2026 has consolidated as a distinct category of corporate fraud. The difference with other impersonation vectors is that the content is not documentary forgery or post-hoc manipulation: it is generated from scratch with the face, voice or body of the target, in many cases in real time during a video call. For a modern organization, where critical decisions are authorized over remote channels, this changes the very basis on which operational trust is built.
Key points
- A deepfake is synthetic content (video, audio, image) generated by AI that imitates real people with rising quality.
- The Arup Hong Kong 2024 case involved the transfer of around 25 million US dollars after a video call featuring multiple fake executives.
- Main vectors are CEO voice fraud, video conference impersonation, remote KYC bypass, brand disinformation and hiring fraud.
- Technical detection (liveness, FakeCatcher, Pindrop) helps, but does not replace out-of-band verification policies and multi-person approval.
- EU AI Act Article 50 requires marking synthetic content and informing the public when a deepfake is displayed, with narrow exceptions.
State of generative art in 2026
Generative model quality has crossed, in several modalities, the threshold at which the average human cannot tell real from synthetic without technical assistance.
In voice cloning, tools such as ElevenLabs allow generating custom voices from short samples, on the order of a few seconds under favorable conditions, replicating intonation, accent and personal traits with high fidelity. Legitimate use covers dubbing, accessibility and multimedia production, but the same engine serves an attacker who can pull public samples (interviews, conferences, corporate videos) of a target.
In synthetic video, platforms like HeyGen, Synthesia, Runway and OpenAI Sora produce talking avatars and full sequences from text, image or reference video. Generating a plausible avatar of a specific person, synced to an arbitrary script, no longer requires deep technical skills.
In real-time facial deepfake, open source tools and commercial suites allow swapping a face during a video call with low latency, preserving the expressions and movements of the operator behind the screen. Artifacts that gave these pieces away in 2021 (odd blinking, unstable edges, inconsistent lighting) have been reduced to levels that only a trained observer reliably catches.
Add to this the progress in image generation (Midjourney, DALL-E, Imagen, Stable Diffusion XL) that produces photorealistic portraits of nonexistent people or of real people in arbitrary contexts. The combination turns the production of believable synthetic content into a capability that is accessible, cheap and fast.
Documented corporate cases
It is worth looking at concrete cases without falling into spectacle, because they mark the actual patterns attackers are using.
The most cited case is the Arup subsidiary in Hong Kong, in 2024. A finance employee joined a video call featuring several company executives, including the CFO. After the meeting, the employee authorized a series of wire transfers totaling around 25 million US dollars. The subsequent investigation found that all the participants in the call were deepfakes produced by the attackers from public material and previously spoofed communications. The firm publicly confirmed the incident and it has become an obligatory reference in any conversation about deepfake fraud in corporate environments.
In 2019, a British energy company fell victim to a fraud of roughly 220,000 euros when an attacker used synthetic voice to impersonate the German CEO of the parent company and order an urgent transfer to the UK subsidiary CEO. The case is among the first documented instances of CEO voice fraud and showed that the pattern worked even with cloning technology markedly more limited than today's.
In 2024, an attempted fraud against Ferrari was caught by an executive who, during a call where the counterpart used synthesized voice of the CEO, asked a personal question whose answer the attacker could not know. The attempt was aborted. This case matters because it shows that low-cost human verifications, properly inserted into the flow, can break an attack that technology alone fails to flag.
To these examples one must add recurring variants of Business Email Compromise (BEC) augmented with audio: the attacker combines a spoofed email with a follow-up call where the cloned voice of the executive reinforces the urgency. Incident response teams report that the combination is significantly more effective than classical email-only BEC.
Types of corporate attack
The vectors that exploit deepfake in corporate environments cluster into relatively stable families.
- CEO voice fraud (enhanced vishing). The attacker calls someone with financial or administrative authorization power, impersonating an executive, and requests an urgent operation under confidentiality pretext. Cloned voice removes the usual friction of a suspicious email.
- Video conference impersonation. Zoom, Teams or Meet meetings where one or more participants are real-time deepfakes. The Arup case fits this category. The visual authority of seeing several known faces amplifies pressure on the victim.
- Remote identity verification (KYC) bypass. Banks, fintechs and crypto platforms verify identity through face capture and liveness checks. Attackers use deepfakes and video injection tools to defeat checks that rely only on a selfie or a recorded video.
- Targeted disinformation against brand or executive. Fabricated videos and audios where a CEO announces false decisions (speculative investments, controversial statements) or where a brand appears associated to invented products or behaviors. Reputational damage hits even when the deepfake is debunked within hours.
- Hiring process fraud. Candidates interviewing by video call using deepfake to mask a real operator different from the resume holder, with motives ranging from hiding lack of skills to infiltration operations by state actors or ransomware groups. Public cases tied to North Korean operators have been reported.
- Extortion with synthetic content. Generation of fake compromising images or videos to pressure executives or employees, with sexualized variants (synthetic sextortion) emerging as a specific category.
Why companies are a natural target
Several factors converge to make the corporate environment a priority target.
Critical decisions flow through hierarchical authority and urgency. The professional reflex to obey a direct instruction from a superior, especially under time pressure, is exactly the lever a well-built deepfake exploits.
Remote and distributed operations are now standard. Video meetings, fully remote hiring, digital signatures and electronic approvals are part of daily life. Physical presence, which historically acted as an implicit trust filter, has disappeared from much of the flow.
Remote KYC has become generalized in banking, insurance, rentals, telecom and public services. Each of these processes is a point where a deepfake can try to open an account, contract a service or capture economic benefit.
M&A operations, due diligence and confidential negotiations are particularly sensitive terrain: asymmetric information, time pressure and high-value operations amplify the potential payoff of successful impersonation.
Finally, there is abundant public material on most executives: interviews, conferences, corporate videos. The greater the public exposure of a person, the easier it is to train or fine tune models on their voice and face.
Technical detection
The detection tooling landscape has matured, but no option offers absolute guarantee.
In biometric liveness, modern solutions combine motion analysis, active challenges (head turn, blink on demand), depth analysis and video injection detection. Vendors like iProov, Onfido, Veriff and Incode layer passive detection (no user action required) and active detection (with explicit challenges) that significantly raise the bar against simple deepfakes.
In video analysis, tools like Intel FakeCatcher rely on physiological signals, such as pulse detectable in subtle skin color changes (remote PPG), that generative models typically fail to reproduce. Microsoft Video Authenticator, Sensity, Deepware Scanner and Reality Defender offer machine learning analysis over typical generation artifacts.
In audio, Pindrop, Pindrop Pulse and Reality Defender Voice analyze acoustic features and patterns that distinguish natural from synthesized voice. Their accuracy depends on the generator model and degrades when the attacker introduces noise, compression or post-processing.
For post-incident forensics, specialized teams apply frequency analysis, compression artifact search, comparison against known sample bases and metadata verification when present. Forensics provide useful investigation evidence, but do not solve real-time detection.
Set honest expectations: false positive and false negative rates remain significant, especially against recent models and attackers who apply post-processing to mask the signal.
Human detection: red flag signals
Beyond technical tooling, there is a set of signals a trained team can identify, and that have proven effective in real cases.
- Unusual urgency combined with instructions to bypass the standard procedure. Artificial time pressure is the most constant trait in impersonation-based fraud.
- Channel mismatch: a request that normally arrives by email appears by voice, or vice versa. If a CEO never calls to order transfers and suddenly does, the anomaly weighs more than apparent authority.
- Inconsistencies in personal details the attacker could not know: references to recent conversations, family data, internal anecdotes. The Ferrari question is the archetypal example.
- Small video misfits: imperfect lip sync, lighting that does not vary as expected with movement, irregular blinking, unstable edges around the face on head turn.
- Small audio misfits: missing or overly regular breathing, abrupt transitions between sentences, slightly artificial prosody under emotion.
- Refusal of additional verification. A legitimate counterpart will almost always accept a callback or a second-channel verification. An attacker will try to disable that verification with arguments of urgency or confidentiality.
Training teams on these signals does not guarantee detection, but combined with structural policies it materially reduces the probability of successful attack.
Organizational defenses
Effective defense does not rest on trying to detect each deepfake but on changing processes so that visual or auditory plausibility stops being sufficient to authorize a critical decision.
- Mandatory out-of-band verification for operations above defined thresholds. A transfer above an agreed amount requires callback to a known and registered number, not the number the request came from. The policy is documented and made explicit to authorized signatories.
- Pre-shared code words between executives for sensitive conversations. A privately agreed word or phrase, rotated periodically, that the legitimate counterpart knows and a reasonable attacker does not.
- Multi-person approval with two or more signatures for material financial operations. The second approver operates with full visibility and authority to stop the operation without penalty.
- Deepfake-specific awareness program. Beyond classic phishing, training with real examples and drills that include synthetic video and voice so the team experiences the realism of the phenomenon.
- Robust biometric liveness in KYC, with video injection detection and combination of active and passive checks. Vendor selection with public benchmarks and periodic review.
- Brand and executive monitoring via services such as Sensity, BrandBastion or equivalents, to detect deepfake circulation mentioning the company or key people, especially in sensitive periods (earnings, IPO, strategic announcements).
- Measured public exposure policy for executives with higher risk exposure, balancing legitimate corporate communication with awareness that every minute of public audio and video is raw material for model training.
EU AI Act, Article 50
The European AI Regulation introduces specific obligations relevant here. Article 50 distinguishes two planes.
The first is user transparency when interacting with AI: chatbots, voice assistants and similar must inform users of their nature, save narrow exceptions (systems authorized by law for research or detection, for instance). This obligation falls on the system deployer.
The second is synthetic content marking. Providers of generative AI systems must ensure the output is markable as synthetic in machine-readable format and, where technically feasible, detectable. Deployers that generate deep fakes and expose them to the public must inform of their nature, with narrow exceptions for clearly identified artistic use and legally authorized cases.
The definitions and technical details are concretized through implementing acts and harmonized standards, where initiatives like C2PA and SynthID are natural references. Oversight is coordinated by the EU AI Office together with the national authorities each Member State designates. The AI Act sanction regime provides for fines in percentages of worldwide annual turnover, scaled by type of infringement.
For a European company, the practical implication is twofold: review any in-house product using generative AI to ensure correct marking and disclosure, and consider these elements in due diligence on AI providers whose outputs feed corporate workflows.
Sector impact
The general pattern shows industry-specific nuances.
In financial services, the dominant vector is transfer fraud, either through executive impersonation or KYC bypass at account opening. Regulatory pressure on biometric liveness and strong authentication has grown significantly.
In legal sector, synthetic testimonies have appeared in recordings presented as evidence, and letters or videos attributed to parties who did not issue them. Digital chain of custody and authenticity verification have become central pieces of procedural diligence.
In media and communications, the challenge is viral circulation of deepfakes in sensitive periods (electoral processes, corporate crises) and the need for verification processes before publication. C2PA adoption in large newsrooms responds to this pressure.
In entertainment and sports, fraud around talent (impersonation of artists, contracts negotiated with fake counterparts) and unauthorized generation of content with recognizable people's image have driven litigation and demands for specific regulation around image rights.
In public sector, impersonation of authorities in official communications and attempts to manipulate remote administrative procedures have driven pilots of cryptographic signing of institutional communications.
Frequently asked questions
Is it realistic to think my company can be a deepfake target?
If the organization handles material transfers, operates with remote clients or suppliers, hires personnel fully remote or has executives with moderate public presence, the risk exists and has been exploited in companies of very diverse sizes and sectors. The technical cost for the attacker has dropped enough to no longer require a top-tier target.
Is the callback policy not annoying for executives?
When well designed, no. Callback only applies above agreed thresholds and runs against pre-established numbers, which adds seconds to a process that already consumes minutes by its nature. The alternative, exposing an employee to authorize a million-dollar transfer without verification, is disproportionate by any reasonable comparison. Serious executives understand and back the policy.
Does technical deepfake detection work at 100%?
No. The best tools reach high accuracy under controlled conditions with known generator models, but precision degrades against recent models, adversarial post-processing and aggressive compression. Detection must be treated as an additional evidence layer, never as standalone definitive proof.
Are EU AI Act fines actually applied?
The regulation is already in progressive application, with several blocks fully entering force in 2026, and it provides for fines in percentages of worldwide annual turnover scaled by type of infringement. Oversight is shared between the EU AI Office and the national authorities each Member State designates. Enforcement activity is reasonable to expect in upcoming cycles, with pioneering cases clarifying practical interpretation.
Is it true that a voice can be cloned from three seconds of audio?
The most advanced tools advertise cloning from very short samples and obtain acceptable results in controlled demonstrations. Real quality depends on the content and quality of the reference audio, and usually improves with more material. For a motivated attacker, obtaining minutes of clean voice of a public executive is typically trivial. The practical barrier is already very low.
Does my insurance cover deepfake fraud?
Cyber and electronic fraud policies are being updated to clarify coverage of incidents based on AI impersonation. Some traditional exclusions (apparently authorized instructions, internal errors) could leave incidents of this type uncovered if the wording is not reviewed. The prudent move is to review the policy with the broker, document internal out-of-band verification policies and preserve evidence of training delivered.
Related resources
- What is social engineering
- How to avoid phishing
- Types of phishing
- Ransomware in Spain 2026
- AI watermarking and content provenance
- ChatGPT security in business and risks 2026
Anti-deepfake preparation with Secra
At Secra we help organizations assess their exposure to deepfake fraud and design the bundle of measures that brings risk down to acceptable levels: out-of-band verification policies calibrated by amount and operation, awareness programs with specific synthetic voice and video drills, review of KYC and liveness providers, deployment of brand monitoring for early detection and alignment with EU AI Act Article 50. We work from the perspective of real documented incidents, not hypothetical scenarios.
Request an initial assessment and plan with us the anti-deepfake strategy adapted to your organization.
About the author
Secra Solutions team
Ethical hackers with OSCP, OSEP, OSWE, CRTO, CRTL and CARTE certifications, 7+ years of experience in offensive cybersecurity, and authors of CVE-2025-40652 and CVE-2023-3512.