The Deepfake Fraud Crisis Companies Are Still Not Ready For

A Video Call That Cost $25.5 Million

The finance worker in Hong Kong thought the video call was completely normal.

His UK-based CFO appeared on screen. Several familiar colleagues joined the call. The CFO explained that a confidential acquisition required urgent approval. The discussion was thorough. The voices were right. The faces were right. The body language was right. The finance worker authorized fifteen wire transfers totaling $25.5 million.

Three weeks later, the real CFO had no idea what acquisition anyone was talking about. Every single person on that video call except the victim was an AI-generated deepfake. This happened in January 2024 at engineering firm Arup. It made global headlines. And then most organizations read about it, expressed concern, and did exactly nothing different.

That decision is now dangerous in a way it was not eighteen months ago.

Why This Threat Has Escalated So Fast

Deepfake-as-a-Service platforms launched in 2025, making professional-grade voice and face cloning available to any criminal willing to pay a subscription fee. You do not need to be a sophisticated nation-state actor. You need a credit card and an hour of setup time.

Deloitte projects AI-enabled fraud will reach $40 billion annually by 2027. The World Economic Forum called deepfake detection existential, not optional.

The attacks targeting companies like yours do not start with million-dollar video call setups. They start with a phone call from your boss asking you to handle something urgent. Or an email with a voice note attached. Or a quick video message explaining why normal procedures need to skip a step this one time.

The sophistication required to create these attacks dropped ninety percent in eighteen months. The sophistication required to detect them has not kept pace.

I am going to give you exactly what you need to protect yourself and your organization. Not theory. Specific steps you can implement this week.

Understanding What You Are Actually Up Against

Before learning defenses, you need to understand what modern deepfakes actually involve, because the threat has evolved significantly from the celebrity face-swap videos most people imagine.

Voice Cloning: The Most Common Entry Point

Voice cloning is now the most common attack vector because it is cheapest and fastest to execute. Services like ElevenLabs and several criminal alternatives can clone a convincing voice from as little as fifteen seconds of audio.

Your CEO's earnings call recording, a YouTube interview, a podcast appearance, a company all-hands recording. Any of these provides enough material. The cloned voice reads a script written by the attacker. It sounds right. The cadence is right. The emphasis is right.

A well-rested, alert professional struggles to identify it as fake in real time.

Real-Time Video Deepfakes

Real-time video deepfakes are more recent and more alarming. Tools now exist that overlay AI-generated faces onto live video streams during calls.

The Arup attack used pre-recorded deepfake video, which is technologically simpler. Real-time face replacement is harder, but increasingly available. Webcam emulators and video filter software already allow attackers to appear as someone else during live interactions.

GetReal Security found attackers are already using this technique to impersonate candidates during remote job interviews, gaining access to organizations by getting hired as someone they are not.

Multimodal Attacks: Email, Voice, Video Combined

Multimodal attacks combine voice, video, and text for maximum credibility.

The sequence is typically:

• An email establishing context

• A voice call to build urgency

• A video call to finalize the deception

Each layer reinforces the others. The victim’s brain assembles a coherent narrative from multiple consistent signals.

Resisting this requires protocols. Human judgment alone cannot reliably detect these attacks in real time.

From Opportunistic to Targeted Attacks

Deepfake fraud has shifted from opportunistic to targeted.

Attackers research:

• LinkedIn profiles

• Company websites

• Public social media

• Regulatory filings

• Local news

They map relationships, authority levels, and workflows. Attacks are tailored to your organization’s specific processes.

The Arup case cost $25.5 million. A Washington State case involved $26 million. These are only the public cases. Private settlements mean the true scale is much higher.

The Seven Defenses That Actually Work

These are not theoretical recommendations. These are defenses confirmed by security researchers and organizations that have successfully resisted deepfake attacks.

Defense One: Code Word System

Establish a secret code word or phrase for high-risk requests.

• Costs nothing

• Takes fifteen minutes

• Changes monthly

• Never appears in recorded or public communication

A perfect voice clone cannot provide a code word it has never heard.

Defense Two: Mandatory Call-Back Verification

When receiving urgent requests involving money, credentials, or access:

• Hang up

• Call back using a known, verified number

Urgency claims are the tell. The Arup attack would have failed if this step was followed.

Defense Three: Time Delay Requirements

Mandatory delays of fifteen to thirty minutes for high-value transactions eliminate urgency-based attacks.

No same-day execution above a threshold amount. No exceptions.

Defense Four: Audit Public Voice and Video Exposure

Executives and finance staff should audit:

• Earnings calls

• Podcasts

• Interviews

• Conference talks

This material feeds cloning models. Awareness is part of defense. Some organizations now watermark audio for tracking.

Defense Five: Detection Tools

Tools include:

• Microsoft Video Authenticator

• Reality Defender

• Sensity AI

• GetReal Security

Reality Defender offers a free tier with 50 scans per month.

Detection is imperfect. Over 90% of advanced AI-generated video bypasses detection. These tools complement process defenses. They do not replace them.

Defense Six: Realistic Simulation Training

Generic awareness training fails.

Effective training uses realistic deepfake simulations tailored by role:

• Finance teams receive fake wire requests

• IT teams receive fake credential resets

• Executives receive fake acquisition discussions

Brightside AI provides this type of role-specific simulation.

Defense Seven: Rapid Internal Verification Channel

Employees need a discreet way to verify suspicion during a live call:

• Secondary messaging channel

• Pre-agreed code phrase

• Separate device

This provides a lifeline without alerting the attacker.

What Detection Tools Can and Cannot Do

Detection tools identify artifacts:

• Face swap seams

• Temporal inconsistencies

• Audio frequency anomalies

• Unnatural blinking

• Incorrect light reflections

As generation improves, detection accuracy declines. Research confirms this arms race has no stable equilibrium.

Reality Defender describes it clearly: attackers improve incrementally; detectors must constantly rebuild.

Bias compounds the issue. Detection tools perform worse on darker skin tones and younger faces, creating exploitable vulnerabilities.

The correct model:

• Detection catches careless attacks

• Slows advanced attacks

• Never replaces process-based defenses

Deploy them. Update them. Do not trust them fully.

Law Will Not Save You in Time

Maryland criminalized AI deepfakes for election interference. Other regions are following.

Legislation will always lag technology.

Do not wait for regulation. Build organizational defenses now.

FAQ

Question 1: How do I actually know if a voice call is a deepfake if the voice sounds exactly right?

Answer: The voice matching perfectly is exactly why voice-only verification is no longer reliable. You cannot trust your ears in real time. The correct defense is not better listening, it is better process. When any call involving financial action, credential sharing, or unusual access arrives, you apply the protocol regardless of how authentic the voice sounds. Ask for the code word. If the caller cannot provide it, the call ends regardless of who they claim to be. If there is no code word system established yet, you excuse yourself, hang up, and call back through a verified number from your existing contacts. The psychological difficulty is that these calls create genuine urgency and genuine recognition. Your brain tells you this sounds exactly like your boss. That feeling is the attack working as designed. The protocol exists precisely because your in-the-moment judgment cannot be trusted when facing a sophisticated attack. Practice the protocol until it is automatic before you need it.

Question 2: What should I do if I think I am on a deepfake call right now?

Answer: Do not make the caller aware of your suspicion. Stay calm and buy time. Say you need to check something, check a document, get approval from a colleague, step away from your desk briefly. Send a message through a secondary channel, a separate phone, a messaging app, a colleague nearby, flagging that you suspect an attack in progress. Do not execute any requested action until you can verify through an independent channel. If the caller increases pressure in response to any pause or request for verification, that pressure itself is a significant warning sign. Legitimate principals do not demand you skip verification steps. If you successfully create distance from the call, immediately report to your security team or supervisor through a verified channel. Document everything you remember about the call while details are fresh. If you have already taken an action, report it immediately. Speed of response after a successful attack significantly affects how much damage can be contained.

Question 3: Are small businesses and individuals actually at risk or is this only a concern for large corporations?

Answer: The Arup and similar attacks targeted large organizations because the financial payouts justified sophisticated preparation. That calculus is changing as deepfake creation costs approach zero. Deepfake-as-a-Service subscriptions put these tools in reach of criminals pursuing smaller targets. Small business owners are now receiving voice-cloned calls from their "bank," their "accountant," their "business partner." Individuals receive calls from their "child" in an emergency needing immediate wire transfer. The grandparent scam was already common using voice actors. AI voice cloning makes it dramatically more scalable and convincing. The defenses scale down to personal use. Establish a family code word for any emergency money request. Any call claiming to be from your bank asking you to act immediately is treated as suspicious regardless of caller ID. You hang up and call back through the number on your card or bank statement. These behaviors are free, take five minutes to establish, and are effective regardless of how sophisticated the attack becomes.