Threats & attacks

What is a Deepfake?

A plain-English guide to deepfakes: what they are, how criminals use them to impersonate executives and steal money, and the controls that actually stop them.

What Is a Deepfake Attack
Key takeaways

  • A deepfake is AI-generated audio, video, or imagery that convincingly imitates a real person. The EU AI Act defines it in law and, from 2 August 2026, requires deepfakes to be labelled.
  • Deepfake fraud is now a business problem, not a celebrity one. Reported losses reached about 410 million dollars in the first half of 2025, more than the 359 million for all of 2024 (Surfshark, 2025).
  • The tools are cheap and fast. Voice cloning needs only 20 to 30 seconds of audio, and a usable video deepfake can be built in under an hour (World Economic Forum, 2025).
  • In 2024 a finance worker at engineering firm Arup paid out about 25 million dollars after a video call in which the CFO and colleagues were all real-time deepfakes (CNN, 2024).
  • The same playbook hit WPP and Ferrari in 2024. Both attacks failed because a person paused and verified through a separate channel.
  • Detection by eye is unreliable and getting worse. Gartner treats deepfake detection tools as necessary but not sufficient on their own.
  • The defence is process, not gadgets: dual authorisation for payments, and out-of-band verification through a known channel, never the one the request arrived on.
  • Security awareness training is now a legal duty. NIS2, in force in Sweden as Cybersäkerhetslagen since 15 January 2026, requires it under Article 21.
  • Business email compromise still dwarfs everything, with 3.05 billion dollars reported to the FBI in 2024, and deepfakes make those approaches far harder to spot.

What is a deepfake?

A deepfake is synthetic audio, video, or imagery generated by artificial intelligence to convincingly imitate a real person’s face, voice, or both. The EU AI Act defines it in law as AI-created or AI-altered content that imitates real people or events in a way that could mislead. In a business setting, that usually means a cloned executive voice on a call or a fabricated face in a video meeting.

For years deepfakes were a celebrity and politics problem. That has changed. Criminals now use the same tools to impersonate the people you work with, your CFO, a supplier, a colleague, and to authorise payments that should never happen. The technology is cheap, fast, and built from footage your executives have already posted in public.

How deepfakes are made

Modern deepfakes are produced by generative AI models trained to reproduce a target’s likeness. Voice cloning systems learn a person’s tone and cadence from a short sample. Video models map a target’s face onto a live video feed in real time, so an attacker can sit on a call and appear as someone else as they speak.

The barrier to entry has collapsed. The World Economic Forum reports that cloning a usable voice takes only 20 to 30 seconds of clear audio, and a convincing video deepfake can be built in under an hour using freely available software. The source material is scraped from the places your leaders are most visible: LinkedIn, YouTube, recorded webinars, and earnings calls. After the Arup fraud, the firm’s own technology chief told the Forum he recreated himself as a real-time deepfake out of curiosity, using free open-source tools.

Types of deepfake attack

Deepfakes show up in several distinct attack patterns. Knowing the shape of each one makes it easier to recognise in the moment.

  • Voice cloning (vishing): a cloned voice on a phone call or voicemail pressuring someone to pay or share information.
  • Live video impersonation: a real-time face swap on a video meeting, impersonating an executive or several colleagues at once.
  • Lip-synced or puppet video: existing footage altered so a real person appears to say something they never said.
  • Synthetic identity and document fraud: generated faces and ID images used to defeat facial recognition and pass identity checks.
  • Off-camera impersonation: a faked persona in a meeting chat window or messaging app, often combined with a cloned voice elsewhere in the attack.

The business impact

Deepfake fraud has moved from novelty to measurable loss. Reported losses from deepfake-enabled fraud reached roughly 410 million US dollars in the first half of 2025 alone, more than the 359 million reported for all of 2024, according to analysis by Surfshark. The Deloitte Center for Financial Services projects that generative-AI-enabled fraud in the United States will climb from 12.3 billion dollars in 2023 to 40 billion by 2027.

The damage is not only the money that leaves the account. A single successful attack carries several costs at once:

  • Direct payment fraud: funds wired to attacker-controlled accounts, often unrecoverable.
  • Supplier and invoice fraud: changed bank details confirmed by a faked voice, redirecting legitimate payments.
  • Identity and access bypass: synthetic faces defeating biometric checks. Entrust reported that around one in five biometric fraud attempts in the past year were deepfakes.
  • Reputation and reporting risk: loss of confidence, regulatory exposure, and the cost of investigation and remediation.

Deepfakes also make the oldest fraud category harder to stop. Business email compromise still drove 3.05 billion dollars in reported losses to the FBI in 2024. A cloned voice or face on top of that email removes the moment of doubt that used to protect people.

Real-world cases

Three cases from 2024 show the same playbook and, importantly, the single control that decided each outcome.

Arup, about 25 million US dollars lost. A finance employee at the engineering firm’s Hong Kong office joined a video call with people who looked and sounded like the UK-based CFO and several colleagues. Every participant except the employee was a real-time deepfake, built from public footage. He made 15 transfers totalling around 200 million Hong Kong dollars before he contacted head office and learned the meeting never happened. The control that would have stopped it: verifying the payment out of band, through a known channel, before sending a single transfer, not after.

WPP, attack failed. Fraudsters cloned the voice of CEO Mark Read and used a fake WhatsApp account and a Microsoft Teams meeting to target an agency leader, impersonating Read in the chat window. The attempt failed because the targeted executive recognised the red flags, a secret new venture, requests for money and personal details, and verified instead of acting. The control that worked: trained vigilance. As Read put it to staff, just because an account has his photo does not mean it is him.

Ferrari, attack failed. An attacker cloned the voice of CEO Benedetto Vigna, accent and all, in an attempt to push through an urgent request. An executive ended the call by asking a question only the real Vigna could answer. The control that worked: a personal verification question agreed in advance.

Deepfakes and compliance

Deepfake fraud is now woven into several regulatory regimes. The duties below are the ones a Swedish board most needs to understand.

NIS2 and Cybersäkerhetslagen. Sweden transposed the EU NIS2 Directive into national law as Cybersäkerhetslagen (SFS 2025:1506), in force since 15 January 2026. Article 21 requires security awareness training and incident handling, the measures that address social-engineering attacks like these. Under Article 20 the board is accountable for those measures, and supervisory authorities can hold board members personally responsible. Read our NIS2 compliance guide for Sweden for the full obligation set.

The EU AI Act. From 2 August 2026, Article 50 of the AI Act requires deepfakes to be clearly labelled as artificially generated, and the rule applies even when there was no intent to deceive. Breaching the labelling duty can cost up to 15 million euros or 3 percent of global turnover. This duty targets legitimate deployers of AI, not criminals, so it helps the wider information ecosystem rather than stopping a fraudster directly.

DORA and GDPR. For financial entities, DORA Article 17 governs ICT incident management, supervised by Finansinspektionen. If a deepfake attack leads to a breach of personal data, GDPR Article 33 still requires notification to IMY within 72 hours. See our DORA compliance overview for the financial-sector detail.

How to spot a deepfake

There are tells, but treat them as hints, not proof. Real-time deepfakes increasingly pass visual inspection, and the people fooled at Arup were professionals looking at familiar faces.

  • Visual: unnatural or absent blinking, lip movements slightly out of sync, odd lighting at the hairline, blurred or warping edges around the face, a stiff or fixed gaze.
  • Audio: flat intonation, unusual pacing or breathing, a slight delay between audio and video, a robotic quality under emotion.
  • Behavioural: urgency, secrecy, pressure to bypass normal process, a request routed through an unusual channel, and reluctance to switch to a phone call or do a callback.

The honest caveat is that detection by eye is unreliable and getting worse. Gartner classes deepfake detection tools as necessary but not sufficient on their own, because attackers test against them and new techniques slip through. Treat verification through a separate channel, not your own perception, as the real safeguard.

How to defend against deepfakes

Deepfake fraud is defeated by process and habit, not by spotting the fake. Put the controls below in place across the teams that move money and grant access.

People. Train finance, HR, and payment-approval staff on this specific attack pattern, and make it safe to pause and verify even when the caller is senior and the matter is urgent. Brief executives that their public footage is the raw material for these attacks.

Process. This is where attacks are stopped:

  • Require dual authorisation for payments above a set threshold.
  • Verify unusual or high-value requests out of band, through a pre-agreed channel such as a callback to a number you already hold. Never verify through the channel the request arrived on.
  • Agree a personal verification question or code word for sensitive requests.
  • Control supplier bank-detail changes by confirming on known contact details, never details supplied in the request.
  • Adopt a simple rule that no transaction is ever too secret or too urgent for normal verification.

Technology. Add liveness and anti-spoofing to biometric checks, deepfake detection at the contact centre and in identity verification, and email authentication such as DMARC to cut the spear-phishing that usually starts the chain. Remember Gartner’s point: these tools support the process, they do not replace it. If you only do one thing, make every high-value or unusual request verified through a second, known channel before anyone acts.

This post is also available in: Svenska

Myths & Facts

Myth

Deepfakes only target celebrities and politicians.

I can spot a deepfake if I look closely enough.

A live video call proves the person is real.

Deepfakes are hard and expensive to make.

Detection software will catch them for us.

This is a problem for the IT or security team to solve.

Fact

Most measured financial losses now come from corporate fraud. Criminals impersonate CFOs, suppliers, and colleagues to authorise payments. Any organisation that moves money is a target.

Real-time video deepfakes increasingly pass visual inspection. The people fooled at Arup, WPP, and Ferrari were professionals looking at familiar faces. Verification, not your eyes, is the control.

The Arup fraud used a live video call where every participant except the victim was a deepfake. A call is a channel, and channels can be faked. Verify through a second, separate one.

Voice cloning needs 20 to 30 seconds of audio, and free tools build a usable face swap in under an hour. The source footage is scraped from LinkedIn, YouTube, and recorded meetings.

Detection helps but is not a guarantee. Tools miss new techniques, and attackers test against them. Gartner advises pairing detection with process controls and human verification habits.

Deepfake fraud targets finance, HR, and payment approvers, not servers. The fix is a verification culture and dual-authorisation rules that those teams own and use every day.

Test Yourself

Four real-world scenarios, then six knowledge questions. See how prepared you would be under pressure.

Scenario simulation

  1. You work in finance. The CFO joins a video call with two colleagues you recognise and asks you to wire funds today for a confidential acquisition.

    What do you do?

    • Pause and verify by calling the CFO on their known number before doing anything.
    • Proceed, because you can see and hear the CFO and trusted colleagues.
    • Reply in the meeting chat asking them to confirm in writing.
  2. A WhatsApp message from your CEO sets up a quick Teams call about a secret new venture and asks for your passport and a transfer.

    What is the safest move?

    • Treat the secrecy and the WhatsApp channel as red flags and verify with the CEO's office directly.
    • Join the call, and if the voice sounds right, comply.
    • Forward the message to a colleague and proceed if they agree.
  3. A supplier emails new bank details for an invoice due tomorrow, and follows up with a voicemail from the account manager confirming the change.

    How do you handle it?

    • Call the supplier back on the number you already hold on file to confirm the change.
    • Update the details, since the voicemail confirms the email.
    • Pay the old account to be safe.
  4. On a call, an executive pressures you to skip the usual two-person sign-off because the matter is urgent and confidential.

    What do you do?

    • Decline to bypass dual authorisation and escalate through the normal process.
    • Make an exception this once, given the seniority of the caller.
    • Ask the caller to put the urgency in an email first.

Knowledge test

  1. Roughly how much audio does it take to clone a convincing voice?

    • A few seconds, 20 to 30
    • About 10 minutes
    • An hour or more
    • A full day of recordings

    The World Economic Forum reports that 20 to 30 seconds of clear speech is enough to clone a usable voice.

  2. In the 2024 Arup case, who on the fraudulent video call was real?

    • The CFO
    • Several colleagues
    • Only the finance employee who paid
    • Everyone

    Every participant except the targeted employee was a real-time deepfake.

  3. What is the single most reliable defence against an impersonation request?

    • Looking closely for visual glitches
    • Verifying through a separate, known channel
    • Trusting a live video feed
    • Checking the caller's profile photo

    Out-of-band verification through a channel you already trust is what stops these attacks, because the request channel itself can be faked.

  4. From which date does the EU AI Act require deepfakes to be labelled?

    • 1 January 2026
    • 2 August 2026
    • Already in force since 2024
    • There is no such rule

    The Article 50 transparency obligations, including deepfake labelling, apply from 2 August 2026.

  5. Which NIS2 duty most directly addresses the human side of deepfake fraud?

    • Encryption at rest
    • Security awareness training
    • Network segmentation
    • Asset inventory

    NIS2 Article 21.2g requires security awareness training, which builds the verification reflex these attacks rely on people lacking.

  6. Why is deepfake detection software not enough on its own?

    • It is illegal in the EU
    • It only works on still images
    • Attackers test against it and new techniques slip through
    • It is too expensive for any business

    Gartner classes detection as necessary but insufficient, because tools miss novel methods and must be paired with process controls.

Take it with you

Share the Summary PDF with Your Team

A short distilled brief in PDF: key findings, red flags and action steps.

Download summary PDF

Why Training Matters

The three cases above turned on one thing: whether a person paused and verified before acting. That is a habit, and habits are built by training. The employee at Arup was cautious by instinct but had no rule that told him to verify a live video call through a separate channel. The executives at WPP and Ferrari did, and the attacks failed.

This is also a legal expectation. NIS2 Article 21.2g makes security awareness training a required measure, and Cybersäkerhetslagen brings that duty into Swedish law. Training your finance and approval teams to recognise deepfake-led social engineering, and to verify without fear of looking foolish, is now both the strongest control you have and a compliance obligation. eBuilder Security delivers security awareness and phishing-simulation training built for Swedish teams.

Frequently Asked Questions

What is a deepfake?

A deepfake is synthetic audio, video, or imagery generated by AI to convincingly imitate a real person's face or voice. The EU AI Act defines it as AI-created or AI-modified content that imitates real people or events in a way that could mislead. Criminals use deepfakes to impersonate executives and authorise fraudulent payments.

How do criminals use deepfakes to commit fraud?

Criminals clone an executive's voice or face from public footage, then join a call or send a message posing as that person to authorise an urgent payment. The 2024 Arup case used a deepfake video meeting to trigger about 25 million dollars in transfers. Most attacks begin with a spear-phishing email.

Can you tell if a video call is a deepfake?

Not reliably. Real-time deepfakes increasingly pass visual inspection, and the professionals targeted at Arup, WPP, and Ferrari were fooled by familiar faces. Watch for unnatural blinking, lip-sync mismatch, and pressure for secrecy, but treat verification through a separate channel as the real safeguard.

How do you protect a business against deepfake fraud?

Require dual authorisation for payments above a set threshold and verify unusual requests out of band, through a pre-agreed channel such as a callback to a known number. Add a personal verification question for high-value transfers, and train finance and approval staff to pause and check, because process stops these attacks.

Are deepfakes illegal in the EU?

Creating a deepfake is not banned outright, but from 2 August 2026 the EU AI Act requires deepfakes to be clearly labelled as artificially generated. Using a deepfake to commit fraud is already a crime under existing law. Penalties for breaching the labelling duty can reach 15 million euros or 3 percent of global turnover.

Does NIS2 cover deepfake threats?

Yes, indirectly. NIS2, in force in Sweden as Cybersäkerhetslagen since 15 January 2026, requires security awareness training and incident handling under Article 21. Those duties cover the social-engineering attacks that deepfakes supercharge, and boards can be held personally accountable under Article 20.

How much audio does voice cloning need?

About 20 to 30 seconds of clear speech is enough to clone a convincing voice, according to the World Economic Forum. That much audio is easy to scrape from a webinar, podcast, earnings call, or social video. This is why verifying, rather than trusting, a familiar voice matters so much.

What should I do if I get a suspicious request from a colleague?

Stop and verify before you act, especially if the request is urgent, confidential, or asks you to bypass normal process. Contact the person through a known, separate channel, not the one the request came in on. Never approve a payment on the strength of a voice or video alone.

Get a 30-Minute Security Briefing. No Pitch Deck.

Talk to a Sweden-based analyst. We'll review your posture, map your NIS2 gaps, and give you a clear picture of where you stand, in plain language.

Book a Free Briefing
No commitment Sweden-based analyst

How eBuilder Security Can Help

Awareness is the first layer. These are the services that turn it into measurable protection.