Is your business ready for deepfakes?

Whatever your level of expertise, deepfakes are here to change the world as we know it. Unfortunately, we now increasingly see them weaponized and used to attack individuals, employees, and organizations. Advances in real-time voice and video cloning have led to a new breed of AI fraud, making it increasingly difficult to know whether what people are seeing and hearing is real or not.

Actually recent international survey of nearly 25,000 people found that 33% have already experienced deepfake attacks or scams to obtain personal information and/or money.

And while the report found that the general public appears to be adjusting to the threat, with 49% affirm they question the authenticity of the news and 60% the authenticity of online content is greater than before, the same cannot be said for business. Only selected studies show 30% of managers consider cybersecurity to be the most important priority in their organization – with deepfakes rating the lowest threats in terms of general concern.

Combine this with the fact that there was a 223% growth in buying and selling deepfake tools on the dark web between the first quarters of 2023 and 2024, and only quarter organizations have comprehensive strategies to deliver positive employee experiences and results with generative artificial intelligence, the question now becomes “What should companies do?” The answer is that it is now very important for them to be educated about deepfake technology.

Simply put, it means a major shift in how the organization thinks about everything that happens online. Success will come from a combination of enhanced cybersecurity policies, leadership alignment, and above all, thorough staff education and training both quickly and at scale.

This last part is vital, as the pace of technological progress around deepfakes, combined with the more general dynamism of the IT landscape, means that both employers and employees must adapt quickly to minimize disruption and maintain business continuity. In addition, improving skills at scale ensures that organizations have the necessary internal infrastructure and talent to succeed in this new environment, leading to increased productivity, reduced errors and better overall performance.

Both employees and employers need:

• Be skeptical of content that seems too good to be true. Deepfakes are often used to create fake news or spread misinformation. If something seems too outrageous or unbelievable, it’s best to err on the side of caution and check it out before sharing it. Check the official page of the company (on some platforms this may be marked with a blue tick).
• Question non-character queries. Just like other forms of social engineering, deepfakes are used to attack businesses. Asking employees to change payment accounts or transfer money outside of normal protocols are two common attacks that often appear to come from the CEO or other senior executive. Be wary of these types of unusual requests and always confirm with the appropriate executives in your company before acting.
• Pay attention to the source of the content. Deepfakes often manipulate emotions to encourage the download of dangerous software or the sharing of personal information shared via social media or other online platforms; tells you to “act now” because your computer is hacked or you’ve won something. Be cautious when receiving emails, unsolicited direct messages, text messages, phone calls, or other digital communications if the source is unknown and always verify the identity of the sender.
• Look for signs of manipulation. Deep fakes are often created by manipulating existing videos or images, and upon proper inspection, most people can detect things like irregular vocals and shadows around the eyes of an AI-generated human. Look out for things like unnatural movements, strange facial expressions or inappropriate lighting, as well as choppy sentences, strange language and unnatural emphasis on words. Other notable features include unrealistic mouth movements, blinking, and unnatural looking body parts. As deepfake technology improves, it becomes increasingly difficult to spot the subtle inconsistencies that fake video can give away, making security testing, monitoring, and dedicated detection tools essential to detect manipulated content.
• Educate yourself about deepfakes. The more you know about deepfakes, the better equipped you will be to detect and protect against them. Being a fast-changing phenomenon, staying up-to-date can help you stay on top of things. You don’t have to become an expert, but you should stay up-to-date on deepfake news as it will help you spot suspicious content as the technology continues to evolve.
• Invest in deep counterfeit protection. This includes security testing, monitoring and deepfake detection based on key technologies to stay ahead of deepfake threats that can affect customer contact centers, business video conferencing and other critical touchpoints.

The increasing use of deepfake technology by cybercriminals to orchestrate targeted attacks demonstrates the sophisticated lengths they are willing to go to in order to trick their victims. To reduce these risks, organizations need to adopt robust solutions to detect and protect against deepfakes. The financial burden associated with rebuilding an organization’s reputation and restoring customer trust after a successful deepfake attack far outweighs the cost of early implementation of robust cybersecurity protocols.

Ultimately, deepfake technology is a rapidly growing threat that companies and the public alike need to take seriously and prepare for. This requires a mindset shift when it comes to how we think about the content we consume online and how we communicate digitally.