Cybersecurity in the Age of Deepfakes: Can We Still Trust What We See?

Just a few years ago, a fake recording of a company CEO’s voice or a doctored video of a politician would have sounded like the plot of a thriller. Today, it’s an everyday reality faced by corporations, public institutions, and ordinary internet users around the world. Deepfake technology—for that is what we’re talking about—has entered a phase of widespread use, radically changing the rules of the game in cybersecurity. The question “Can we trust our own eyes?” is no longer rhetorical; it has become one of the most serious challenges of our time.

What is a deepfake, and how does it work?

The term “deepfake” is a portmanteau of “deep learning” and “fake.” This technology uses advanced artificial intelligence algorithms, specifically generative adversarial networks (GANs—Generative Adversarial Networks), which learn from massive datasets of video, audio, and photo recordings to then imitate a specific person with high precision—including their appearance, voice, facial expressions, and even characteristic gestures.

Importantly, the barrier to entry for deepfake creators is constantly lowering. Just a few years ago, creating a convincing fake video required specialized technical knowledge and expensive equipment. Today, Deepfake-as-a-Service (DaaS) platforms offer ready-made tools for voice cloning and video generation to people without any technical training. Cloning a voice requires just a few seconds of an audio sample—roughly the length of a single statement recorded during a press conference or in a social media video.

Risk Scale: Numbers That Don't Lie

The statistics on financial losses caused by deepfake scams are alarming. In 2025, global losses from such scams reached a record high of $1.1 billion—three times more than in 2024, when they totaled $360 million, and nine times more than the total losses for the entire 2020–2023 period. In the first quarter of 2025 alone, losses caused by deepfake attacks exceeded $200 million.

At the level of individual incidents, the picture is equally alarming: the average business loss caused by a single deepfake attack exceeds $280,000, and in the case of large corporations, it reaches as high as $680,000. More than 60% of companies that suffered losses as a result of deepfake attacks lost over $100,000, and nearly one in five organizations lost over half a million.

Social media platforms are now the distribution channel for the vast majority of fraud cases—they account for 83% of all financial losses related to deepfakes. Three platforms—Facebook ($491 million in losses), WhatsApp ($199 million), and Telegram ($167 million)—account for a combined 93% of the losses recorded on social media.

Deepfakes in Action: High-Profile Cases from Recent Years

These numbers, which seem abstract to us, take on greater significance when we look at specific incidents. One of the most spectacular attacks occurred in Hong Kong, where a finance employee at a large company took part in a video conference that his superiors were supposedly also attending. Every face visible on the screen was a deepfake, and every voice was a clone created from publicly available recordings. Convinced of the meeting’s authenticity, the employee authorized a transfer to the cybercriminals totaling over 195 million Hong Kong dollars (25 million U.S. dollars).

In March 2025, a similar fate befell the CFO of a company in Singapore, who fell for a fake video conference with the board of directors and transferred $499,000 to the criminals. Earlier, back in 2019, a British energy company lost $243,000 when its CEO transferred the money to the specified account, unaware that he was speaking with a synthetic voice clone of his superior at the parent company in Germany.

These attacks have one thing in common: the victims actively tried to verify the identities of the people they were talking to—and were still deceived. This is what changes the game. Traditional verification methods based on visual and auditory recognition are no longer reliable.

Who is vulnerable to deepfakes?

What’s more, it’s not just corporations that are being targeted. According to a Resemble AI report for the first quarter of 2025, 41% of the targets of deepfake attacks were public figures—politicians and celebrities—but as many as 34% were private citizens. The methods of these attacks also vary: from financial fraud, through blackmail and smear campaigns, to manipulating public opinion ahead of elections.

Attacks that bypass biometric authentication systems are particularly dangerous. According to a 2026 report by Entrust, deepfakes are already linked to one in five biometric fraud attempts, and injection attacks have increased by as much as 40% year over year.

Political disinformation on a massive scale is another area where deepfakes are prevalent. Fake videos of political leaders—supposedly admitting to controversial actions or making provocative statements—can instantly reach millions of viewers and create lasting beliefs—even after they have been exposed.

Cybersecurity: How to Detect Deepfakes?

The cybersecurity industry’s response to this growing threat is a suite of automated deepfake detection tools based on machine learning models—such as MesoNet, which can detect subtle visual and audio artifacts that are completely invisible to the human eye: unnatural blinking, lighting inconsistencies, or a lack of synchronization between lip movement and speech. Intel’s FakeCatcher technology goes even deeper by analyzing microscopic changes in blood flow beneath the skin—remote photoplethysmography (rPPG)—which even the most advanced deepfake generators are unable to replicate.

At the same time, cross-modal analysis methods are being developed that compare voiceprints, facial biometrics, and file metadata simultaneously, detecting discrepancies even when each of these elements appears authentic on its own. The entire detection ecosystem is complemented by watermarking and digital provenance—invisible watermarks embedded directly into AI-generated files that enable tracking of their origin and verification of authenticity at every stage of content distribution.

Zero Trust: Trust the Process, Not Perception

In the face of threats that undermine the value of sensory perception, the Zero Trust model is becoming increasingly important—a security architecture based on the fundamental premise that no user, device, or network connection is inherently trustworthy and must be verified with every access attempt.

In the context of deepfakes, the Zero Trust philosophy translates into specific organizational practices. The first of these is multi-channel verification, also known as “out-of-band verification”—any sensitive request regarding a transfer, a change to access credentials, or the disclosure of confidential information must be confirmed via an independent communication channel, such as a message in the company’s internal system or direct contact with a decision-maker. This rule is supplemented by a requirement for multi-person authorization: no employee, regardless of their position, should be able to independently approve a significant financial transaction without the approval of at least one additional person.

Equally important are the principles of least privilege and access segmentation, which limit the potential scope of a social engineering attack—even if a criminal successfully impersonates a specific employee, they will encounter strict barriers that prevent them from freely navigating the organization’s resources. This is complemented by continuous session monitoring, which involves verifying device integrity and analyzing user behavioral signals in real time—not only at the moment of login, but throughout the entire duration of an active session.

The Role of Penetration Testers: The Human Element in the Defense Shield

Penetration testing specialists play an invaluable role in the arsenal of defenses against deepfakes and advanced social engineering. A pentester is an expert who—acting in an authorized manner—assumes the role of an attacker to uncover vulnerabilities in an organization’s security systems and procedures before a real cybercriminal does.

In the context of deepfakes, pentesters conduct advanced simulations of social engineering attacks, including vishing (voice phishing) scenarios that use voice cloning and fake video conferences. Such controlled tests help identify vulnerabilities not only in technical security systems but, above all, in human decision-making processes and organizational culture. A pentester can also assess the actual business impact of a potential vulnerability, which allows for the appropriate prioritization of remedial actions.

Penetration testers also conduct comprehensive resilience tests on organizations, simulating multi-stage, complex attacks that combine deepfake techniques with traditional phishing, OSINT (Open-Source Intelligence), and employee manipulation. Without such regular penetration tests, it is difficult to assess whether an organization is truly prepared for an attack that would undermine trust not only in technology but also in one’s own senses.

The Law Is Trying to Keep Up: The AI Act and Deepfake Regulations

The regulatory response to the growing scale of these threats is the EU’s Artificial Intelligence Regulation—the AI Act—adopted by the European Union in 2024. It is the first comprehensive piece of legislation in Europe that explicitly addresses AI-generated content, including deepfakes.

Under Article 50 of the AI Act, audiovisual content created or modified by AI must be clearly labeled so that audiences can recognize it as machine-generated.

However, regulations have their limits. Experts point out that regulations are struggling to keep pace with technological progress, and enforcing bans in a global and cross-border environment remains a huge challenge. Therefore, the legal framework must go hand in hand with investments in education and technology for content verification.

Cybersecurity as a Skill for the Future

The growing scale of deepfake threats is just one aspect of the transformation taking place in the field of cybersecurity. Specialists who understand both the technical mechanisms of attacks and the psychology of social engineering are worth their weight in gold on today’s job market.

Those wishing to develop their skills in this area may consider the postgraduate program in Cybersecurity of Information and Telecommunications Systems at the Polish-Japanese Academy of Computer Technology (PJAIT). The program spans two semesters and consists of 210 instructional hours, including as many as 120 hours of hands-on training conducted in collaboration with STM Cyber on the “HackingDept” platform. Students will learn about network security, cryptography, cloud security, and system attack and defense techniques; classes are conducted in a hybrid format.

For those just starting their higher education, our academy a Cybersecurity specialization within the computer science program, which combines theory with intensive hands-on training, preparing future professionals for the realities of a rapidly evolving threat landscape.

Deepfakes are not a problem of the distant future—they are a threat that exists right here and now, one that costs billions of dollars in losses and undermines the foundations of digital trust. The year 2025 confirmed that, by relying solely on their own vigilance, no organization or individual is fully immune to this type of attack.

The response to these threats cannot, of course, be paralysis or abandoning digital communication, but rather a well-thought-out, multi-layered strategy that combines modern detection tools, a Zero Trust architecture, regular penetration tests, and ongoing education.

In a world where our eyes and ears are no longer reliable witnesses, the only effective response is due process and verification—regardless of how convincing the voice on the phone sounds or how familiar the face on the screen looks.