Glossary
What is deepfake?
A deepfake is synthetic media — audio, video or images — generated by AI to convincingly imitate a real person. In cybersecurity, deepfakes supercharge social engineering: a cloned voice or video of an executive can authorize fraud that a plain email never could.
How deepfakes enable fraud
Attackers can now clone a familiar voice from seconds of audio, or fake a video call, to make an urgent request feel unquestionably real. This turns business email compromise and vishing into far more believable attacks.
Because the impersonation looks and sounds genuine, deepfakes bypass the instinct that something is 'off' — making process and verification, not gut feel, your best defense.
Spotting and resisting deepfakes
Watch for unnatural pauses, mismatched lip-sync, odd lighting and pressure to act immediately or in secret. But the most reliable defense is a verification habit: confirm any high-value request through a separate, trusted channel.
How to prevent deepfake
- Verify urgent voice or video requests through a known, separate channel.
- Require dual approval for payments and sensitive changes.
- Be skeptical of secrecy and time pressure, even from a familiar face or voice.
- Train staff that 'it sounded like them' is no longer proof.
How HookPhish helps
HookPhish trains people to rely on verification rather than gut feel, so a convincing deepfake voice or video can't bypass your payment and access controls.
Frequently asked questions
How are deepfakes used in attacks?+
Attackers use cloned voices or fake video to impersonate executives or colleagues and authorize fraudulent payments or data access — a powerful form of social engineering.
Can you detect a deepfake?+
Some have visual or audio tells, but the most reliable defense is to verify high-value requests through a separate, trusted channel rather than trusting how something looks or sounds.
Why are deepfakes a growing threat?+
AI makes convincing voice and video cloning cheap and fast, so impersonation attacks are becoming far more believable.
Security training designed for people. Built for enterprise.
Learn how HookPhish can effortlessly transform your security program and reduce your human cyber-risk.
Fill out the form to schedule a 30-minute chat with a product expert. We'll discuss the challenges you want to solve, walk through HookPhish, and answer any questions.
Book a personalized demo
Looking to become a partner? Use this form instead.