TL;DR
Deepfake-powered social engineering attacks have exploded — cases surged 1,740% between 2022 and 2023, and deepfake-enabled fraud drove over $200 million in losses in Q1 2025 alone. Attackers can clone a voice from 20 seconds of audio and spin up a convincing deepfake video in under an hour. If your organization doesn't have verification protocols for high-value transactions and executive communications, you're a target waiting to be hit.
The $25 Million Video Call That Wasn't Real
In January 2024, a finance worker at multinational engineering firm Arup received a message purporting to be from the company's UK-based CFO requesting an urgent wire transfer. The employee was suspicious — until he joined a video conference call and saw the CFO and several colleagues on screen, looking and sounding exactly as expected. He authorised transfers totalling HK$200 million (approximately $25.6 million AUD). Every person on that call was a deepfake. Fraudsters had trained AI models on publicly available video and audio from online conferences and virtual meetings.
This wasn't an anomaly. It's the new normal. Deepfake fraud cases surged 1,740% between 2022 and 2023, and 2025 saw an 83% increase in deepfake-based CEO fraud attempts, according to CrowdStrike's 2025 Threat Hunting Report. Over half of businesses in the US and UK have been targeted by a deepfake-powered scam, and 43% have actually fallen victim. The Australian Signals Directorate's Essential Eight and similar frameworks were not designed for a world where your CFO's face and voice can be replicated from a LinkedIn video.
What makes this different from traditional social engineering:
- Attackers clone voices with just 20–30 seconds of audio — a snippet from any podcast, webinar, or voicemail.
- Deepfake video can be produced in roughly 45 minutes using consumer-grade tools.
- AI-generated phishing emails achieve 72% open rates, double the 36% rate of traditional phishing.
- 82.6% of detected phishing emails now contain some form of AI-generated content.
Beyond Deepfakes: The Broader AI Threat Landscape
Deepfakes are the headline-grabber, but they're one vector in a rapidly expanding AI-powered attack surface.
AI-Augmented Business Email Compromise (BEC). BEC remains the costliest cybercrime category — $2.77 billion in US losses in 2024 alone, from just 21,442 complaints. AI now lets attackers craft perfectly personalised, grammatically flawless emails at scale. A 1,265% surge in phishing attacks has been linked to generative AI tools. Vishing (voice phishing) surged 442%, smishing grew 40%, and QR phishing increased 400% as attackers exploit multiple channels simultaneously.
Prompt Injection and AI Agent Security. As businesses deploy AI agents for customer service, internal operations, and decision support, prompt injection attacks are emerging as a critical vulnerability. Maliciously crafted inputs can manipulate AI agents into leaking sensitive data, executing unauthorised actions, or bypassing safety guardrails. This is a supply-chain risk: if your AI agent has access to internal systems, a prompt injection is effectively an authentication bypass.
Model Theft and Intellectual Property. Custom-trained models represent significant investment. Model extraction attacks — where adversaries systematically query an AI API to reconstruct a functional copy of the model — pose a real risk to organisations deploying proprietary AI. Stolen models can be used to craft more targeted attacks or sold to competitors.
Polymorphic Malware. AI enables malware that rewrites its own code to evade signature-based detection, making traditional antivirus increasingly ineffective against sophisticated threats.
How to Detect Deepfake Attacks
Detection is an arms race, but there are practical steps that work today.
Voice Authentication Red Flags:
- Unusual pauses or robotic cadence in speech patterns.
- Requests for urgent, unusual financial transactions.
- Callers refusing to use established verification channels.
- Background noise that sounds artificial or looped.
- Slight lip-sync drift in video calls — watch for uncanny valley cues around mouth and eye movements.
Technical Detection Tools:
- Pindrop and Nuance offer real-time voice authentication and deepfake detection for call centres.
- ZeroFox and Reality Defender provide deepfake detection across social media and video channels.
- FIDO2 hardware keys (YubiKey) defeat phishing and credential theft even when deepfakes succeed at the human layer — the attacker still can't produce the physical token.
- AI-based email security platforms (Mimecast, Proofpoint, StrongestLayer) analyse email intent and context rather than just signatures, catching AI-generated phishing that bypasses legacy filters.
Process Controls (Often More Effective Than Technology):
- Enforce a mandatory callback verification for any transaction above a set threshold. Not to the number that called — to a known, stored number.
- Implement dual-authorisation for wire transfers and financial changes.
- Establish a pre-agreed code word or phrase for executive communications involving sensitive actions.
- Train staff specifically on deepfake social engineering — generic phishing awareness is no longer sufficient. KnowBe4 reports that untrained employees have a 33.1% click rate on phishing links; trained employees drop below 5%.
ISO 27001 SMB Starter Pack — $147
Everything you need to start your ISO 27001 journey: gap assessment templates, policy frameworks, and implementation roadmap built for SMBs worldwide.
Get the Starter Pack →The Governance Framework You Need
Technology alone won't save you. Businesses need governance frameworks that address AI-specific threats.
Map your AI attack surface. Identify every point where AI touches your business — customer-facing chatbots, internal AI agents, third-party AI services, and employee use of public AI tools. Each is a potential vector.
Adopt an AI security standard. Australia's Artificial Intelligence Ethics Framework and the NIST AI Risk Management Framework (AI RMF 1.0) provide structured approaches. Key elements: risk assessment, transparency requirements, human oversight of AI-driven decisions, and incident response plans that specifically cover AI-enabled attacks.
Update your incident response plan. Traditional playbooks don't cover "CFO's face was cloned and authorised a wire transfer." Your IRP needs scenarios for deepfake social engineering, AI-generated phishing campaigns, and AI agent compromise.
Mandate phishing-resistant MFA. FIDO2 passkeys or hardware tokens are the single most effective control. They defeat adversary-in-the-middle attacks and credential harvesting regardless of how convincing the deepfake is.
Budget for AI security. McKinsey reports that 40% of businesses plan increased investment in AI and cybersecurity. If you're not in that group, you're accepting risk you probably haven't quantified.
FAQ
How much does a deepfake attack cost a business? The Arup case cost $25 million. Deepfake-enabled fraud totalled over $200 million in Q1 2025 alone. But the average BEC loss — now increasingly AI-powered — is $4.67 million per incident according to FBI IC3 data. Even small businesses face significant risk; a single convincing deepfake call can drain operating accounts.
Can deepfake detection tools keep up with the technology? It's an arms race. Detection tools are improving — voice analysis can flag synthetic audio with high accuracy, and video analysis tools are getting better at spotting artefacts. But the best defence is layered: detection technology plus process controls (callback verification, dual authorisation) plus phishing-resistant MFA. No single control is sufficient.
What should we do right now, this week? Three immediate actions: (1) Implement mandatory callback verification for any financial transaction or credential change requested via phone or video. (2) Deploy FIDO2 hardware keys for all staff with financial or administrative access. (3) Run a deepfake-specific tabletop exercise with your finance and security teams — walk through the Arup scenario with your company's name on it.
Is Australia specifically at risk? Yes. The ACSC continues to report increasing sophisticated social engineering targeting Australian organisations. Australian businesses face the same threats as global firms but often have less mature cybersecurity programs. The average cost of a data breach in Australia reached $4.26 million in 2024, and AI-powered attacks are accelerating that trend.
Conclusion
The threat landscape has fundamentally changed. Deepfake social engineering isn't a future risk — it's a present-day weapon that has already cost businesses hundreds of millions. The $25 million Arup loss wasn't a sophisticated nation-state attack; it was criminals with consumer-grade AI tools and publicly available video footage.
Your next steps are clear: map your AI attack surface, implement process controls for financial transactions, deploy phishing-resistant MFA, and update your incident response plan for AI-enabled threats. The organisations that act now will weather this shift. Those that don't will learn about it from their finance team after the money is gone.
Visit lil.business/book for a free cybersecurity assessment — we'll identify your exposure to AI-powered threats and build a practical remediation roadmap.
References
- FBI Internet Crime Report 2024 — Business Email Compromise Statistics
- NIST AI Risk Management Framework (AI RMF 1.0)
- CrowdStrike 2025 Threat Hunting Report — Deepfake and Voice Attack Trends
- CNN: Finance Worker Pays Out $25 Million After Deepfake CFO Video Call
- ZeroFox: The Deepfake Economy — Q1 2025 Loss Analysis
Qualified Triage
Need to prove security trust?
We verify authority first, minimise access, define scope, and help you collect evidence for insurers, customers, tenders, auditors, and AI governance reviewers.
Start Qualified Triage →