Deepfake vs. the Three-Finger Test - Huntress
A viral encounter between scam hunter Jim Browning and a deepfake operator reveals the limitations of manual detection methods against evolving AI threats
- Incident date
- Apr 2026
- Target
- Jim Browning
On April 1, 2026, prominent scam hunter Jim Browning exposed a real-time deepfake during a Zoom call by requesting the operator hold up three fingers. The scammer’s inability to correctly render the hand—a limitation caused by how AI handles object occlusion—led to the operator stalling and eventually dropping the call. The interaction, which was documented for the Huntress series declassified, went viral as a demonstration of a manual 'three-finger test' to catch synthetic identity attacks.
What happened
The incident highlighted a specific technical vulnerability in early or lower-end real-time deepfake tools: difficulty compositing objects passing in front of a face. While the deepfake in the video exhibited common artifacts such as lip-sync lag and hair glitches, the 'three-finger trick' specifically exploited the AI's struggle with object occlusion. When challenged, the scammer deflected the request before disconnecting, confirming the presence of an unauthorized synthetic overlay.
However, experts in digital media verification, including representatives from Reality Defender and OpenOrigins, warn that this method is increasingly unreliable. As the adversarial feedback loop continues, scammers are rapidly updating their models to patch these specific rendering issues. Relying on visual 'tells' such as hand gestures, head turns, or shadow movements creates a false sense of security. Because attackers are early adopters of generative AI, they iterate faster than defensive awareness campaigns can keep up. Security professionals emphasize that the true defense against deepfake social engineering is not human vigilance, but the implementation of resilient organizational processes. Verification protocols—such as calling back on known phone numbers, requiring two-person approval for wire transfers, and mandating second-channel confirmation for executive requests—are essential to mitigate risks. Systems must be designed to catch human mistakes rather than relying on individuals to identify synthetic content in real time.