Detect Deepfakesby Resemble AI
Glossary

Deepfake fraud

Also: AI fraud · synthetic media fraud · deepfake financial fraud

Deepfake fraud is financial crime enabled by AI-generated media — cloned executive voices authorizing transfers, synthetic identities passing KYC checks, face-swapped video calls, and fabricated evidence in claims. It is the enterprise-scale form of the deepfake scam, and the fastest-growing fraud vector measured since 2024.

Deepfake fraud is what a deepfake scam becomes at enterprise scale: not one spoofed call but a systematic attack on the assumption that seeing or hearing someone is proof of identity. Every workflow that lets a voice or a face authorize value — payment approvals, KYC onboarding, claims evidence, help-desk resets — is now an attack surface.

The loss data

  • $12.5 billion in reported US internet-crime losses in 2024 (FBI IC3), with impersonation-enabled categories growing fastest.
  • 245% year-over-year increase in deepfake-enabled fraud attempts measured by Sumsub across onboarding and verification flows.
  • 46% of businesses report having been targeted by deepfake attacks at least once (Mastercard, via our statistics roundup).
  • $25.6 million lost in a single incident — Arup's deepfaked video meeting, the canonical enterprise case.

The four enterprise attack surfaces

1. Payment authorization

Cloned executives order transfers by phone or video meeting. The Arup and Ferrari cases bracket the outcomes: $25.6M lost with no verification, $0 lost with one challenge question. The full call-level anatomy is on the vishing attack page.

2. KYC and onboarding

Synthetic faces and face-swapped liveness attempts defeat naive selfie checks; stolen identities get "brought to life" for account opening. Modern flows layer liveness detection with media-level deepfake detection on the submitted video itself.

3. Call centers and help desks

Voice clones of customers (account takeover) or IT staff (credential resets) target the phone channel, where email-grade filtering has never existed. The call-center playbook covers real-time screening; the consumer-facing version of the same scripts is cataloged under vishing examples.

4. Claims and evidence

Fabricated damage photos, doctored audio, and synthetic documents enter insurance and legal workflows as "proof." Media forensics — provenance checks plus detection — moves from nice-to-have to underwriting control; see the insurance guide.

The control stack that works

LayerControlWhat it defeats
ProceduralOut-of-band callback + dual approval for payments and resetsEvery voice clone and spoofed channel
IdentityLiveness + document checks at onboardingSynthetic-identity KYC fraud
TechnicalAutomated deepfake detection on calls, meetings, submitted mediaCloned voices, face swaps, fabricated evidence
HumanChallenge questions; urgency treated as an alarmSocial engineering under time pressure

The technical layer is where most programs are catching up. Detection models return a synthetic-vs-real verdict on any recording — test the public versions on this site: audio, image, video. Enterprises run the same models continuously via the Resemble AI API, feeding fraud-ops queues and trust-and-safety workflows; the banking playbook shows the integration pattern, and watermarking plus provenance close the loop on media your own organization publishes.

Why this is a standing program, not a one-time fix

Generation and detection co-evolve. New video models — see the Seedance viral moment — reset public expectations of what's fakeable roughly every quarter, and fraud kits industrialize each advance within months (deepfake-as-a-service is already a market). The organizations that stay ahead treat deepfake fraud like phishing circa 2010: a permanent control domain with budget, metrics, and drills — not a news cycle. The Deepfake Incident Database exists to keep that threat model current, with every entry cited to primary sources.

Frequently asked questions

What is deepfake fraud? Financial crime that uses AI-generated media to defeat identity trust — cloned executives authorizing payments, synthetic KYC identities, fabricated claims evidence.

How big is the problem? 245% YoY growth in attempts (Sumsub), 46% of businesses targeted (Mastercard), single losses up to $25.6M.

Which industries are most exposed? Banking, insurance, call centers/KYC operations — anywhere a voice or video call can move money or reset credentials.

How is it detected? Layered controls: callbacks and dual approval, liveness at onboarding, and automated deepfake detection on calls, meetings, and submitted media.