Deepfake is an audio-visual manipulation based on AI-technology. Different video deepfakes have been published in less than 10 years, however the audio deepfakes have been recently growing more popular. In recent years, different applications have been developed to produce deepfakes, video or audio content. Despite the rapid growth of artificial intelligence and the increase in the number of programs that enable Deepfakes, there is a lack of programs and tools that help us to protect ourselves from the possible manipulations carried out through deepfakes.

How deepfake phishing works?

Deepfake phishing can compromise our security both professionally and personally. Phishers can now use deepfakes to create manipulated images, videos and audio recordings. Programs developed for entertainment, such as applications showing you at another age, gender or race, have been collecting data that can produce deepfakes of anyone - not only of public figures, as has been the case so far. Access to that data by phishers enables them to carry out the attack using deepfakes to achieve their goal, which is to manipulate people and compromise their security. In addition to emails and messages, now video calls and voice messages have become more sophisticated, as a result of the involvement of technology and deepfakes in phishing. So, phishers can use deepfakes during an online meeting by creating a person who does not exist, or using someone else's face to manipulate others, as happened in China when a person transferred over 600 thousand dollars without realizing that he is a victim of a fraud. Deepfake phishing has also been used in audio messages, and there are already programs that clone anyone's voice, such as the program developed by Microsoft: VALL-E.

How to mitigate the risk of deepfake phishing?

In the absence of adequate programs or tools when it comes to phishing, some unusual requests for different amounts of money should raise suspicion. With phishing deepfakes, these requests can come out even more convincing, but we all need to develop the ability for critical judgment and learn some ways of finding anomalies in a deepfake phishing. They are certain red flags related to technology, but it is also important to go beyond the technological scope.

Tech-related issues are:

  • Jerky head,

  • Lip sync inconsistencies,

  • Torso movements,

  • Unusual audio cues.

Beyond technology, it is important to:

  • Stay informed, as awareness could be the key to identifying potential threats.

  • Be skeptical of any requests for sensitive information like passwords, credit card details, etc.

  • Be cautious if something looks too good to be true or raises doubts.

So, success in protecting against deepfake phishing depends on us: on our interest in keeping up with technological developments, being well informed about innovations and risks, and on our care about personal or professional information that we share online with others.


The technology of deepfakes is a 'fast train' which continues to bring to the world innovations that amaze us, but at the same, it brings some dangers that we must be very careful of. The refinement of deepfakes makes it an even more dangerous tool in the hands of fraudsters and manipulators. The difficulty in detecting it, multiplies this fast-growing threat. In all this, institutions and organizations must work internally on raising awareness of these innovations and risks, and being prepared not to believe a priori, regardless of videos, photographs or audio messages that may be quite convincing. Always try to verify beforehand!

💡 Interested in learning more about information disorders? Enroll in our free, self-paced course on Countering Disinformation today!

Background illustration by: your123