Defending against deepfake cyberattacks: Why trust is the new security perimeter

Deepfake technology is now a legitimate enterprise level threat. What started as a potentially disturbing AI capability has rapidly become a powerful tool for cybercriminals and one that exploits the most fundamental element of business communication: trust.

A new report from Info‑Tech Research Group, Defend Against Deepfake Cyberattacks, breaks down how to understand and assess the risk deepfakes pose to organizations of all sizes.

Among the contributors to this research were Acronis experts Oleg Ishanov, Director of Threat Research, and Gerald Beuchelt, Chief Information Security Officer. Key takeaways from the report should serve as a warning that every organization needs to consider developing a structured defense against deepfake cyberattacks.

The report makes one point particularly clear: Deepfakes are a human challenge more than they are a technical challenge. Attackers have mastered the impersonation of executives, colleagues and vendors through AI-generated threats, including audio, video and text. They’re often able to bypass traditional controls and prey on human frailty.

Some eye-opening statistics from Info-Tech include:

• Nearly 49% of global businesses have already encountered deepfake scams.
• It can take as little as 10 seconds of audio to clone someone’s voice convincingly.
• Only about 30% of organizations fully understand the deepfake threat landscape.

This combination of ease, speed and believability gives attackers a major advantage. Employees have to be the last line of defense, so they need to be prepared.

InfoTech’s research highlights that deepfakes have moved far beyond experimental fraud. They’re now a multimillion dollar threat vector:

• Global deepfake-related losses exceeded $200 million in Q1 2025 alone.
• The average cost of a deepfake voice scam is $600,000, with notable cases exceeding $25 million.
• Deepfakes now account for 6.5% of all fraud attempts.

And these attacks aren’t limited to high profile targets. Because deepfake tools are widely accessible and require minimal skill, attackers can also target midmarket and smaller organizations.

One of the most important themes in the report is that technology cannot be the sole defense strategy. Detection tools exist, but they can be inconsistent and are sometimes reactive. Deepfakes can evolve too quickly for automated tools to keep up.

InfoTech emphasizes a three pillar defense strategy:

Employees must be trained to recognize deepfake red flags, including unusual urgency, unfamiliar numbers, inconsistencies in tone or phrasing, or unexpected secrecy. A Ferrari case study in the report illustrates this perfectly: Only a well-trained executive prevented a costly scam.

Verification protocols, such as secondary confirmations, code phrases, and out of band checks, should be routine. Zero trust must extend beyond systems to communications.

Tools should support human vigilance, flag anomalies, and introduce layers of defense, but organizations should avoid overreliance on technology alone.

To help organizations operationalize deepfake defense, Info‑Tech offers a deepfake threat assessment tool to guide security leaders through identifying vulnerabilities, evaluating controls and prioritizing risk.

The framework includes three major steps:

Using Info‑Tech’s list of 20 researched threat scenarios, organizations can pinpoint the tactics attackers are most likely to use.

A structured questionnaire enables organizations to determine preparedness across training, communication workflows and authentication practices.

Organizations can model which scenarios pose the greatest operational, financial or reputational risk and allocate resources accordingly. This methodology helps eliminate guesswork and transforms subjective fears into objective, measurable risks.

Beyond assessment, the report outlines a full lifecycle approach to strengthening resilience:

• Employee training programs focused on verification behaviors.
• Deepfake-specific incident response runbooks integrated into crisis communications and fraud prevention workflows.
• Tabletop exercises designed to simulate deepfake attacks and test real-world readiness.

The overarching message is that preparing for deepfake threats is not optional. It is a strategic necessity.

For deeper insights, frameworks, and tools, access the report.