Deepfake Attacks: What’s Growing & How to Fight Back

Takeaways

• Deepfake fraud has exploded: increasing from a negligible share of fraud attempts to now making up over 6% of cases.
• Losses in early 2025 alone topped $200 million; everyone is a potential target—not just high-profile figures.
• To defend yourself, use strong identity checks, invest in detection tech (multimodal, physiological signals, etc.), limit what you share publicly, and train people to spot deepfake tricks.

What’s Changing

• Fraud caused by deepfakes rose by over 2,000% in just a few years.
• The frequency is alarming: in 2024, deepfake attacks were happening every ~five minutes.
• More than financial loss are the consequences: reputation damage, extortion, even emotional or social harm—especially among women, children, and institutions like schools.
• Many incidents cross borders, making law enforcement and legal recourse more complex.

Attack Types & Methods

• Presentation attacks, e.g., someone using a deepfake live video (during a video call) to impersonate another for scams or identity theft.
• Injection attacks, meaning prerecorded or edited deepfake content used later—for example during identity verification, onboarding, or document checks.
• Formats used vary: video is almost half of all deepfake incidents; images and audio make up the rest. Also, document forgeries are spiking: fake IDs and falsified official documents are now more common than old-style paper counterfeits.

Detection Tools & Techniques

• Machine learning trained on large datasets is identifying subtle signs: odd blinking, strange face or expression dynamics, unnatural light or shadow behavior, mismatched audio & lips, etc.
• Other methods: analyzing physiological cues (heartbeats, micro-movements) that current deepfake tools have trouble mimicking convincingly.
• Multi-modal detection (comparing audio + image + behavior) is emerging as the strongest approach; in labs these methods are already achieving over ~90% accuracy in controlled tests.

Prevention

For organizations & individuals:

• Use identity verification processes that force “live presence”—don’t just accept uploaded photos; ask for actions in real time.
• Use biometric systems that check for signs of life (e.g., gestures, voice) to make sure the person is real.
• Be careful about how much and what kind of content you share online: high-quality photos/videos in public can become raw material for deepfake creation.
• Use multi-step verification for sensitive operations—things like financial transfers, identity checks, or onboarding should have confirmations, maybe even verbal or internal checks.
• Educate staff, especially executives, to recognize deepfake risks: unusual requests, unethical/urgent pressure, unsolicited video calls, etc.

What to Expect Going Forward

• Deepfake tools are getting cheaper, more powerful, and more broadly available—even to less technical actors.
• Regions with rapid digital adoption, like Asia-Pacific, are expected to see especially large growth in both generation and exploitation of deepfakes.
• The “deepfake economy” (tech, tools, services) is projected to grow rapidly in value over the next few years.
• To stay ahead, security strategies need to be both technical (detection, verification) and human (awareness, policy, training).