Imagine this scenario. A colleague video-calls you, asking you to wire money urgently to an unfamiliar account. While your instinct tells you that something’s off, everything else seems to be convincing, from your colleague’s appearance to their tone of voice, and even mannerisms. Deepfake scams like this have successfully resulted in millions of dollars stolen from victims in financial and other sectors.
A recent survey found that 70% of respondents lack the confidence to determine whether a voice is real or cloned. Moreover, half of these respondents have regularly shared their voices, such as in voice messages, recorded notes, and videos. This increases the risk of their voices being sampled and cloned by potential scammers.
AI is rapidly maturing, and its use in cybersecurity attacks is evolving in parallel. In particular, the fusion of generative AI (GenAI) and traditional social engineering now involves phishing with deepfakes, a high-impact tactic that blurs the lines between believable and manipulated communication.
What, then, should you do to avoid being victimized by deepfakes? Here are ten red flags that can help you detect them before scammers steal your money or destroy your organization’s reputation.
1. Emotionally Urgent, but Procedurally Off
While deepfakes have grown in sophistication with the popularity of GenAI tools, one of the earliest documented successful attacks happened in 2019. A UK-based energy company CEO’s cloned voice was used to trick an executive into transferring €220,000 to a fake Hungarian supplier account. The caller was convincing and authoritative. However, the urgency of the process was unusual.
This is usually the first clue – when a colleague or superior skips the usual processes, exerts pressure, and is in a hurry, it’s usually a sign of a scam. Urgency is, after all, a known social engineering tactic.
2. Subtle Audio-Visual Desync in Video Calls
While real-time AI rendering is becoming more and more sophisticated, there are still some imperfections. Look for slight mismatches in lip movements and blinking patterns. Listen for non-synchronized or delayed audio. These are usually caused by processing lags. Such audio-visual cues can be crucial in avoiding getting victimized by deepfakes.
3. Clean Backgrounds That Never Shift
Real environments change. In a video call, a laptop or smartphone can inevitably shake, and its camera along with it. Lighting changes subtly, and background objects can interact with the user. Real video calls can often involve objects moving across the window or even children and pets, if working from home.
Scammers often use generative avatars placed in static or overly clean environments. This is common when using image-to-video technologies. If the background feels oddly still or artificial, trust your instincts – it’s likely AI-generated. Deepfakes often focus on facial fidelity but neglect environmental realism. This can also be an effect of computational limits that focus on mimicking the face and voice rather than backgrounds.
4. Language or Tone Is Slightly Off-Pattern
While large language models are getting more and more sophisticated, they can still miss contextual phrasing, especially in niche industries. For example, in many industries, when peers talk, they use niche-specific lingo with precision. Or sometimes, your colleagues might use familiar slang or resource names only known in your own office culture.
A study on linguistic use by GenAI in scams has found subtle linguistic inconsistencies to be a common denominator. While this particular study focused on email, it may also be applicable to scams perpetrated with voice and video calls. If the expressions used deviate from the corporate jargon or communication patterns you’re used to, it could be AI-generated.
5. Inconsistent Lighting or Shadows on the Face
Amid advances in deepfake technologies, some AI models will still struggle with rendering natural-looking lighting. In low-light or changing light conditions, a deepfake might have inconsistent skin glow, floating shadows, or static reflections. Deepfaked faces will often look luminous or very smooth, as if a glow-up filter has been applied.
A study from 2024 covers various forensic methods for detecting deepfakes, and with an emphasis on having “temporal artifacts in frame sequences” and “lighting and shadow inconsistencies” as part of a multi-modal strategy for detecting these fraudulent videos.
6. Lack of Background Noises
Deepfake audio is usually engineered to be clean, but sometimes it’s too clean for its own good. AI-generated audio lacks natural background noises, like breathing sounds, or ambient sounds like room noises, vehicles, birds chirping, and the like.
An unnatural silence can be a clue toward detecting deepfake audio. Unlike authentic calls or recordings, AI-generated voices are often produced in sterile acoustic conditions. Attackers might overlook adding contextual environmental sounds during spoofing.
7. Bypassing Typical Channels, Procedures, or Authentication Steps
A high-stakes request made through an unusual platform is already a red flag. Deepfake phishing scams will often rely on alternative points of contact to avoid any institutional protections. This could include a supposed boss or colleague calling your personal account using a social media chat platform instead of the official company Slack, Teams, or other platform.
8. Unverifiable Metadata or Caller Information
Always inspect the metadata, or information relevant to the caller. For example, scammers often spoof usernames or email addresses using minor spelling variations. Some might replace the lowercase letter “l” with the capital “I,” which can look the same on many screens.
For multimedia like videos or audio, check the file properties. When was it created? What application was used to create it? Attackers mostly focus on having a more believable appearance at the expense of forensic details. Looking deeper into the metadata can help expose a spoof.
9. Difficulty in Responding to Disruptive or Contextual Questions
A recent research paper proposed the use of “GOTCHA” (inspired by the term “CAPTCHA”), to provide “a challenge-response approach designed to authenticate live video interactions in an environment increasingly susceptible to real-time deepfakes.” One good way to spot a red flag is by asking something off-script, which works well if you already have a working relationship with the person who is supposedly on the other end of the line.
For example, ask something you know only that person would know, or maybe field some trick questions. You might ask about their children if you know they don’t have kids. Ask about an incident that happened at the office. This usually catches scammers off guard, and they might deflect or respond generically. Many deepfake scams are pre-recorded or scripted, with limited conversational flexibility.
10. Does Something Feel Just ‘Off?’ Trust Your Gut
Cognitive dissonance is often used by psychologists to describe instances where your brain senses conflicting signals. You might have a gut feeling, and you are already subconsciously figuring things out. If something seems amiss, take the time to verify the caller and the communication through a second channel.
If you already have direct contact with the person you are supposedly talking to, call them or message them on another platform. If you are working at the same building, you can walk to their office or desk instead.
Conclusion
Deepfake phishing incidents will only grow as technology matures. Increasing sophistication of AI tools enables cybercriminals to meld synthetic media with traditional deception. This means that we must rethink digital authenticity and trust.
Defending against deepfake scams doesn’t necessarily mean being paranoid. Rather, it requires recognizing patterns, training staff to recognize red flags, and enforcing stricter protocols to verify identities and validate messages.
