Deepfakes: How AI is Supercharging Social Engineering Attacks

The Rise of AI-Powered Cybercrime

In recent years, cybercriminals have begun harnessing artificial intelligence to launch more convincing and targeted attacks. One of the most alarming developments is the use of AI-generated deepfakes — realistic audio or video imitations of real people — to deceive employees into transferring funds or revealing sensitive data.

Imagine this: your company’s accountant receives a phone call from someone who sounds exactly like your CEO, complete with the same tone, speech patterns, and even subtle quirks. The “CEO” urgently instructs them to wire money to a new account for a business deal. In reality, the voice is a sophisticated AI clone, pieced together from audio clips found on social media and online meetings. The transfer is made, and by the time anyone realizes what happened, the money is gone.

This is no longer a theoretical risk, or something you see only in movies— these attacks are happening now, and they’re becoming more convincing by the day.

Statistics from Around the World

  • Global: Deepfake incidents increased 10X worldwide from 2022 to 2023 (Sumsub, 2024).
  • North America: Deepfake fraud rose 1,740% in 2023 compared to 2022 (Eftsure, 2024).
  • Europe’s Financial Sector: Fraud attempts jumped 2,137% over three years, now making up 6.5% of all cases (Signicat, 2024).
  • Frequency: By 2024, a deepfake attack occurred every 5 minutes globally (Cybersecurity Asia, 2025).
  • Insurance Industry: Synthetic voice fraud rose 475% in 2024, with overall deepfake-related fraud activity up 680% (Pindrop, 2025).

Types of Threats Emerging

Voice Deepfakes – AI-generated speech that perfectly mimics a person’s voice.

Video Deepfakes – Realistic video impersonations used in video calls or messages.

Business Email Compromise (BEC) – AI-crafted emails that mimic a company executive’s style and signature.

Hybrid Attacks – Combining fake voices, spoofed phone numbers, and fraudulent emails for a multi-layered scam.

Insurance Coverages That Can Help

Many standard cyber policies do not automatically include coverage for social engineering fraud or deepfake-related scams. Businesses should ask their insurance advisor about:

Social Engineering Fraud Coverage – Reimburses for funds lost when an employee is tricked into transferring money due to fraudulent instructions.

Funds Transfer Fraud Coverage – Covers losses from unauthorized electronic fund transfers initiated by a criminal.

Computer Fraud Coverage – Addresses direct hacking incidents where criminals manipulate systems to divert money.

Cyber Liability & Incident Response – Helps cover legal costs, notification expenses, and crisis management if sensitive information is compromised.

Preventive Steps to Reduce Risk

While insurance is essential, prevention is the first line of defense:

  1. Establish Multi-Step Verification – Always require a secondary confirmation method for fund transfers, preferably through a different communication channel.
  2. Limit Public Exposure of Voice/Video – Be mindful of how much personal speech content executives post online.
  3. Train Employees Regularly – Simulate phishing and social engineering scenarios to raise awareness.
  4. Use Call-Back Procedures – For sensitive requests, hang up and call the person back at a verified phone number.
  5. Deploy Technology Tools – Consider AI-driven fraud detection, anomaly monitoring, and voice recognition safeguards.

The Bottom Line

Cybercriminals are no longer just relying on fake emails or poorly worded scams. With AI, they can replicate voices, mannerisms, and communication styles so convincingly that even cautious employees can be fooled.

The best defense is a combination of strong insurance coverage and robust security protocols. If you’re unsure whether your current cyber policy includes protection against social engineering or deepfake-related fraud, now is the time to review it.

You Can Count on Us

Our agents go above and beyond to anticipate industry changes and keep their finger on the pulse of what your business needs. We won’t stop until we find the right insurance solutions for your operation.