This is a research prototype. The data and analyses are preliminary and not yet validated — we'd welcome your .
Attackers used real-time deepfake technology to impersonate a company executive in a video call to deceive an employee, but the attempt was detected due to missing accent characteristics.
An AI-powered deepfake attack targeted Andrea Rozenberg, who leads emerging markets at an unnamed company. The attackers sent an urgent message via WhatsApp impersonating her supervisor, requesting a quick call. When the video call was initiated, it featured a real-time deepfaked video of the supervisor speaking to her. The deepfake was sophisticated enough to create a convincing visual representation but failed to replicate the supervisor's strong Estonian accent. Rozenberg became suspicious due to the out-of-character demand for an urgent video call and the missing accent, prompting her to verify the authenticity through Slack messaging. The incident was confirmed to be a real-time deepfake attack targeting the right person on a relevant topic, demonstrating the advancement of scam techniques beyond traditional phishing emails. The report emphasizes that voice cloning can be accomplished in seconds with free tools, and video fakes can now be generated in real time, making such attacks increasingly accessible to scammers.
Domain classification, causal taxonomy, severity scores, and national security assessments were LLM-classified and may contain errors.
Using AI systems to gain a personal advantage over others such as through cheating, fraud, scams, blackmail or targeted manipulation of beliefs or behavior. Examples include AI-facilitated plagiarism for research or education, impersonating a trusted or fake individual for illegitimate financial benefit, or creating humiliating or sexual imagery.
Human
Due to a decision or action made by humans
Intentional
Due to an expected outcome from pursuing a goal
Post-deployment
Occurring after the AI model has been trained and deployed
