Safeguarding your business in an age of misinformation
Listen to this articleWe already know we can’t always trust what we read. Fraudulent texts, fake emails and online misinformation are pervasive. Now, with the evolution of artificial intelligence (AI), it’s even more difficult to trust what we see and hear—across any medium.
Deepfakes are becoming pervasive
Deepfakes are videos, photos or audio clips made with artificial intelligence to look real. The technology can be used to alter audio, video and imagery from their original forms and make them appear convincingly authentic.
Deepfake technology can mimic or manipulate a person’s voice in audio recordings to say things the person never said. In videos, a person’s face can be superimposed over someone else’s. Also, a video of a person can be manipulated to appear as if they are speaking, moving and gesturing in ways they never did.
Like most application of technology, deepfakes can be good or bad and harmless or harmful. Regardless, it’s important to recognize when the deepfakes are being used so you can continue to understand its capabilities as they evolve.
Here are some examples of harmless deepfakes:
• For fun, people can download apps that superimpose their faces on popular TV characters and put them into scenes from various episodes.
• The movie industry employs the technology to edit character performances when the actors are no longer available or to reverse-age characters for flashback scenes.
• Retailers can use similar technology to allow customers to virtually “try on” sunglasses, clothing, jewelry and more.
Examples of harmful and malicious deepfakes include:
• Disinformation agents can manipulate video footage of political candidates to show them saying degrading things or appearing intoxicated to sway voter preferences.
• Bad actors can superimpose a person’s face over explicit video content then share the video to cause reputational damage or use it for blackmail purposes.
• Criminals can fake a voice message using a CEO’s voice and instruct an employee to release a large payment to a fake vendor account.
Deepfakes are targeting and harming businesses
Businesses can and often are targeted, discredited and even defrauded by the malicious use of deepfakes. Common cases include:
• Financial fraud: Deepfake video calls or audio recordings that appear to be from company executives can be made to authorize fraudulent transactions or manipulate financial systems.
• Brand and reputational damage: Deepfake video or audio of business leaders making damaging statements or behaving inappropriately can tarnish the reputations of individuals and companies.
• Data breaches: Cybercriminals can use deepfake technology to trick employees into thinking they are interacting with a legitimate member of their organization, so they disclose sensitive information.
• Disinformation campaigns: Competitors or malicious actors might damage market share by using deepfakes to spread false information about a company’s products, services or policies.
• Authentication disruption: Deepfakes can be used to deceive identity verification technologies, such as facial recognition and voice recognition, to access sensitive information and financial accounts.
Help your business mitigate deepfake risks
By staying informed about deepfake technology and adopting proactive and responsive measures, your business can reduce the risks associated with this evolving threat.
Education and continuously training employees is paramount. Create awareness programs that cover deepfake technology and its risks, and provide plenty of email, text, webpage and audio and video examples. Implement a training routine to educate employees on recognizing deepfake red flags and reporting potential deepfake content.
Prioritize deepfake detection by investing in technologies that analyze media files for signs of manipulation and can help identify fraudulent content. Many cybersecurity and tech firms specialize in deepfake detection and prevention. Consider contracting with one to better secure your business.
Be prepared and develop an incident response plan. Time is of the essence when responding to a deepfake attack. Work with experts to understand the deepfake landscape and prepare incident response strategies and action plans.
Protect your network and systems by strengthening verification procedures. Adopt best practices around identity verification protocols for individuals in sensitive transactions. These could include multifactor authentication, secure communication channels and secondary verification steps. It could also include the use of pre-arranged code phrases used to confirm the identity of the person you’re communicating with.
Monitor communication channels—email, social media, and other communication applications—for unusual activities or suspicious audio or video content that could indicate the presence of deepfakes.
As with all security measures, it is better to be proactive and reactive. It can be difficult and frustrating, as new vulnerabilities seem to come to light every day, but adhering to the basic risk mitigation practices—education, individual responsibility and technology—remain effective. The same holds true for deepfakes and minimizing the harm they can cause to your business.
About the author: John Bodine is Vice President, Commercial Relationship Manager with KeyBank in Rochester. He may be reached at [email protected] or (585) 238-4102.
Content provided for informational and educational purposes only and is in no way to be construed as financial, investment, or legal advice. We cannot and do not guarantee their applicability or accuracy in regards to your individual circumstances. All examples are hypothetical and are for illustrative purposes. We encourage you to seek personalized advice from qualified professionals regarding all personal financial issues. KeyBank Member FDIC © 2025. KeyCorp. CFMA #250221-3034980
t
link
