Day 2: Deepfake Scams
2. Deepfake Scams (Business Leaders as Targets)
A few years ago, deepfakes were the stuff of sci-fi thrillers or viral internet memes. Funny, a bit weird, but not something most business owners thought they’d have to worry about. Fast forward to 2025, and deepfakes aren’t just entertaining party tricks, they’re precision tools for cybercriminals.
Here’s the scenario, your finance manager gets a video call. On screen is your Managing Director, looking stressed, speaking urgently, “We need to get this supplier paid immediately, no time for the usual checks.” The face looks right. The voice sounds right. Even the little mannerisms are there, the slight head tilt, the hand gestures, the hurried tone. However it’s not your MD! It’s a criminal, armed with AI.
Why it’s so dangerous for SMBs:-
Trust and authority: Staff naturally trust instructions from leaders. Deepfakes weaponise that trust.
Speed and pressure: These scams often involve urgency, “we’ll lose the deal if we don’t act now”, leaving little time to question.
Fewer barriers: Large corporates often require multiple sign-offs for large payments. In SMBs, processes are leaner, and one convincing call could be all it takes.
The consequences? A single fraudulent transfer could drain tens or even hundreds of thousands from your business account, and worse, it’s not always easy to claw that money back.
What SMBs can do to fight back:
Set strict approval processes for payments, even when the request seems to come from the top.
Use out-of-band verification, a quick phone call, face-to-face check, or secure messaging platform, to confirm urgent requests.
Train staff to recognise the red flags: unusual requests, time pressure, or slightly “off” behaviour in a familiar face.
The bottom line? Deepfakes have made “seeing is believing” a dangerous assumption. For SMB’s, the real defence is process and culture: empowering staff to question, verify, and slow down, even if the request looks like it’s coming straight from the boss.
