For most of the 2010s, "deepfake" was a research curiosity and an internet harassment vector. By 2024, AI-generated synthetic media had moved decisively into operational use: business email compromise enhanced with cloned voices and fake video meetings, election-related synthetic content circulating across multiple democracies, financial fraud with cloned voices targeting individuals. The technology has matured faster than most defenders have planned for, and the gap between threat capability and defensive readiness is the open question of 2026.
The state of the technology
Voice cloning. Modern voice synthesis from open-source models (XTTS-v2, OpenVoice, F5-TTS) and commercial services (ElevenLabs, Resemble AI, Microsoft VALL-E research) can produce convincing voice clones from as little as 3-15 seconds of reference audio. The output quality is sufficient to fool most listeners in single-clip evaluations and to fool many in conversational settings. Real-time voice conversion, speaking in your voice, hearing the output in someone else’s, is mature and runs on consumer hardware.
Video deepfakes. Face-swap and full-body synthesis have continued to improve. The 2024 generation of models, Stable Video Diffusion, Sora-class video generators, open-source forks like AnimateDiff, produce video output that is increasingly hard to distinguish from real recordings on cursory review. Live deepfakes (real-time face replacement during a video call) are operational with consumer-grade hardware; quality is sufficient for most video conferencing systems’ compression and bandwidth.
Image generation. The class includes both face generation (this person does not exist) and arbitrary scene generation. By 2026 the technology is essentially commoditised; Stable Diffusion variants, Midjourney, DALL·E 3, and Flux all produce convincing imagery on demand.
Text generation. LLM-generated text for phishing, social engineering, fake reviews, and synthetic news is now indistinguishable from human-written text in most contexts. Detection tools exist; their accuracy is limited.
The real incidents
The publicly documented cases give the threat landscape its shape:
Hong Kong Arup deepfake (early 2024). A finance employee at engineering firm Arup transferred $25 million to attackers after participating in a video conference call where every other participant, including the CFO, was a deepfake. The attackers had used publicly available video footage of the executives to build the deepfakes. The case was the highest-dollar publicly attributed deepfake fraud as of 2024.
Voice-cloned CEO fraud. Multiple cases since 2019 of CFOs and finance staff receiving urgent phone calls from "the CEO" instructing emergency wire transfers. Trend Micro and Mandiant case studies document the technique against organisations of various sizes; figures in the millions of dollars per incident are common.
Voice cloning against family members. The "grandparent scam" updated for 2024: a clone of a child or grandchild’s voice calls in a panic asking for emergency money. The FBI and FTC have issued warnings; the cases are widespread.
Election-related synthetic media. The 2024 US election season saw deepfake audio of Joe Biden discouraging voting (New Hampshire primary, January 2024); fake images of Donald Trump being arrested or shaking hands with George Soros; deepfake video of Kamala Harris making fabricated statements. Most circulated quickly and were debunked quickly; the cumulative effect on information environment is harder to measure.
Indian, Indonesian, Pakistani, Slovakian, and Turkish elections in 2024 all had documented synthetic-media interference. The CSIS and Atlantic Council have published election-monitoring reports tracking the incidents.
Non-consensual intimate imagery. The largest-volume harm by far. AI-generated explicit imagery of real, non-consenting individuals (mostly women) circulates extensively. Taylor Swift was the highest-profile victim of a January 2024 incident involving widespread distribution on X; thousands of less-famous victims experience the same harm continuously. UK and EU regulations have begun to address this; US response is slower.
Detection and authentication
Two distinct defensive strategies exist:
Detection (after the fact). Tools that analyse media for signs of synthetic generation. Reality Defender, Sensity AI, Deepware, and academic detectors apply ML to spot artifacts of generation. Detection is in a continual cat-and-mouse with generation; current state-of-the-art detection has accuracy in the 80-95% range against current models, depending on conditions, and the accuracy degrades as new generation models appear.
Authentication / provenance (before the fact). Standards and tooling that prove a piece of media is genuine when first captured. The Coalition for Content Provenance and Authenticity (C2PA), at c2pa.org, defines an open standard for cryptographically signed metadata in images, video, and audio. C2PA support is shipping in cameras (Leica M11-P, Sony Alpha line via firmware), smartphone OS layers (partial), and major social platforms (LinkedIn, TikTok, Meta, X to varying degrees). Adoption is uneven.
The Content Authenticity Initiative (contentauthenticity.org) is the broader industry effort around C2PA.
The structural argument: detection alone is a losing race because generation continues to improve. Provenance establishes a chain of trust for legitimate content. The combination is what an effective defence looks like.
What organisations should do
The defensive measures separating into clear practical layers:
Verify out-of-band for high-stakes financial and operational decisions. Phone calls do not authenticate; video calls do not authenticate. A wire transfer instruction received over any channel needs to be confirmed through a separate channel using pre-agreed procedures.
Establish "code words" or pre-agreed authentication phrases for executive and finance teams. The grandparent-scam mitigation that families have used for a year now applies to corporate finance: a phrase that the real party would know, asked spontaneously, that an attacker with publicly available information would not.
Train finance and HR teams on the specific deepfake fraud pattern. The Arup case has become a teaching example; the lesson is that even visual confirmation in a video meeting is not authentication.
Deploy email and call-fraud detection platforms that incorporate synthetic-media detection. Pindrop and others operate in the call-centre fraud space; Abnormal Security and similar address email-based deepfake-attached scams.
Implement C2PA for outbound media wherever possible. If your communications channels carry signed content, downstream verification can flag tampering. The industry direction is in this direction; adopting early gives you defensive options the laggards do not have.
For high-profile individuals, monitor social media for synthetic content and have a fast takedown process. Reality Defender, Sensity, and similar offer monitoring services.
Public-policy state
US. The National Defense Authorization Act and various state laws (California, Texas) prohibit specific deepfake harms. The FCC banned AI-generated voices in robocalls in February 2024. Federal comprehensive deepfake legislation has not passed.
EU. The AI Act has provisions on deepfake disclosure (synthetic content must be labelled when deployed in certain contexts). The Digital Services Act creates obligations on large platforms to address synthetic-media misuse.
UK. The Online Safety Act 2023 includes provisions on synthetic intimate imagery and certain other deepfake harms.
China. Has the most aggressive deepfake regulation as of 2026. Mandatory provenance labelling for generative AI services since 2023; the rules are enforced.
The international picture is uneven and the cross-border enforcement is largely absent.
The 2026 outlook
The technology will continue to improve faster than detection. The defensive emphasis will continue to shift from "can we detect this" to "can we authenticate the provenance of legitimate content." Provenance standards will continue to gain adoption. Public awareness of the threat is growing but lagging.
For ordinary users, the practical advice is simple and not new: an unexpected emotional or urgent call demanding money is suspicious regardless of who appears to be speaking; verify out-of-band before acting; assume that any audio or video can be synthesised. The technology has changed; the social-engineering principles have not.
For organisations, the operational reality is that deepfakes are now a category of threat to plan for, not a research curiosity to monitor. The Arup case demonstrated the consequence; the next year of incidents will demonstrate the breadth.