For years, deepfakes were treated as a political or social media oddity, a strange corner of the internet where celebrity faces (of women 99% of the time) were pasted onto fake videos (porn in 99% of the cases) and nobody quite knew what to do about it. But that framing is now dangerously outdated, because deepfakes have quietly evolved into something much more systemic: an operational risk for corporations, capable of corrupting supply chains, financial workflows, brand trust, and even executive decision-making.
Recent headlines show that synthetic media is no longer a fringe experiment. It is a strategic threat, one that companies are not prepared for.
When a deepfake can steal $25 million
In February 2025, global engineering firm Arup fell victim to a sophisticated deepfake fraud. Attackers used AI-generated video and audio to impersonate senior leadership and convinced an employee to transfer $25 million in company funds. The World Economic Forum described it as a milestone event: the moment synthetic fraud graduated from experiment to enterprise-scale theft.
For any executive who still thinks of deepfakes as a social media phenomenon, this should be a wake-up call.
Arup had strong cybersecurity. What it didn’t have was identity resilience—the ability to verify that the human on the other side of the call was actually human.
CEO fraud, but this time with perfect replicas
In the past year, deepfake CEO-fraud attempts have surged, targeting CFOs, procurement teams, and M&A departments. A 2025 report noted that more than half of surveyed security professionals had encountered synthetically generated executive impersonation attempts.
