AI is transforming healthcare, marketing, and countless industries for the better. But it’s also arming cybercriminals with tools such as deepfake attacks that are more convincing — and more dangerous — than ever before.
Attackers are now using AI to drain business bank accounts, install malware, and damage company reputations, and the frequency of these attacks is climbing fast. Reporting from the Wall Street Journal found that over 105,000 deepfake attacks hit American companies in a recent year, with losses from CEO and executive impersonation scams topping $200 million in just the first quarter of 2025 alone. Experts believe the real numbers are even higher, since many businesses quietly absorb these losses rather than risk the reputational fallout of going public.
HowDeepfake Attacks Are Being Used Against Businesses
Fake identities and forged documents. Criminals now fabricate or steal identification to slip past verification checks, using impersonation to convince employees to hand over sensitive data or authorize payments.
AI-crafted phishing links. Generative AI can mimic a coworker’s or executive’s writing style, reference real projects, and sound completely natural — making malicious links far more convincing than the clumsy phishing attempts of the past.
AI-generated emails and phone calls. According to VIPRE Security Group, AI-written messages now make up a significant share of the email threats aimed at U.S. employees, often appearing to come from a CEO, CFO, vendor, or bank. Attackers can even mine CRM data and past email threads to make their approach feel authentic. A Cornell University study found that AI-generated phishing campaigns succeed more than half the time, and Egress reports that the vast majority of organizations experienced a phishing attack in 2024 alone.
Voice cloning (“vishing”). AI can now recreate a real person’s voice well enough to trick employees into wiring funds to a fraudster’s account. Keepnet Labs found that a majority of organizations have faced a voice-phishing attempt, and most victims who fall for it end up losing money. In one widely reported case, a finance employee at a UK-based firm authorized a wire transfer of tens of millions of dollars after what appeared to be a routine video call with senior leadership — leadership that turned out to be entirely AI-generated. Similar attempts have targeted real-world executives at major global companies, sometimes only foiled because someone asked a question only the real person could answer.
Deepfake videos on social media. These are harder to catch and just as costly. A widely viewed livestream impersonating a well-known tech executive once convinced thousands of viewers to send cryptocurrency to a fraudulent address in a matter of hours. Beyond direct theft, deepfake videos can also:
• Spread false information designed to move a company’s stock price
• Circulate defamatory claims about executives or business practices
• Power fake ads that exploit a company’s branding to steal customer information
How to Protect Your Business from Deepfake Attacks
• Establish strict verification procedures for any request involving money or sensitive data
• Train your team continuously — not just once — on how modern AI scams actually look and sound
• Rehearse your response protocols so employees know exactly what to do when something feels off
• Require two-person approval on wire transfers and other high-risk transactions
• Use AI-powered detection tools to flag suspicious content before it does damage
• Limit your digital footprint — the more executives share publicly, the easier it is for fraudsters to clone their voice, writing style, or likeness
Traditional cybersecurity training is a starting point, but it wasn’t built for a world where scams sound and look exactly like the people you trust. Simulation-based training designed specifically around deepfake scenarios is proving far more effective at building real awareness.
Is Your Cyber Liability Coverage Built for This?
Many cyber policies were written before AI-driven fraud became a mainstream threat. If your business hasn’t had its coverage reviewed recently, now is the time. At Weinsurexyz, we help businesses across landscaping, staffing, trucking, restaurants, and other industries put cyber liability protection in place that actually reflects today’s threat landscape.
Contact Weinsurexyz to review your cyber liability coverage and make sure your business is protected against AI-generated fraud.











