A surge in AI-generated deepfake scams is reshaping the cybersecurity threat landscape, with fraudsters now impersonating company executives to deceive employees and siphon off millions. Leveraging increasingly sophisticated and accessible generative AI tools, attackers create realistic voice and video forgeries of CEOs and senior leaders to orchestrate elaborate social engineering ploys.

Deepfake heists: According to Adaptive Security, a firm backed by OpenAI, deepfake-related attacks in the United States alone surpassed 105,000 in the past year—equivalent to one every five minutes. High-profile companies including Ferrari, Wiz, and WPP have reported incidents. In one striking case, an employee at the engineering firm Arup wired $25 million to scammers after a fake video call with supposed senior executives.

The typical scam involves a worker in a sensitive role—such as a finance officer—receiving a sudden, urgent request from a convincingly fabricated executive. The ruse is enhanced by natural-sounding audio, accurate speech patterns, and real-time responsiveness, which collectively mimic human interaction to an unsettling degree.

Cybersecurity experts warn that the number of attacks is likely underreported due to reputational concerns. Losses from such schemes exceeded $200 million in the first quarter of this year alone. Financial institutions and tech platforms like YouTube have also been targeted, prompting alerts from regulatory bodies such as FinCEN.

As AI models grow more adept at mimicking human expression, traditional red flags—awkward phrasing or visual anomalies—are disappearing. This has spurred investment in startups focused on deepfake detection and renewed emphasis on verification protocols.

Experts stress that no single tool will suffice. Rather, a mix of staff training, technological defenses, and a workplace culture that permits double-checking even the most authoritative instructions is crucial. As one cybersecurity executive put it, the future has arrived—and it sounds just like your boss.