{"id":2939,"date":"2025-09-23T13:53:26","date_gmt":"2025-09-23T13:53:26","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2025\/09\/23\/deepfake-attacks-hit-two-thirds-of-businesses\/"},"modified":"2025-09-23T13:53:26","modified_gmt":"2025-09-23T13:53:26","slug":"deepfake-attacks-hit-two-thirds-of-businesses","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/09\/23\/deepfake-attacks-hit-two-thirds-of-businesses\/","title":{"rendered":"Deepfake Attacks Hit Two-Thirds of Businesses"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n
\n

Nearly two-thirds (62%) of organizations have experienced a deepfake attack in the past 12 months, according to a new Gartner survey.<\/p>\n

These deepfake attacks encompass either social engineering, impersonating someone during a video or audio call with an employee or exploiting automated verification, such as face or voice biometrics.<\/p>\n

Akif Khan, senior director at Gartner Research, told Infosecurity<\/em> that continuous improvements in deepfake technologies mean such threats are only going to grow.<\/p>\n

Need for Deepfake Detection Integrated in Everyday Tools<\/strong><\/h2>\n

He said the most pervasive technique currently in this space is deepfakes being combined with social engineering, such as impersonating an executive to get an employee to transfer a large sum of money into an attacker-controlled account.<\/p>\n

\u201cThat\u2019s trickier because social engineering is a perpetually reliable thing for attackers to use. When you throw deepfakes in there your employees really are on the frontline of trying to spot something is unusual. You can\u2019t just rely on automated defenses to protect you,\u201d Khan explained.<\/p>\n

To protect against this threat, Khan urged organizations to consider emerging technical solutions, in which vendors can bake deepfake detection into tools such as Microsoft Teams or Zoom.<\/p>\n

\u201cThat\u2019s relatively new, there are not many large-scale production deployments so it still remains to be seen how effective that can really be once its operationalized in an environment,\u201d he cautioned.<\/p>\n

In the immediate term, Khan said that some organizations have implemented effective awareness training programs specifically around deepfakes. This includes creating deepfakes of company executives and using them in simulations to employees.<\/p>\n

Another aspect is reviewing current business processes in areas such as payment approvals. Khan advised putting in place authorization at the application level to ensure these attacks are detected.<\/p>\n

\u201cThis means the CFO can phone and ask you to transfer some money, the payment can be set up in the finance application, but then the CFO needs to log on to the finance application, ideally with phishing-resistant multi-factor authentication (MFA), and actually authorize that transaction,\u201d Khan noted.<\/p>\n

Targeting of AI Applications<\/strong><\/h2>\n

The report, published during the Gartner Security & Risk Management Summit 2025, also found that 32% of organizations have experienced an attack on AI applications leveraged the application prompt in the past 12 months.<\/p>\n

These attacks include prompt injection \u2013 where attackers generate large language models (LLMs) into generating biased or malicious output.<\/p>\n<\/p><\/div>\n

\"Impact
Impact of GenAI on the Attack Landscape. Source: Gartner<\/figcaption><\/figure>\n
\n

Khan told Infosecurity<\/em> that the results are consistent with the conversations Gartner has had with clients around attacks on AI applications.<\/p>\n

\u201cAround two-thirds said that they haven\u2019t experienced any attacks \u2013 that is a useful sanity check that this is a threat but is it the biggest threat that organizations face? No it\u2019s not. But it is one that they do need to take seriously because we do have approximately 5% of respondents saying they have had a major incident,\u201d he commented.<\/p>\n

Khan advised security leaders to focus on several areas to protect AI applications, including shadow AI and how access is managed to company approved or developed tools.<\/p>\n

Gartner surveyed 302 cybersecurity leaders in North America, EMEA and Asia\/Pacific for the report.<\/p>\n

Read more from the Gartner summit: Organizations Must Update Defenses to Scattered Spider Tactics, Experts Urge<\/em><\/p>\n<\/p><\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"

Nearly two-thirds (62%) of organizations have experienced a deepfake attack in the past 12 months, according to a new Gartner survey. These deepfake attacks encompass either social engineering, impersonating someone during a video or audio call with an employee or exploiting automated verification, such as face or voice biometrics. Akif Khan, senior director at Gartner<\/p>\n","protected":false},"author":2,"featured_media":2940,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2939","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"thumbnail":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643-150x150.jpg",150,150,true],"medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"medium_large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"1536x1536":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"2048x2048":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"morenews-featured":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"morenews-large":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"morenews-medium":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643.jpg",300,300,false],"crawlomatic_preview_image":["http:\/\/ft365.org\/wp-content\/uploads\/2025\/09\/2939-fedfe265-9f17-433b-9306-f0febd4ef643-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"http:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2939","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=2939"}],"version-history":[{"count":0,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/2939\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/2940"}],"wp:attachment":[{"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=2939"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=2939"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=2939"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}