How Deepfakes Work, How to Spot Them, and Why They Matter

Deepfakes are highly realistic, artificially generated media that manipulate video, audio, or images to depict events that never happened or statements that were never made. By utilizing advanced machine learning techniques, these systems learn a person's biometric features to synthesize entirely new, convincing content. As the technology has become widely accessible to consumers, deepfakes have evolved from a niche academic pursuit into a primary vector for financial fraud, political disinformation, and digital exploitation, prompting an urgent global race to develop reliable detection tools and legal frameworks.

The Evolution of Synthetic Media: Deepfakes vs. Cheapfakes

When discussing manipulated media, it is critical to distinguish between authentic artificial intelligence generation and traditional video editing. Over the past decade, the landscape of digital deception has evolved to encompass a wide spectrum of manipulated content. However, the underlying mechanisms used to create that content dictate how dangerous it is, how it scales, and how easily it can be detected.

A "cheapfake" (sometimes referred to in the cybersecurity industry as a shallowfake) is media manipulated using conventional, low-tech editing capabilities that do not rely on machine learning ¹²². These are crafted by human hands using basic software to alter reality. A classic example is slowing down a video of a politician to make them appear intoxicated or slurring their words, a tactic famously used in 2020 against former US House Speaker Nancy Pelosi ³. Cheapfakes can also involve simple mislabeling, where authentic footage from one event is shared with a caption claiming it depicts a completely different, current event ²³⁴. While they require minimal technical skill to produce, cheapfakes remain highly effective because they exploit the psychological vulnerabilities and confirmation biases of the viewer ³⁶.

Deepfakes, on the other hand, utilize advanced machine learning - specifically deep learning networks - to create hyper-realistic but entirely fabricated synthetic media ²⁵. Rather than just editing existing pixels or slowing down an audio track, the software mathematically learns a person's biometric features, such as their facial structure, micro-expressions, and voice cadence, to generate entirely new content from scratch ⁶. While cheapfakes alter what is already there, deepfakes manufacture reality, making them exponentially more difficult to detect without specialized forensic tools ²²³.

How Are Deepfakes Made? The Underlying Technology

The engine driving the deepfake revolution over the last several years is an architecture known as a Generative Adversarial Network, or GAN ⁹¹⁰. Invented in 2014, GANs fundamentally changed how machines learn to generate complex data, shifting the paradigm from purely analytical AI to generative AI.

To understand how a GAN works, researchers often use the analogy of a master art forger and a police art detective ⁹¹⁰. The GAN is composed of two separate neural networks locked in a continuous, competitive game. The first network is the Generator (the Forger). Its job is to ingest random digital noise, similar to TV static, and mold it into a synthetic output, such as a human face ⁹¹⁰. Initially, the Generator is terrible at this task, and its outputs look like pixelated abstractions.

The second network is the Discriminator (the Detective). The Discriminator is fed a mixed dataset: some images are authentic photographs of real human faces (the ground truth), and others are the fake images produced by the Generator ¹⁰⁷. The Discriminator's job is to calculate the mathematical probability that an image is real or fake. Every time the Discriminator correctly identifies a fake, the Generator is mathematically penalized through gradient descent, forcing it to adjust its approach to try and do a better job next time. Conversely, if the Generator successfully fools the Discriminator, the Discriminator is penalized and learns to look for more subtle visual artifacts ¹⁰.

This adversarial process runs thousands or millions of times. Over hours or days of training, both networks become incredibly sophisticated. The loop only stops when the Generator is producing images so flawlessly photorealistic that the Discriminator is essentially guessing at random, unable to tell the real from the synthetic ¹⁰⁷. This same architecture, heavily modified in subsequent years into models like StyleGAN, allows artificial intelligence to manipulate lighting, skin texture, and geometry to seamlessly map one person's facial expressions onto another's body ⁷¹².

The Mechanics of Audio Deepfakes

While visual deepfakes capture the most public attention, audio cloning relies on similar neural network principles and is often more difficult for humans to detect ⁴⁸. Audio generation typically involves training a deep neural network on a dataset of a target's voice recordings. The AI learns the phonetic patterns, intonations, and unique acoustic signatures of the speaker ⁶.

Previously, creating a convincing voice clone required hours of clean studio audio. Today, due to advancements in machine learning, threat actors can generate a highly accurate voice clone using only about 30 seconds of audio scraped from a victim's social media profile, a public speech, or a voicemail greeting ¹²⁹. Once the model is trained, the attacker can simply type text into a prompt, and the AI will synthesize the speech in the victim's exact voice, complete with synthesized emotional inflection ⁶¹²⁹.

The Commodification of Synthetic Media Tools

The most significant shift in the deepfake landscape over the past few years is the complete collapse of the technical barrier to entry. Generating a convincing deepfake no longer requires immense computational power, massive proprietary datasets, or specialized knowledge of neural networks ¹²¹⁵. A vast cottage industry of open-source software and consumer-friendly smartphone applications has democratized the technology, putting studio-level manipulation into the hands of anyone with an internet connection ¹⁵¹⁰.

The market is now saturated with varying levels of deepfake tools, catering to everyone from highly technical cybercriminals to casual social media users. At the high end of the spectrum, open-source projects like DeepFaceLab provide filmmakers, VFX hobbyists, and dedicated threat actors with granular control over the deepfake pipeline, allowing for seamless face swapping and de-aging, provided the user has a powerful dedicated GPU ¹⁷¹⁸¹⁹.

For commercial use, web-based platforms like HeyGen and Deepbrain AI operate as full-fledged digital production studios ¹⁸¹⁹. These tools are marketed toward marketers and corporate trainers, allowing them to create a "digital twin" or avatar that can read any script provided in multiple languages ¹⁸¹⁹. Meanwhile, mobile applications like FaceApp, Reface, and FaceSwap Live have brought deepfakes to the mainstream, enabling users to swap faces in real-time video calls, animate still photos into lip-syncing singers, or dramatically alter their appearance with a single tap ^17181911. For audio, tools like ElevenLabs have revolutionized text-to-speech, allowing for instantaneous voice cloning that has been widely weaponized in both scams and political disinformation ⁴¹⁷¹¹.

Why Deepfakes Matter: The Escalating Threat Landscape

The threat of synthetic media stems not just from the technology itself, but from our inherent biological programming: human beings are evolutionarily wired to believe what they see and hear ¹². When that implicit trust is hacked, the consequences ripple across personal privacy, corporate financial security, and global geopolitical stability.

Cybercriminals, hacktivists, adversarial nations, and fraudsters have rapidly incorporated generative AI into their attack frameworks faster than public and private sectors anticipated ¹⁵. According to comprehensive threat intelligence analysis spanning 2024 to 2025, the volume of deepfakes circulating online experienced an alarming 3,000% increase, effectively doubling every six months as the technology commodified ²².

The Surge in Financial Fraud and Corporate Scams

Cybercriminals have quickly realized that deepfakes are the ultimate social engineering tool ¹⁰¹²²³. Phishing attacks traditionally relied on typographical errors, suspicious email addresses, and generic language. Today, AI-powered tools eliminate those red flags, allowing attackers to weaponize a target's trust ¹³¹⁴.

In the corporate sector, traditional Business Email Compromise (BEC) has evolved into virtual executive impersonation ⁵²⁶. Using deepfake audio and video, scammers bypass traditional security controls to authorize massive wire transfers. Furthermore, security firms like Mandiant have observed financially motivated actors utilizing generative AI tools, such as WormGPT, to draft highly persuasive, customized phishing campaigns and develop malware at scale ²⁷.

The financial devastation caused by these attacks is no longer theoretical. In a highly publicized 2024 incident, a finance worker at a multinational firm in Hong Kong transferred $25 million to fraudsters after attending a video conference where the company's Chief Financial Officer and several colleagues were all perfectly deepfaked ^6102214. Similarly, Mark Read, the CEO of WPP (the world's largest advertising group), was the target of an elaborate scam where fraudsters used a cloned voice and scraped YouTube footage to impersonate him on a Microsoft Teams call in an attempt to solicit money and personal details ²⁸¹⁵. Another attack targeting the internal software developer company Retool led to a cryptocurrency client losing $15 million in assets after staff were successfully socially engineered ⁶.

Financial services, telecommunications, aviation, and healthcare are disproportionately targeted due to the high value of their assets and the transaction authority their employees control ²²¹⁴. A 2024 survey by Medius found that 85% of corporate finance professionals in the US and UK now view deepfake scams as an "existential" threat to their organization's security ¹⁰. Projections indicate that total fraud losses from generative AI technologies could reach a staggering $40 billion in the United States alone by 2027 ¹⁰²².

Political Disinformation and Election Interference

With billions of people heading to the polls globally in 2024 and 2025, synthetic media became a widespread weapon of mass deception in political spheres ³⁰¹⁶¹⁷. State-sponsored actors, intelligence agencies, hacktivists, and domestic campaigns increasingly deployed deepfakes to damage reputations, spread false narratives, and erode institutional trust ^6151733.

The intent is often to suppress voter turnout, manufacture scandal, or shift the geopolitical narrative. In January 2024, tens of thousands of voters in New Hampshire received an AI-generated robocall mimicking US President Joe Biden, urging them to save their vote for the November election and skip the state's Democratic primary ^36122830. Around the globe, similar tactics proliferated. Research by the Insikt Group identified 82 high-profile political deepfakes circulating across 38 different countries between 2023 and 2024 ¹⁷. Fabricated audio clips emerged of UK Prime Minister Keir Starmer supposedly criticizing his own party, while in Turkey, President Erdoğan utilized a deepfake video to falsely link an opposition leader to terrorist organizations ¹⁷. Deepfakes were also heavily weaponized in the elections in Argentina and Taiwan, demonstrating that synthetic media is now a standard tool in global political campaigning ³⁰¹⁷.

The Chilling Effect on Academic Research

The highly polarized political environment surrounding elections has made studying these threats uniquely difficult for academics. Institutions that track digital disinformation have faced intense legal and political pressure that threatens to chill future research ¹⁸.

The Stanford Internet Observatory (SIO), founded by former Facebook chief security officer Alex Stamos, was once a leading force in analyzing the spread of false information ¹⁸. Alongside the University of Washington, SIO ran the Election Integrity Partnership, a prominent consortium that identified viral falsehoods in real-time during the 2020 and 2022 US elections ¹⁸. However, the program faced unrelenting attacks from conservative politicians and activists who accused the researchers of acting as a censorship arm of the government ¹⁸.

Facing millions of dollars in legal fees stemming from congressional inquiries and multiple lawsuits - including the high-profile Murthy v. Missouri Supreme Court case, which ultimately ruled in favor of the Observatory's right to communicate with the government - Stanford was forced to effectively dismantle the SIO in 2024 ¹⁸. The observatory shed almost all of its staff, and leadership contracts, including that of prominent researcher Renée DiResta, were not renewed ¹⁸. This collapse represents a significant setback for the global community of researchers attempting to detect propaganda and understand how false narratives are manufactured ¹⁸.

Non-Consensual Intimate Imagery (NCII) and Extortion

While political and financial deepfakes dominate headlines, the most pervasive and devastating impact of synthetic media occurs on an individual level. Deepfake technology is routinely weaponized to generate Non-Consensual Intimate Imagery (NCII) - sexually explicit material featuring individuals who never participated in its creation ³³¹⁹²⁰.

This abuse is no longer restricted to public figures or celebrities. Generative AI systems and highly accessible "nudifier" tools can scrape ordinary, fully clothed social media profile pictures of private citizens and seamlessly transform them into hyper-realistic explicit imagery ²¹³⁹. According to data from UNICEF, at least 1.2 million children globally have had their images manipulated into sexually explicit deepfakes within a single year ²¹.

The psychological toll on victims is severe. Because the images are mathematically indistinguishable from reality to the untrained eye, victims are forced to endure the trauma of proving their innocence in an environment where the content can live on the internet indefinitely ³⁹. Furthermore, cybercriminals increasingly use this synthetic imagery for extortion, fabricating compromising videos of targets and demanding ransom payments to prevent their release to family or employers ¹²²³.

Can We Spot Deepfakes? Detection Capabilities and Challenges

As generative AI grows more sophisticated, the glitches that once made deepfakes obvious are rapidly disappearing. In 2020, detecting an AI-generated image was often as simple as counting a subject's fingers, as earlier models struggled heavily with human anatomy and complex geometry ²²²³. Today's models rarely make those rudimentary mistakes ²³. However, because generating synthetic media relies on complex probabilistic math, there are still visual, auditory, and procedural tells.

Visual Artifacts and Human Perception

Deepfake generation often struggles with maintaining consistency across frames in a video and accurately replicating the complex physics of reality. When evaluating suspicious media, experts from projects like the MIT Media Lab's "Detect Fakes" initiative recommend that individuals look for specific artifacts ^22242544:

• Facial and Skin Inconsistencies: High-end manipulations are almost exclusively facial transformations. Observers should scrutinize the boundaries of the face. Does the skin appear unnaturally smooth in the center but wrinkly at the edges? Are there unnatural shadows, or is there a distinct mismatch in lighting and skin tone between the face and the neck? ²²²⁴²⁶.
• The Eyes and Blinking: The eyes are notoriously difficult for AI to render perfectly. Look for a "soulless" or dead look. Deepfakes often struggle to replicate natural, consistent light reflections on the cornea as the subject moves. Additionally, the subject may blink unnaturally - either too frequently, or not at all ²²²⁶⁴⁶.
• Lip-Sync and Audio Glitches: In synthetic video, the audio track frequently fails to align perfectly with the micro-movements of the lips and mouth, resulting in a slightly robotic, stiff, or out-of-sync appearance during speech ²²²⁶⁴⁶.

The Complexities of Audio Detection

Audio deepfakes are generally considered easier to produce and harder for humans to detect than visual deepfakes ⁴⁸. However, researchers at the UC Berkeley School of Information have developed layered approaches for identifying cloned voices. They determined that detection relies on analyzing three distinct levels of audio data ⁸:

1. Perceptual Features (Audio Waves): Real human voices contain distinct pauses, filler words, and slight amplitude (volume) shifts because speakers organically breathe and naturally move their heads around a microphone. Cloned audio tends to have unnaturally consistent volume and lacks these organic breathing rhythms and pauses ⁸.
2. Spectral Features: Using advanced audio wave analysis packages, researchers can extract over 6,000 distinct features from an audio clip - including summary statistics (mean, standard deviation) and regression coefficients. By isolating the 20 most important spectral features, analysts can spot mathematical inconsistencies invisible to the human ear ⁸.
3. Learned Features (Embeddings): The most accurate detection method involves training a separate deep-learning model to extract multi-dimensional representations (embeddings) from raw audio. In controlled laboratory settings, these embedding-based models have been able to distinguish between real and synthetic audio with near 0% error rates ⁸.

Algorithmic Detection Limitations in the Real World

As deepfakes proliferate, technology companies and academic institutions have raced to build deepfake detection software. Unfortunately, the fakers are currently outrunning the detectives ⁴⁷.

While deepfake detection models (such as GenConViT for video or AASIST for audio) report incredibly high accuracy rates - often approaching 94% to 99% - on academic datasets like FaceForensics++, these benchmarks do not accurately reflect the current threat landscape ⁷⁴⁶²⁷. In late 2024 and early 2025, researchers released the Deepfake-Eval-2024 benchmark, an expansive, multi-modal study evaluating over 100 hours of synthetic media actively circulating on social media across 52 different languages ²⁷⁴⁸⁴⁹.

The study revealed a stark reality: detection software performs exceptionally well in controlled environments, but its accuracy plummets by roughly 45% to 50% when exposed to "in-the-wild" internet deepfakes ²⁷⁴⁸. Automated systems particularly struggle with artifacts from recent diffusion-based synthesis, non-facial manipulations, and audio deepfakes that exploit underrepresented languages or utilize heavy background noise and music ⁴⁸. Because detection models rely heavily on identifying the specific mathematical signatures of known generators, they frequently fail to spot media created by newly released, unknown AI tools (zero-day deepfakes) ⁴⁶⁴⁸⁴⁹.

Procedural Defenses and Cybersecurity Mitigation

Given the current unreliability of automated detection software, leading cybersecurity agencies - including the US Cybersecurity and Infrastructure Security Agency (CISA), the NSA, and the FBI - have issued joint guidance advising organizations and individuals to adopt strict procedural defenses ⁵²⁶²⁸. The consensus is that stopping a deepfake attack relies less on spotting a flawed pixel and more on verifying identity through out-of-band channels.

The most effective, low-tech defense against AI voice cloning is the safe word ⁹²⁶. Families and corporate teams are heavily encouraged to establish a private, unique code phrase. If a loved one calls claiming to be in an emergency, or a CEO calls demanding an urgent wire transfer, asking for the safe word instantly breaks the AI illusion, as the scammer operating the deepfake will not know it ⁹²⁹.

For businesses, experts recommend instituting the "four eyes, not two" principle for any major financial transaction, requiring at least two people to physically sign off on wire transfers ²⁶³⁰. Organizations are also urged to enforce strict multi-channel validation. If an employee receives a suspicious video call or urgent voice memo from an executive, they should immediately hang up and call the person back on a known, trusted phone number stored in their personal contacts ⁹²⁶. Furthermore, CISA strongly recommends transitioning away from password-based logins and adopting FIDO-based, passwordless authentication (such as passkeys or behavioral biometrics), which are inherently resistant to AI-generated phishing sites ¹³³⁰.

The Global Regulatory Response to Synthetic Media

Governments worldwide are scrambling to build legal frameworks capable of penalizing deepfake abuse without stifling the broader technological and economic benefits of artificial intelligence. The regulatory approaches vary wildly by region, reflecting fundamentally different cultural priorities regarding free speech, state control, consumer protection, and corporate liability ⁵⁶⁵⁷³¹.

The European Union: Transparency Through the AI Act

The European Union has taken the world's most comprehensive and proactive approach, seeking to regulate the technology itself. The EU AI Act, which fully enters into force in August 2026, focuses heavily on strict transparency obligations and risk-based classifications ⁵⁶³²³³.

Under Article 50 of the Act, any provider or deployer of an AI system that generates synthetic audio, video, or image content must ensure that the output is marked in a machine-readable format, making it detectable as artificially generated ³⁴⁶²³⁵. If a piece of media constitutes a deepfake, the user is legally obligated to explicitly disclose its synthetic nature to the public ⁵²³⁴⁶².

To protect freedom of expression, the EU included specific carve-outs: if the content forms part of an "evidently artistic, creative, satirical, fictional or analogous work," the transparency obligations are minimized to simple disclosures so as not to hamper the enjoyment of the media ⁵²⁶². However, this transparency framework only applies to lawful deepfakes. If synthetic media is used for illegal purposes - such as non-consensual pornography, defamation, financial fraud, or terrorist content - the labeling rules are superseded by the EU Digital Services Act (DSA), which mandates that platforms immediately remove the content ²¹⁵². The European Commission is currently drafting a voluntary Code of Practice to help companies implement these technical labeling standards ahead of the 2026 enforcement date ⁵²³⁵.

The United States: State Vetoes and the Federal TAKE IT DOWN Act

In contrast to the EU's broad regulatory umbrella, the United States has largely avoided sweeping, horizontal federal AI legislation. Instead, the US relies on a fragmented patchwork of state laws, executive orders, and targeted federal acts aimed at specific use cases ⁵⁶³²³³.

At the state level, California - home to the majority of the world's leading AI developers - became the epicenter of regulatory debate in 2024 over Senate Bill 1047 (SB 1047). The bill was designed to mandate strict safety testing and implement "kill switches" for massive AI models based on the computing power required to train them ⁵⁶⁶⁴³⁶. Despite passing both the state Assembly and Senate, Governor Gavin Newsom vetoed SB 1047 in September 2024. Newsom argued that the bill's compute-based thresholds were too rigid, failed to account for how a model was actually deployed, and could inadvertently drive innovation out of the state ³⁶³⁷⁶⁷. While rejecting the sweeping safety bill, Newsom did sign smaller, targeted legislation (like AB-2013 and SB-942) requiring training data transparency and watermarking for AI-generated content ³⁶³⁷⁶⁸.

Despite hesitance to regulate the development of AI models broadly, the US achieved major bipartisan federal movement regarding the abuse of digital content. In May 2025, President Donald Trump signed the TAKE IT DOWN Act (S. 146) into law ¹⁹²⁰. Sparked by severe cases of high school students being targeted by AI-generated nude images, the Act creates a strict, unified federal remedy for survivors of non-consensual intimate imagery (NCII) ¹⁹⁶⁹. The law criminalizes the publication of deepfake pornography and forces social media platforms and websites to remove flagged synthetic content within 48 hours of receiving a verified request from a victim ²⁰⁶⁹⁷⁰. Establishing a vital legal deterrent against the weaponization of deepfakes, the law introduces federal prison sentences ranging from two to three years, depending on the age of the victim ³⁹⁶⁹.

Asia-Pacific: India and Singapore's Stringent Frameworks

In Asia, governments have moved swiftly to place the burden of policing deepfakes directly onto the social media platforms and tech companies that host and enable them, prioritizing rapid content moderation and state stability.

India's Ministry of Electronics and Information Technology (MeitY) heavily amended its Information Technology Rules in late 2025 and early 2026 to explicitly target "synthetically generated information" ³⁸⁷². The regulatory process was highly contentious. MeitY's October 2025 draft proposed a rigid, mathematical rule requiring AI labels to visibly cover at least 10% of the screen area of an image or video ³⁸⁷²³⁹. Major tech companies (including Meta, Google, and OpenAI) strongly opposed the 10% threshold, arguing it would effectively deface legitimate content and prove impossible to enforce at scale ³⁹.

In February 2026, the Indian government notified the final rules, dropping the strict 10% visibility threshold in favor of a "principle-based" standard ³⁹⁴⁰. Platforms are now legally bound to ensure AI content disclosures are "clear, prominent, and visible," without specific size mandates ⁴⁰. However, the core enforcement mechanism remains incredibly strict: India requires platforms to remove unlawful deepfakes within 36 hours of receiving an authorized notice ³⁸. If platforms fail to comply, they lose their safe harbor protections and can face direct criminal prosecution under the IT Act ⁵⁰⁴⁰⁴¹.

Singapore has similarly blended policy innovation with strict enforcement. In 2024, the Infocomm Media Development Authority (IMDA) released a Model AI Governance Framework for Generative AI. This framework emphasizes upfront (Ex Ante) responsibility for developers to implement digital watermarking and testing, alongside post-incident (Ex Post) safety nets like user indemnities ⁷⁶⁷⁷⁷⁸. In tandem, Singapore enacted the Online Safety (Relief and Accountability) Act of 2025, which gives a newly formed Online Safety Commission sweeping powers to legally direct online platforms to disable access to deepfake intimate imagery and child abuse material immediately ²¹.

Bottom line

Deepfakes represent a permanent, structural shift in our digital reality, completely lowering the technical barriers required to fabricate convincing audio and video. While global legislative efforts like the EU AI Act and the US TAKE IT DOWN Act are successfully establishing vital legal consequences and labeling standards, the speed of algorithmic advancement currently outpaces both the law and automated detection software. For the foreseeable future, defending against synthetic scams and disinformation will require individuals, corporations, and governments to foster a culture of healthy skepticism, utilizing multi-channel verification and low-tech safeguards to protect their assets, privacy, and institutions.