A deepfake is a face, a voice or a video fabricated by artificial intelligence to imitate a real person. In 2026, these imitations no longer just entertain: they steal. An employee of the engineering group Arup wired 25.6 million dollars after a video call in which the chief financial officer and his colleagues were all AI-generated fakes. Deloitte estimates that fraud enabled by generative AI could reach 40 billion dollars in the United States by 2027. For a Belgian company, the question is no longer whether the risk exists, but whether its payment procedures can withstand a falsified voice or face.
The shift is recent and fast. Deloitte puts US losses from generative-AI fraud at 12.3 billion dollars in 2023 and projects 40 billion by 2027, a 32% annual growth rate. AI-augmented email fraud alone could reach about 11.5 billion dollars by 2027 in the most aggressive scenario. These figures are for the United States, but the technology knows no borders.
On the corporate side, Regula's global survey finds that one organization in three already suffered deepfake fraud in 2025, a level now comparable to classic document fraud and social engineering. Voice cloning has become the most common vector, because it is the easiest to produce and the hardest to detect over the phone.
It is not sophistication that changed, it is cost. Producing a credible voice or face once required studio resources; today it takes a few minutes and public data. AI fraud is no longer a lab scenario, it is an operational treasury risk.
Four techniques combine in most attacks. They share a single goal: to make you believe that a trusted person is giving an instruction they never gave.
In early 2024, an employee at the Hong Kong office of the British engineering group Arup received an email from the chief financial officer requesting confidential transfers. Suspicious, he first thought it was phishing. Reassured by a video call where he saw and heard the CFO and several colleagues, he made 15 transfers totalling 25.6 million dollars (200 million Hong Kong dollars) to five accounts. Every participant on the call, except him, was a deepfake. The fraud was only discovered later, when checking with headquarters.
The mechanics of this scenario are anything but exceptional. It almost always follows the same steps.
The fraudster gathers public voice and image material: interviews, webinars, social media, annual reports. They identify who in the company can order a payment.
An email or message creates urgency and imposes secrecy: a sensitive deal, a confidential acquisition, a matter that must not leak.
A call or video meeting with cloned voice and face removes the victim's last doubt. Several fake colleagues reinforce the illusion.
Funds leave in split transfers to relay accounts, often abroad, then are dispersed before any alert. Recovery is rare.
The European Union mandates transparency. Article 50 of the AI Regulation (AI Act) requires anyone deploying a deepfake to disclose that the content has been generated or manipulated by an AI. These transparency obligations apply from 2 August 2026; a code of practice on marking is being finalized, and the Digital Omnibus package could adjust certain technical marking arrangements (Article 50(2)).
Transparency does not prevent fraud: a fraudster does not label their fake. It mainly serves to qualify content and sanction abuse. Concrete defence stays with the company. In Belgium, Febelfin has been warning for months about the rise of vishing, phone fraud where the caller poses as the bank or a trusted third party. Through Safeonweb, the Centre for Cybersecurity Belgium collected nearly 10 million suspicious messages reported by citizens in 2025. The issue is also cultural: according to Febelfin, 64% of Belgians would feel ashamed to be a victim of online fraud, a silence that benefits fraudsters. For the sector-by-sector obligations of the AI Act, see our analysis of the sectoral impact of the European AI Regulation.
Most AI frauds share the same markers. None is proof on its own, but their combination should trigger a check.
Effective defence does not rest on a single tool, but on three layers that reinforce each other.
Dual validation of exceptional transfers, systematic call-back to a number known in advance, thresholds and cooling-off delays, an agreed internal code word for sensitive requests.
Biometrics and liveness detection for remote processes, anti-phishing filters, content provenance (the C2PA standard), monitoring of bank-detail changes.
The third and most decisive layer is people: regular awareness, simulation exercises, and above all a culture where verifying is never a sign of distrust. An employee who calls their director back before a transfer is doing their job well; they should never fear doing so.
Before any exceptional transfer or account change, a simple call-back to a number known in advance, never the one provided in the message, stops almost all CEO fraud. No cloned voice survives that check.
You do not need to be a multinational to be targeted. An SME that pays suppliers, an accounting firm, a local authority, a finance department: any organization that moves money on instruction is a target. The weak link is not technology, it is the moment when someone, under pressure, bypasses a procedure because the order seems to come from the top.
The good news is that the countermeasures are cheap and, above all, organizational. Formalize a validation circuit, require a call-back before payment, train finance and procurement teams, test once a year with a fake request: that is the essential. Sectors already used to fraud detection, such as insurance, show the way; we detailed it in our article on AI in insurance and the fight against fraud.
A deepfake is video, audio or photo content fabricated or altered by artificial intelligence to imitate a real person, their voice or their face. In a fraud context, it is used to make you believe that an executive, client or supplier is giving an instruction they never gave.
Yes. A few seconds of recording, often publicly available, are enough for today's tools to reproduce a voice convincingly over the phone. Voice cloning is now one of the main vectors of AI fraud.
Article 50 of the European AI Regulation requires anyone deploying a deepfake to disclose that the content has been generated or manipulated by an AI. These transparency obligations apply from 2 August 2026. They do not prevent fraud, since fraudsters do not label their fakes, but they help to qualify and sanction it.
Before any exceptional transfer or change of bank details, call the person back on a number known in advance, never the one provided in the message. Require dual internal validation and beware of imposed urgency and secrecy: these are the two main levers of CEO fraud.
Molderez Consult helps Belgian companies secure their payment and validation circuits against AI fraud: call-back procedures, awareness for finance and procurement teams, simulation exercises and governance.
Assess my exposure