The Deepfake Threat Landscape in 2026
Perry Carpenter, KnowBe4's Chief Human Risk Management Strategist, delivers a comprehensive examination of how deepfake technology has reached a critical tipping point in 2025-2026. Recent Gartner research reveals that 62% of organizations experienced deepfake attacks within the last 12 months, with attacks targeting both social engineering scenarios and automated verification systems like voice biometrics. The presentation emphasizes that deepfake creation tools have reached "folk grade" accessibility—anyone with an internet connection and $0-20 per month can now create nation-state-quality synthetic media. This democratization of sophisticated attack technology means organizations can no longer rely solely on detection tools, which Carpenter demonstrates can be bypassed with persistence. The session explores real-world attack vectors including ringless voicemail campaigns, CEO impersonations, and political disinformation, while providing practical frameworks for building organizational resilience against synthetic media threats.
Detection Limitations and Multi-Layered Defense
The presentation provides critical insights into the current state of deepfake detection technology, revealing significant limitations that security teams must understand. Carpenter demonstrates through personal testing that most detection platforms exhibit "coin toss accuracy" when analyzing pre-recorded video, audio, or images—attackers with sufficient persistence can bypass these tools. However, detection shows promise in specific scenarios: live video calls where multiple verification layers can be applied simultaneously, including voice print analysis, frame rate monitoring, vascular liveness detection, and artifact identification. This multi-layered approach makes it significantly harder for attackers to maintain convincing synthetic identities during prolonged interactions. The session emphasizes that organizations should implement detection as one component of a broader defense strategy, particularly for high-risk scenarios like remote hiring interviews and executive communications, rather than relying on it as a silver bullet solution.
KnowBe4's Deepfake Training Platform
Chris Littlefield, Principal Product Manager at KnowBe4, demonstrates the company's new deepfake creation capability within their security awareness platform. The tool allows administrators to upload a 1-2 minute video of a company executive or leader, then automatically generate convincing deepfake videos using pre-built social engineering scenarios. The two-step process uses ElevenLabs for voice cloning (approximately 3 minutes) and relipsync technology for video generation (20-30 minutes), requiring only basic video upload and scenario selection from the admin. The platform currently supports four languages (US English, UK English, European Spanish, Latin American Spanish) with expansion planned. Five pre-built scenarios cover common attack vectors including urgent requests, personal connections, and CEO impersonations. The feature is designed to help organizations inoculate employees against deepfake attacks by demonstrating how easily convincing synthetic media can be created using familiar faces from their own leadership team, reinforcing the critical importance of verification through separate communication channels.
Practical Attack Vectors and Real-World Examples
The session explores multiple real-world deepfake attack scenarios currently targeting organizations. Ringless voicemail technology combined with voice cloning enables attackers to deliver convincing messages directly to voicemail inboxes without triggering phone rings, achieving significantly higher engagement rates than traditional phishing. The FBI has documented ongoing campaigns impersonating US government officials dating back to 2023, often using multi-stage attacks that begin with text or email directing targets to "secure" channels like Signal or WhatsApp. YouTube content creators face systematic harvesting of their videos for unauthorized deepfake creation, with political commentators finding themselves saying things they never said. Carpenter demonstrates the ease of creating convincing deepfakes using readily available tools: Google Gemini's image generation, HeyGen's Avatar 4 for image-to-video animation, and various relipsync platforms. The presentation includes live demonstrations showing how a single image can be transformed into a speaking video, and how existing video can be manipulated to change words while maintaining lip sync—all using consumer-grade tools accessible to anyone.
