Free Tool * AI Threat Defence

Deepfake Incident Response Checklist

AI voice cloning and deepfake video are enabling a new class of fraud -- an attacker impersonating your CEO on a call or video conference to authorise payments or access. This checklist walks through immediate, short-term and post-incident response steps.

Select your scenario

Prevention -- before an incident happens

  • Establish a "safe word" protocol -- a pre-agreed code word that executives use to verify their identity in high-stakes calls. Rotate monthly.
  • Require call-back verification for any financial request over a threshold -- hang up and call back on a known-good number.
  • Brief finance and HR teams specifically -- they are the primary targets for payment and payroll fraud via voice/video deepfake.
  • Audit what audio/video of your executives is publicly available (earnings calls, conference talks, media interviews) -- this is the training data for voice cloning.
  • Add deepfake fraud scenarios to your existing tabletop exercise rotation.
  • Document the expected communication channel for emergency requests -- if your CEO normally emails, a sudden phone call requesting urgent wire transfer is anomalous.

We use cookies for basic site function and, where ads are enabled, for advertising personalisation. See our Privacy Policy.