Deepfakes vs Phishing

45% of internal audit leaders identify deepfake audio or video impersonation as a leading AI-enabled fraud threat.

77% of organizations have been targeted by deepfake attacks.

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

48% say synthetic digital content is a high or critical threat.

30% of security professionals are confident that their CEOs could reliably identify a deepfake.

Deepfake attacks increased by 880% in 2024.

One study finds that 19 out of 20 popular "nudify" apps specialise in the simulated undressing of women.

62% of organizations experience deepfake incidents.

88% of organizations encounter deepfake or impersonation attacks at least occasionally.

45% of IT, cybersecurity, risk, and fraud leaders reported that deepfake or impersonation attacks are frequent occurrences in their organizations.

32% of organizations reported increased incidents related to deepfakes.

43% of consumers in Latin America cite AI-driven fraud, including deepfakes and voice cloning, as an emerging threat reshaping perceptions of safety in digital spaces.

89.4% of Americans expect mobile apps to block AI-powered threats such as bots, deepfakes, impersonation, and account takeovers.

Instances of deepfaked selfies increased by 58% in 2025.

In 2025, deepfakes were linked to 20% of biometric fraud attempts.

88% of internal audit leaders identify AI-powered phishing attacks as a top risk.

51% of organizations have faced sophisticated, personalized phishing emails powered by deepfake technology.

In Q4 2025, callback phishing increased from 3% to 18% of all phishing incidents, a 500% spike.

82% of malicious files have unique hashes that traditional pattern-matching fails to detect.

Credential phishing campaigns using .es domains increase 51 times year-over-year, with the .es top-level domain jumping from the 56th to the 3rd most-abused TLD.

76% of initial infection URLs in abalyzed phishing attacks were unique and have not appeared in other campaigns across Cofense's customer base.

Conversational attacks comprise 18% of all malicious emails.

In 2025, a malicious email attack occurs every 19 seconds, more than doubling from 2024’s pace of one every 42 seconds.

Abuse of legitimate remote access tools increased by 900% by volume.

Fifty percent of affected consumers cite immediate financial fraud as their primary fear, and 54 percent of consumers report an increase in targeted phishing attempts after a breach (2025)

Eighty-eight percent of consumers who received a data breach notice experience at least one negative consequence after a breach; 40 percent experience an increase in phishing or scam attempts; 49 percent experience an increase in spam emails or robocalls; 40 percent experience attempted takeover of an existing account (2025)

Clicks on phishing links decreased by 27%, from 119 per 10,000 users last year to 87 per 10,000 users this year.

87 out of every 10,000 users clicked on a phishing link each month in 2025.

77% of advanced email attacks failed SPF, DKIM, or DMARC authentication yet still reached inboxes.

Approximately 45% of advanced email attacks showed indicators of AI assistance, projected to rise to 75–95% within the next 18 months