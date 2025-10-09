Despite 88% training their staff, over half of organizations lost money to deepfake attacks last year

IRONSCALES, the AI-powered email security leader protecting over 17,000 global customers from advanced phishing attacks, today released a new industry report, Beyond Detection: The $280K Reality of Deepfake Attacks. Based on the survey responses of 500 IT professionals in organizations with 1,000-10,000 employees, the report points to a number of leading indicators that deepfake-related fraud is now more widespread and successful than ever, causing enterprises significant financial damage. Despite this rise, the report's findings suggest that organizations are still woefully unprepared to combat these threats, as over half (55%) of organizations reported losses attributed to deepfake or AI-voice fraud in the past 12 months.

The report confirms that financial losses from these attacks are substantial, with the mean loss standing at over $280,000. Over 61% of organizations that lost revenue reported losses exceeding $100,000, while nearly a fifth (19%) reported having lost $500,000 or more, proving six-figure losses are now the norm.

"As we enter the age of Phishing 3.0, the most worrying trend we see is that IT leaders claim confidence in their defenses, despite the majority of survey respondents reporting financial losses," said Eyal Benishti, CEO of IRONSCALES. "When the stakes surpass six-figure losses, it's imperative that organizations make the necessary investments to mitigate these threats. The data clearly shows that traditional security defenses are no longer sufficient, and organizations must invest in adaptive security measures that will evolve with the threats they detect."

Deepfake-enabled attacks are no longer a rare or emerging threat. They are real, widespread, and effective. The report goes on to detail a number of interesting findings that highlight the frequency and costly nature of deepfake-related incidents. Some key findings include:

85% of respondents report having experienced one or more deepfake-related incidents within the past 12 months (a 10% increase YoY), with over 40% experiencing three or more attacks.

Email-based deepfake attacks are tied with static image manipulation as the most common threat vector at 59.3% 1 each. However, other vectors are making up ground quickly: Recorded content: audio/voice manipulations rose from 25% to 52%; videos from 33% to 44.7%. Real-time attacks: live video manipulation increased from 30% to 41.2%; live voice-only calls showed identical growth. This further proves the need for defenses that can detect a breadth of deepfake-enabled threats.

each. The Training Paradox: High Adoption Meets Limited Protection Despite widespread investment in training programs, organizations continue to fall victim to deepfake attacks at alarming rates. In the present study, over 88% of respondents said their organizations have provided deepfake-related cybersecurity training, up from just 68% in 2024. Just over 1 in 10 (11.6%) report having never participated in deepfake-related cybersecurity training. Training frequency has also intensified. Of those respondents that had received training, the largest proportion (44%) did so quarterly, while over a third (37.8%) received monthly deepfake-related training-representing increases from prior year's results. Yet despite this expansion in training programs, 85% of organizations experienced deepfake incidents in the past year and 55% suffered financial losses. This disconnect between training investment and real-world outcomes suggests a fundamental gap in how organizations are preparing their workforce for this evolving threat.

While deepfake defense is rapidly climbing the ranks of cybersecurity priorities, actual investment lags behind. 63% of organizations still haven't invested a single dollar into deepfake defense.

Given the high costs being drained, organizations must strategically and quickly adopt a three-pronged defensive approach that includes training, technology, and policies specifically designed to detect and defend against deepfake-driven attacks. It has become clear that organizations must use AI-driven technologies to detect AI-enabled threats and automate incident responses to mitigate damages.

To take a closer look at the report findings, including how organizations can prepare for deepfake-related cyberattacks, download a complete copy of the report here.

1 Attack vectors referenced include: static image manipulation (doctored photos, altered documents, fake profile pictures); email-based attacks (phishing messages containing any form of deepfake content); recorded audio/voice (pre-created voice messages, voicemails, or audio files); recorded videos (pre-made video content with manipulated faces or actions); live videos (real-time face/appearance manipulation during video calls); and live audio/voice (real-time voice cloning or alteration during phone calls).

