
The old advice to "watch for spelling mistakes in emails" is now useless. Today 82.6% of phishing messages contain AI-generated text — grammatically flawless, personalized and practically indistinguishable from a genuine business letter.
But text is only the beginning. The real revolution is in voice and video: attackers now clone voices and faces to impersonate the people you trust.
The new face of fraud
Imagine a video call from the "CFO" urgently ordering a transfer. The face is his, the voice is his — but the person on the other end is a fraudster using a real-time deepfake. Such attacks already cost companies hundreds of thousands of leva.
Signs to watch out for
- Urgency and pressure to act quickly "right now"
- An unusual request that bypasses standard procedures
- A last-minute change of banking details
- A call or video that "confirms" a written email
- A request for secrecy — "don't tell anyone"
How to protect yourself
Technology helps, but processes and people remain decisive. Introduce a rule for confirmation via a second channel on every financial or sensitive transfer — call a known number, don't reply to the suspicious message.
Regular simulated phishing campaigns teach your team to spot scams in practice, and multi-factor authentication stops a large share of attacks even when the password is already compromised.
Our security awareness service prepares your staff for exactly these scenarios. Get in touch.