In today’s rapidly evolving digital landscape, the rise of deepfake AI technology has introduced a new and significant threat to B2B payment security.
With cybercriminals using artificial intelligence to create highly convincing fake videos, audio, and images, businesses are at risk of falling victim to sophisticated fraud attempt.
These attacks can easily bypass traditional security measures, leading to unauthorized transactions, stolen data, financial losses, and reputational damage. In this interview with nsKnox’s CISO, Yaron Libman, we explore the dangers posed by deepfake AI, its impact on B2B payments, and how companies can safeguard themselves against this emerging
Q. What are Deepfakes, and how do they work?
A. Deepfakes are highly realistic but fabricated digital content created using artificial intelligence (AI) and machine learning (ML). By training algorithms on massive amounts of real data, such as voice recordings, videos, and images, deepfake technology can generate media that closely mimics actual individuals. This means a person’s voice, facial expressions, and videos can be convincingly faked. These deepfakes can impersonate company executives, stakeholders, or clients to manipulate financial transactions or obtain sensitive data.
Q. What is the future of deepfakes in the context of B2B payment security?
A. Deepfake AI attacks are effective because humans have a natural tendency to trust the data they receive. However, companies must verify and validate this data, regardless of its source. As deepfake technology advances and becomes more accessible, these attacks will likely increase in frequency and become more challenging to detect. The future of payment security will likely rely on more sophisticated, technology-driven tools capable of identifying deepfakes in real time. Additionally, closer collaboration between private payment protection companies and security firms and the implementation of
regular audits and employee training will be critical in developing systems and frameworks that can stay ahead of this evolving threat.
Q. Why are Deepfake scams such a significant threat to B2B payment security, and how are they used in fraud?
A. Deepfake AI poses a serious risk to B2B payment security by enabling cybercriminals to impersonate trusted individuals or entities with alarming accuracy. Criminals can create deepfake videos or audio messages of executives—such as CEOs, CFOs, or Treasurers—directing employees to authorize fraudulent transactions or redirect payments. Without proper verification protocols, these impersonations can lead to substantial financial losses, data breaches, and reputational damage.
Deepfakes can be deployed in multiple ways to manipulate payment systems.
For example:
- Executive Fraud: Scammers create deepfake content mimicking a senior executive to pressure employees into transferring funds to fraudulent accounts.
- Invoice Manipulation: Attackers use deepfake-generated voices or signatures to alter
payment details or submit fake invoices, tricking finance teams into processing
unauthorized payments. - Social Engineering Attacks: Cybercriminals craft realistic deepfake communications
from clients or vendors requesting sensitive information or urgent payments.
These attacks are especially dangerous because they are designed to bypass traditional security measures like email verification or invoice checks. Even well-trained staff can be deceived, highlighting the critical need for multi-factor authentication, independent and
technology-based account validation technology, and robust employee training to
mitigate these risks.
Q. Is there a specific case that serves as a wake-up call for businesses about deepfake fraud?
A. Consider this scenario: you’re on a video call with your company’s CFO. They appear exactly as you’ve always known them—the same voice, mannerisms, and familiar expressions you’ve observed over years of meetings. They urgently request a multi- million-dollar transfer to a vendor’s account for a time-sensitive deal. Would you question it?
This is exactly how the $25 million deepfake scam in Hong Kong unfolded. Attackers used advanced AI to create a highly realistic video of the CFO and conducted a live video call with an unsuspecting employee, completely mimicking the CFO’s appearance and behavior. By leveraging trust, authority, and a sense of urgency, the scammers persuaded the employee to bypass standard verification procedures and approve the transfer. By the time the fraud was discovered, the funds were long gone.
What makes this case so alarming is how authentic the deception was—these are not basic scams but sophisticated and carefully planned schemes. The distinction between real and fake is increasingly blurred, leaving companies at risk. Without advanced, technology-based protections—such as deterministic account validation and deepfake fraud detection tools—any business could fall victim. In today’s landscape, even seeing and hearing can no longer be trusted.
Q. How can companies stay ahead of deepfake-related risks?
A. Staying ahead of deepfake attacks involves continuous investment in technological,
automated security solutions, regular employee training, and raising awareness and alertness to unexpected or unusual payment requests.
Businesses should also conduct regular security audits of their Master Vendor Files (MVF) and ERP systems, stay informed about emerging AI threats, and implement proactive measures such as automated fraud detection technologies. By adopting strong security protocols and keeping abreast of technological advancements, companies can stay one step ahead of cybercriminals and protect their financial systems from fraud, including deepfake attacks.
Q. How does nsKnox’s solution protect companies from deepfake attacks?
A. nsKnox PaymentKnox™ solution protects companies from deepfake attacks by offering a multi-layered approach to continuously verify account ownership and protect payments throughout the transaction journey. It focuses on deterministically verifying account data based on details from the banking system instead of trusting or trying to confirm the source.
nsKnox ensures that every transaction adheres to a verified payment process, making it extremely difficult for fraudsters to carry out deepfake impersonations or manipulations. This robust, multi-layered verification system offers companies a powerful defense against evolving threats like deepfakes, safeguarding payment security and maintaining trust across the entire B2B transaction process.
Deepfake AI presents a severe and growing threat to B2B payment security. Businesses must adopt robust safeguards and remain vigilant to mitigate the risks posed by this emerging technology. While the threat landscape evolves, so must our defenses against it.
