How Do We Engage with Customers?

We know that running a business keeps you busy, so we handle everything—from designing and deploying realistic deepfake scenarios to analyzing and improving your team’s response. Our approach is built to make the process as seamless as possible for you, while delivering high-impact training and insights.

Consultation & Scenario Design

We start by collaborating with your security team to understand your organization’s structure, key decision-makers, and areas most at risk for impersonation. Together, we identify high-value targets, such as executives, finance heads, or HR managers—those whom attackers are most likely to impersonate due to their influence and authority.

Our process is streamlined because we already have a library of scenarios based on real-world attacks. These scenarios include high-risk situations like the infamous case where a fake CFO’s voice prompted an employee to transfer millions, or the UK incident where a cloned CEO’s voice convinced an employee to make a substantial payment. By combining scenarios from our extensive library with specific insights from your organization, we create simulations that are both realistic and relevant.

Deepfake Creation

Once the targets and scenarios are defined, we move to the deepfake creation phase. We gather a simple photo and a brief 1-2 minute audio clip from each targeted individual. With this input, we generate high-fidelity video or audio deepfakes that accurately mimic their voice and appearance, making the simulations as close to reality as possible.

Attackers use similar tactics; in the UK, a cloned CEO’s voice led to a $243,000 theft because the impersonation was so convincing. By using the same technology in a controlled setting, we give employees a firsthand look at the authenticity of these attacks, helping them understand the importance of scrutinizing unusual requests, even from familiar sources.

Execution of Simulation

With realistic deepfakes prepared, we deploy the simulations across multiple channels to reflect the tactics real attackers use. Attackers don’t limit themselves to one form of communication, and neither do we. Our simulations span video conferences, voice calls, emails, so employees experience threats in various formats.

For instance, in the Retool breach, attackers used both SMS phishing and a deepfake voice call to deceive an employee. By running simulations across different channels, we ensure employees are prepared to spot deepfake threats regardless of the delivery method, reinforcing their ability to remain vigilant in any situation.

Reporting

After running the simulations, we provide a detailed report that highlights employee responses through key KPIs. We track metrics like Engagement Rate (percentage of employees who interacted with the simulation), Compliance Rate (how many followed through with the request), and Reporting Rate (those who flagged the suspicious activity). These KPIs help you pinpoint where your team is strong and where additional training may be beneficial, offering a clear picture of both strengths and vulnerabilities in your team’s response to deepfake threats.

Employee Education

The simulations aren’t just about testing; they’re a key part of educating employees. After the exercise, we walk employees through what to watch for in future interactions and explain how attackers use urgency, authority, and familiarity to manipulate their targets.

We also include real-world examples, such as the case of a fake “CEO” pressing an employee for sensitive information, which led to a costly financial loss. By learning these tactics, employees can better understand the risks and learn to think critically, even when a request seems routine. This education phase turns the simulation into a learning experience, strengthening employees' ability to recognize and resist these types of attacks.

Control Recommendations

Based on the simulation outcomes, we provide customized recommendations to bolster your organization’s defenses. These could include updating verification processes, adding extra authentication steps, or implementing regular training enhancements. Each recommendation addresses the specific vulnerabilities identified in the simulation.

For example, if employees quickly trusted an email-based request, we might recommend implementing a secondary verification step for large transactions. If a video call simulation was convincing, we may suggest protocols for additional identity verification, especially for sensitive requests. These tailored recommendations ensure your organization’s security practices evolve to meet new deepfake threats.

Conclusion

Through these steps, we empower organizations to turn a human vulnerability—trust—into a robust line of defense. By simulating realistic, high-stakes deepfake attacks, we give employees the tools they need to recognize and respond to evolving threats.

To maintain and strengthen this readiness, we recommend periodic re-runs of the simulations to track improvements over time and ensure that employees stay sharp, responsive, and prepared as deepfake tactics continue to evolve.