Trust me, I’m (not) real: deepfakes fuel the latest scams

Imagine watching an influencer or a friendly expert giving easy tips to quickly boost your finances. They sound trustworthy. They look professional. But what if that person doesn’t exist? Or worse, what if they’re a synthetic creation powered by artificial intelligence?

Welcome to the era of deepfake-enabled cybercrime. Attackers are now using deepfake videos, AI-generated personas, and even hired actors to build trust, and then break it. These deceptive tactics are at the heart of many of today’s most effective scams. You can read more detailed insights and data in our full Q1/2025 Threat Report.

Deepfakes and AI personas: a dangerous blend

Cybercriminals are now using AI-generated personas and deepfake technology to create convincing, relatable characters in scam videos. These aren’t just faceless voiceovers or text instructions, these are human-like personas who look you in the eye and calmly walk you through the steps to infect your own device.

• Fake influencers in action: One notable example was a persona that went by the pseudonym "Thomas Harris" (also seen as Thomas Roberts or Oscar Davies), an entirely fake video influencer pushing financial tools that don’t exist. Victims follow along with the video’s instructions, thinking they’re getting an edge in trading, but actually end up installing malware.
• Professional-looking scam videos: These videos are often hosted on compromised YouTube accounts as unlisted videos and promoted via YouTube’s ad network. That means they’re specifically targeted to reach users already interested in related topics, making the scam even more believable.

When deepfakes meet crypto scams: The CryptoCore case

Beyond fake influencers, threat actors are also leveraging deepfakes in high-stakes financial crime. As highlighted in our Q1/2025 Threat Report, the infamous CryptoCore group reemerged with a new tactic: using deepfake videos of public figures to promote a cryptocurrency investment scam.

• Stolen identities: Public figures, including tech executives and financial analysts, had their likenesses recreated using deepfake technology.
• Massive financial losses: The campaign—spread through hijacked YouTube accounts—tricked victims into making nearly $4 million in fraudulent transactions across 2,000+ incidents.

This marks a new level of sophistication in scam execution. The combination of brand hijacking, synthetic media, and strategic video placement made these campaigns alarmingly effective.

Scams with a face: deepfakes that talk you through it

Scam-Yourself attacks—where users are tricked into manually installing malware—have also evolved with deepfake enhancements. Fake personas now walk viewers through the entire infection process:

• Trading bot scams: Deepfakes or actors instruct users to copy malicious code into cryptocurrency platforms.
• Fake browser updates: Sophisticated deepfake actors guide users to download what appear to be browser updates, which are actually malware installers.
• FakeCaptcha tactics: Even CAPTCHA puzzles can be used in conjunction with deepfakes to lure users into clicking and downloading hidden threats. These attacks now span both Windows and macOS platforms.

How to spot and stop deepfake-powered scams

Deepfake content is harder to detect, but not impossible. Here’s how to stay ahead:

1. Be skeptical of "too good to be true" advice: Especially when it involves money or software downloads.
2. Cross-check influencers and channels: Search for the video’s host independently—check if the channel is verified, or if the persona appears on any legitimate platform.
3. Don’t trust direct instructions from random videos: Be especially cautious if a video is walking you through steps involving crypto platforms, downloads, or browser settings.
4. Use trusted security tools: Norton antivirus includes features that can block malicious links, downloads, and suspicious sites—even if the scam looks legitimate.

As deepfake technology becomes easier to access, scammers will continue using it to blur the line between real and fake. Staying informed and cautious is your best defense.