Do I Need to Worry About Deepfakes in My Business? 

Dear Will & AiME, 

We’ve seen a few stories about executives being impersonated using AI-generated video and voice. It feels like something that happens to celebrities or politicians, but should we be thinking about this as a real business risk? 

— Communications Director, New York

Dear Communications Director, 

Deepfakes and voice cloning have moved from novelty to operational risk faster than most companies expected. The technology is cheaper, more accessible, and increasingly convincing, making it relevant for any organization with a brand, leadership team, or customer-facing presence. 

Impersonation at scale is now possible, and organizations need verification systems that match. 

How AI Voice and Video Cloning Works

AI-generated audio and video can now replicate a person’s voice, likeness, and mannerisms with minimal source material. A short clip from a webinar, earnings call, or social post can be enough to create a believable imitation. 

That opens the door to business-targeted attacks. Recognizing these patterns helps you defend against them: 

• Fake executive messages authorizing payments  

• Synthetic customer support interactions  

• Manipulated video statements impacting brand reputation  

• Impersonated employees in social engineering attacks  

Understanding this evolution of phishing and fraud helps you build stronger defenses. 

How Deepfakes Threaten Brand Trust

Brands are built on trust, consistency, and recognition. When customers, partners, or employees can’t reliably distinguish between real and synthetic communications, confidence erodes. Clear authentication protocols prevent this. 

Companies with visible leadership and active digital engagement face higher exposure. Manage this by being intentional about what content you publish and how you verify communications. 

Legal Protections Against Deepfakes and Voice Cloning

From an intellectual property perspective, this area is still developing. Focus on what you can control now. 

• Voice and likeness rights may be protected under publicity rights, unfair competition laws, or emerging deepfake-specific regulations. Track these developments and engage counsel to stay ahead. 

• Copyright offers limited protection here, so supplement legal strategies with operational safeguards. 

• Review your agreements to address impersonation risk, authentication protocols, and responsibility for fraudulent instructions. 

Businesses must act proactively because by the time legal action is taken, the damage, whether financial or reputational, may already be done. 

How to Defend Your Business Against Deepfakes

Integrate deepfake defense into your broader cybersecurity and brand protection strategy. 

Start with internal controls: 

• Require multi-factor or secondary verification for financial transactions and sensitive requests.  

• Avoid relying solely on voice or video approvals for high-risk actions.  

• Train employees to recognize that “seeing or hearing” is no longer proof of authenticity. 

Then look externally: 

• Monitor for misuse of executive identities or brand assets online. 

• Establish rapid response protocols for suspected impersonation incidents. 

• Consider how your brand communicates authenticity (e.g., verified channels, consistent formats). 

Think about content strategy: 

• Be aware that public-facing audio and video can be used as training material. 

• Balance visibility with risk, especially for senior leadership. 

Address deepfakes as a trust and verification challenge. Design your processes to verify authenticity rather than assuming what people see and hear is real. 

— Will & AiME 

Three Takeaways: 

1. Treat deepfakes as a scalable business risk and build verification into your processes. 

2. Prioritize prevention and process design over reliance on evolving legal protections. 

3. Build verification protocols into high-stakes decisions.