Deepfakes & Social Engineering: Why Seeing Is No Longer Believing

14th January, 2026

In today’s digital world, our natural instincts - to trust what we see and hear - are increasingly being exploited.

This became painfully clear recently when social media was flooded with dramatic images and videos claiming to show a major geopolitical event unfolding in real time. The visuals appeared authentic: public figures being detained, missiles striking cities, crowds reacting in the streets. Within hours, millions had seen and shared the content.

The problem? Much of it wasn’t real.

Investigations later confirmed that a significant portion of the imagery had been AI-generated or manipulated, mixed carefully with genuine footage to create a convincing but deeply misleading narrative. In the absence of verified information, advanced AI tools filled the gap - and misinformation spread faster than facts could catch up.

This is not a future problem. It’s happening now.

How AI Has Changed Social Engineering

Social engineering has always been about psychology, not technology. What AI has done is dramatically raise the believability of deception.

Attackers no longer rely on obvious giveaways. Just as phishing emails have evolved to closely mimic trusted brands and real conversations, AI-generated images, videos and voice clips now approximate reality. They don’t need to be perfect - only believable enough to trigger an emotional response and bypass scepticism.

Even experienced professionals are being caught out.

A recent example shared with us involved a convincing deepfake video of a UK political figure discussing tighter controls on personal devices. The video was entirely fabricated - yet realistic enough to cause genuine concern. Incidents like this underline just how fragile “trusting your eyes” has become.

Reverse image searches, AI-detection tools and watermarking technologies can help, but they are not foolproof. When fake content closely resembles real events, uncertainty becomes the weapon - and that uncertainty is exactly what attackers are aiming for.

The Same Manipulation Tactics - Just More Powerful

In cybersecurity, we’ve long warned about classic manipulation techniques:

  • Urgency: “This needs action now.”

  • Authority: “This comes from someone you trust.”

  • Incomplete information: “Details are still emerging.   These same tactics are now playing out visually and audibly at scale. Breaking news, high emotional stakes and convincing AI-generated content push people to react first and verify later - if at all.

Whether it’s a phishing email, a fake phone call, or an AI-generated video, the objective is always the same: get you to believe something before you have time to think.

Why Awareness Alone Isn’t Enough

For organisations, the takeaway is clear: visual and audio content can no longer be trusted at face value, particularly during fast-moving or emotionally charged situations.

But awareness only works if it’s reinforced.

That’s why at AMP we don’t treat security awareness as a one-off exercise. It’s something that needs to be embedded into how people work - little and often.

  • Short, regular training sessions (5-10 minutes at a time)

  • Ethical hacking exercises that deliberately try to catch people out

  • Ongoing conversations, not annual box-ticking exercises

Our mission isn’t to embarrass users - it’s to build confidence, instinct and resilience.

Security Isn’t Just Training — It’s How We Operate

Awareness only works when it’s backed by strong operational discipline.

Alongside training, we enforce tight internal security controls within our own organisation because the way we work sets the standard for how we protect our clients. That includes:

  • Robust identity verification processes

  • Controlled and auditable password reset procedures

  • Clear separation of duties

  • Secure handling of requests that could be socially engineered

We don’t rely on assumptions or familiarity  because attackers don’t either.

Just as importantly, we maintain regular, open communication with our clients. They know we are always at the end of the phone, ready to sanity-check a request, validate something that feels “off”, or talk through a concern before action is taken.

That relationship - built on trust, transparency and accessibility - is one of the strongest defences against social engineering.

Keeping Clients Informed as Threats Evolve

Threats don’t stand still, and neither should communication.

That’s why we actively share intelligence and guidance through:

  • Monthly security newsletters

  • Targeted email alerts when new scams or threats emerge

  • Quarterly cyber events designed to educate and inform business leaders

These sessions are open to our clients, with additional spaces offered to organisations that don’t yet partner with us - because raising awareness across the wider business community benefits everyone.

The Bottom Line

AI has changed the rules. Seeing is no longer believing - and trust now has to be earned through verification, not familiarity.

Whether it’s a phishing email or a hyper-realistic AI-generated video, the risk is the same: acting before thinking.

Technology plays a vital role in defence - but informed, confident people and trusted partnerships remain just as critical.

And in today’s threat landscape, that combination matters more than ever.

Cyber Security Awareness Training (SAT) - Call 0800 368 7730

    Peeling Back the Sticker: Why Cyber Essentials Matters for Accountancy Firms Latest

    Peeling Back the Sticker: Why Cyber Essentials Matters for Accountancy Firms

    Read more Email: Simple, Everyday… and One of Your Biggest Compliance Risks Latest

    Email: Simple, Everyday… and One of Your Biggest Compliance Risks

    Read more The Dark Side of AI & Business Cyber Risk – Unleashed Latest

    The Dark Side of AI & Business Cyber Risk – Unleashed

    Read more
Contact Us

For more information contact us...

    If you need responsive and reliable IT solutions that are tailored to your business, then contact the experts at AMP. Our skilled engineers provide outstanding IT support and technical expertise you can depend on.