Does Your Awareness Training Platform Work Against AI Deepfakes?

Most security awareness training platforms were designed for email phishing. They are not designed to defend against modern AI-powered social engineering that uses voice cloning, deepfake video, and multi-channel attack chains.

Do Most Awareness Training Platforms Protect Against Deepfakes?

No. Most awareness training platforms do not adequately prepare employees for AI-driven social engineering attacks.

Traditional platforms focus on single-channel email phishing and visual red flags. Modern attacks use voice, video, SMS, and live interaction, often in carefully sequenced stages. Research and assessment data show that visual detection and “spot the fake” training does not translate into reliable protection against these attacks.

What Does Research Show About Human Ability to Detect Deepfakes?

Research shows that humans cannot reliably detect deepfakes, even with training.

A 2024 meta-analysis by Diel et al., synthesizing 56 peer-reviewed studies with 86,155 participants, found that overall human detection accuracy was 55.54%, with confidence intervals crossing 50%. This means performance was not statistically better than chance across image, audio, and video deepfakes.

Detection accuracy by modality:

• Audio deepfakes: 62.08%

• Video deepfakes: 57.31%

• Image deepfakes: 53.16%

The critical implication is clear: training employees to visually identify deepfakes does not work at scale.

How Poor Is Human Performance in Real-World Deepfake Detection?

Independent research reinforces that human performance degrades further in realistic conditions.

The iProov Deepfake Blindspot Study (2025) found that only 0.1% of participants correctly identified all deepfake samples shown to them. This demonstrates not just low average accuracy, but extreme inconsistency across individuals.

At the same time, AI-generated phishing campaigns achieve dramatically higher engagement, with reported click rates of 54% compared to 12% for manually created phishing.

Voice cloning further lowers the barrier to entry. High-quality voice clones can now be created from just 3–5 seconds of audio, enabling scalable impersonation attacks against executives and trusted staff.

Why Are Deepfake Attacks Massively Underreported?

Deepfake fraud is systematically underreported, meaning public figures significantly underestimate the real scale of the problem.

There is no mandatory disclosure requirement for deepfake-enabled fraud in most jurisdictions, unlike regulated data breaches. Organizations often choose silence to avoid reputational damage, executive scrutiny, or investor concern.

As a result, the incidents we see publicly represent the floor, not the ceiling, of actual deepfake-driven losses. This underreporting gap is a critical blind spot for boards and risk committees.

Why Awareness Training Fails Even When Employees “Know Better”

Training alone does not prevent policy violations.

The Proofpoint 2024 State of the Phish Report found that 68% of employees knowingly break security policy, despite having received training. This demonstrates that awareness does not reliably translate into compliant behavior under pressure

Deepfake attacks exploit authority, urgency, and trust — conditions where policy adherence is most likely to fail.

How Do Modern AI Social Engineering Attacks Actually Work?

Modern attacks rely on channel chaining, not single interactions.

As demonstrated in the embedded video on this page, attackers use multi-step playbooks to build credibility before making the request:

• Voicemail drop using a cloned executive voice

• iPhone Safe Links bypass, where voicemail transcription unlocks clickable SMS links

• Follow-up SMS that appears trusted due to prior interaction

• Escalation to live video or voice call once trust is established

Each step reinforces legitimacy and reduces suspicion before the final ask.

Why Click Rates Alone Do Not Measure Real Security Resilience

Click rates measure interaction, not impact.

An employee can avoid clicking a link yet still comply with a fraudulent voice or video request later in the attack chain. Conversely, an employee may click but then escalate appropriately.

Focusing solely on click rates creates a false sense of security and does not reflect real-world risk exposure.

What Is Breacher.ai’s Five-Dimension Testing Framework?

Breacher.ai evaluates resilience across five dimensions, not just user behavior:

1. Users – Do individuals comply, escalate, or verify?

2. Processes – Are verification and approval workflows followed?

3. Technology – Do controls block or log attack steps?

4. Workflows – Do cross-channel attacks bypass silos?

5. Training effectiveness – Does training change behavior under pressure?

This approach reflects how attacks actually succeed — through compound failures, not single clicks.

How Should Boards and Compliance Teams View Deepfake Risk?

Deepfake resilience is increasingly a governance and compliance issue, not just a security one.

Regulatory frameworks such as DORA and NIS2 emphasize operational resilience testing, scenario-based validation, and control effectiveness — not checkbox training completion.

Cyber insurers are also beginning to request evidence of advanced testing, moving beyond basic phishing simulations toward proof that organizations can withstand AI-enabled social engineering.

Key Takeaway for Security and Risk Leaders

Most awareness training platforms were not built for deepfakes.

Human detection does not work. Visual cues are unreliable. Click rates are insufficient. And reported incidents significantly understate the true scale of the threat.

Effective defense requires verification-first training, multi-channel testing, and resilience measurement across people, processes, and technology — exactly where traditional platforms fall short.