Gartner Deepfake Data 2026: 41% Audio, 35% Video Attacks | Breacher.ai
The One Defense That Stops Deepfakes
Is Brutally Effective.
Awareness Training Never Tests It.
Gartner's 2026 research puts 41% of deepfake-plus-social-engineering attacks on audio calls and 35% on video — and prescribes the fix in the same breath: second-channel verification, and training on realistic scenarios rather than synthetic-media theory. The control works almost every time it's executed. The problem is that awareness training teaches the policy and never tests whether it holds. Here's what Gartner found, and how to operationalize it.
The Threat Moved to Voice and Video
Gartner's May 2026 research on deepfake identity impersonation put hard numbers on a shift practitioners have felt for a year: synthetic media has moved off the novelty shelf and into live calls. In a survey of cybersecurity leaders, 41% reported a deepfake combined with social engineering on an audio call, and 35% on a video call. A separate Gartner survey put roughly 62% of organizations at one or more deepfake incidents in a single year.
Read the channel split again, because it sets up the whole problem. The attacks are landing on voice and video — the two surfaces almost no security program rehearses. Most teams still measure readiness by who clicks a phishing email. That metric was built for a threat attackers moved past a year ago, and Gartner data suggests only about 10% of security leaders currently prioritize deepfake recognition in their awareness programs at all.
That gap — between where the attacks land and where the training points — is the entire story. And the fix is not the one most teams reach for first.
Policy, Procedure, Process: Brutally Effective. Awareness Training Never Tests It.
Here's the part that gets lost in the alarm: Gartner doesn't just diagnose the threat, it prescribes the fix — and the fix is process. Gartner's remediation guidance is explicit that approval flows should assume a convincing face or voice can be faked, and that second-channel verification should gate any payment triggered by voice or video. Callback protocols, dual authorization, out-of-band confirmation. Written into policy, drilled into procedure, and actually executed, it works almost every time. The attack dies the instant someone hangs up and dials a known number to confirm. No model, no vendor, no detection arms race required.
The defense is brutally effective — but only as real as its execution under pressure. And execution under authority and urgency is the exact thing awareness training never measures.
And Gartner is just as explicit about the training side: it tells security leaders to drill teams on realistic social-engineering scenarios, not synthetic-media theory. That distinction is the whole game. A training module teaches the policy — a slide says "verify on a second channel," people nod, pass the quiz, and move on. That proves they can recognize the right answer in a classroom. It proves nothing about what they do when a deepfaked CFO is on the line, demanding the wire clears before market close, and pushing back the moment they hesitate.
Knowledge is not behavior. Comprehension is not muscle memory. You can have the policy written, the procedure documented, and the training completed — and still have no idea whether any of it holds when the attack arrives. The only honest test of a process is to run the attack against it — which is precisely the realistic-scenario testing Gartner points security leaders toward, and precisely what slideware can't deliver.
Why Detection Won't Close the Gap
The reflex, faced with a synthetic-media threat, is to buy a synthetic-media detector. Gartner's own guidance is blunt about why that fails as a primary control: deepfake detection is probabilistic, its benchmarks are immature, and the generation tools improve faster than the point products chasing them.
The telemetry backs that up. iProov's 2026 Threat Intelligence Report recorded a 1,151% increase in attacks injecting synthetic media directly into identity systems on iOS in the second half of 2025 alone. The cost of producing a convincing fake is collapsing while the quality climbs. Any defense premised on reliably spotting the fake is racing a curve it cannot win.
A face you recognize and a voice you trust are no longer evidence of who you're talking to. Treating them as proof is the vulnerability.
Detection has a place as one layer. But the control you stake an authorization decision on cannot be "we'll notice it's fake." It has to be a process that doesn't care whether the face and voice are real — because it verifies through a channel the attacker doesn't control.
The Four Shifts That Should Change Your 2026 Plan
Pull the research together and four shifts rise above the rest. Each one tells security leaders something different about where to put time, budget, and program attention before the next breach cycle hits.
The Attack Surface Is Voice and Video
41% of organizations were hit by a deepfake-plus-social-engineering attack on an audio call; 35% on video. These are the two channels email-centric awareness programs never simulate. Email security gateways don't see them, and most training doesn't rehearse them — so the channels where attackers are winning are the channels nobody is testing.
- 41% audio-call incidence
- 35% video-call incidence
- 62% any deepfake in 12 months
- Bypasses email security
- Unrehearsed by training
- Synchronous, live-pressure attacks
Detection Is Probabilistic, Not a Control
Gartner is explicit that deepfake detection is probabilistic and its benchmarks immature, while generation improves monthly. iProov tracked a 1,151% jump in synthetic-media injection attacks on iOS in late 2025. The fake is getting cheaper and better faster than the detector. Any defense premised on spotting it is racing a curve it loses.
- Detection is probabilistic
- Benchmarks immature
- 1,151% injection-attack surge
- Generation outpaces detection
- Useful as a layer only
- Not an authorization control
Process Is the Only Defense That Holds
This is Gartner's prescribed control: second-channel verification, callback protocols, and dual authorization that defeat the attack regardless of how convincing the synthetic media is — because they verify through a channel the attacker doesn't control. Written into policy, drilled into procedure, executed under pressure, this stops deepfake social engineering almost every time. It needs no model and no vendor.
- Second-channel verification
- Mandatory callbacks
- Dual authorization
- Channel-independent
- Defeats any-quality fake
- No detection arms race
Training Teaches the Policy. It Doesn't Test It.
Gartner tells leaders to train on realistic scenarios, not synthetic-media theory — yet only about 10% prioritize deepfake recognition in awareness programs, and even where they do, training measures comprehension, not behavior under fire. A passed quiz is not a held process. Knowledge of the verification policy does not predict whether a finance clerk applies it when a cloned executive is pressuring them in real time.
- ~10% prioritize deepfake training
- Measures comprehension
- Not behavior under pressure
- Knowledge ≠ muscle memory
- Completion ≠ capability
- Untested process is unproven
Same Attack, Two Eras — One Defense
The mechanics of the attack haven't fundamentally changed. What changed is how convincingly it can be delivered. Look at the two versions side by side and the important thing becomes obvious: the defense is identical in both columns.
Knowledge-Based Impersonation
A caller claims to be a locked-out executive or a known vendor, references real internal context pulled from open-source intelligence, and pressures the target into a reset, a wire, or an access grant. Scripted urgency and borrowed authority do the work.
- OSINT-driven impersonation
- Scripted urgency and authority
- Voice or chat delivery
- Targets help desk, AP, EAs
- Defeated by process, not training
- Decades old, still effective
Deepfake-Augmented Impersonation
The same attack — but the voice is cloned from a 30-second clip and the face is rendered live on a video call. Gartner's 41% audio and 35% video figures are this column. The pretext is now authentically delivered across the exact channels training ignores.
- Voice cloning from public audio
- Live video face rendering
- Multi-channel coordination
- Targets the same high-value roles
- Same process control defeats it
- Documented as operational by Gartner
The defense does not change between columns. Process resilience doesn't care which era the attack arrived from. A help desk that requires out-of-band verification before resetting credentials stops the scripted caller and stops the deepfaked one. The synthetic media raises the believability; it does nothing to the control.
From the Field: What Happens When We Actually Test the Process
The action rate is the number that should reframe how leaders think about their programs. A click is the opening move; the breach is the completed action — a credential surrendered, a payment approved, a remote session opened. At an 11.7% median action rate, roughly one in nine targeted users went all the way through a synthetic-media-driven scenario. And 78% of tested organizations rated highly vulnerable, with only 8% showing no meaningful susceptibility.
Here is the part that matters most against Gartner's data. Many of these organizations already had verification policies on the books and had run conventional awareness training. It didn't move their results in any meaningful way. The policy existed on paper. It had simply never been tested under a realistic attack — so when one arrived, the process folded exactly where the policy said it shouldn't.
The policy existed on paper at most of these organizations. It had never been tested under fire — and 78% still rated highly vulnerable.
What This Means for Your Program
Read together, Gartner's 2026 findings and the field data form one coherent argument: the control that works is already known and brutally effective, the attacks have moved to channels the control is rarely tested on, and the gap between a written policy and a proven one is where the breach happens.
Teach the Policy
Annual modules. Quarterly email phishing campaigns. A verification policy in the handbook. Click-rate dashboards reported to the board. Completion measured, capability assumed. Built for the 2018 threat surface and still in production.
- Email-only simulation
- Completion as the KPI
- Policy published, not tested
- Generic content across roles
- Comprehension, not behavior
- Misses voice and video entirely
Test the Process
Voice and video deepfake scenarios run against the exact workflows that move money or grant access. Help desk, AP, executive assistants, and IT pressure-tested with role-specific pretexts. Process resilience measured, not just clicks. Calibrated to where Gartner says the attacks land.
- Multi-vector simulation
- Process resilience as the KPI
- Verification tested under pressure
- Role-specific scenario design
- Behavior, not just knowledge
- Maps to the real attack surface
The concrete moves map directly onto Gartner's own recommendations. Simulate across voice and video, with scenarios tailored to the roles attackers actually target — help desk, finance, executive assistants, anyone with reset authority or wire approval. Make second-channel verification a control you test, not a policy you publish — run the deepfaked executive at your AP team and watch whether the callback actually happens. And measure the process outcome, not the click: whether the wire was held, the reset refused, the session denied. Gartner names the controls and the training approach; this is what executing them looks like.
None of this requires winning a detection arms race. It requires proving that the cheap, durable control you already believe in survives contact with a convincing fake — before a real adversary runs that test for you.
The Bottom Line
Gartner's 2026 data is the clearest signal yet that deepfake social engineering has moved into live voice and video — 41% on audio calls, 35% on video — while detection remains probabilistic and most programs still point at email. The defense isn't a mystery. Second-channel verification is brutally effective and always has been.
The failure isn't the control. Gartner prescribed it — second-channel verification — and prescribed the training approach to match: realistic scenarios, not theory. The breakdown is that organizations publish the policy and never test it. Our field data makes the cost of that gap concrete: workforces with verification policies on the books still folded, 78% rated highly vulnerable, and nearly one in nine targeted users completed a full compromise. A policy you haven't tested under fire isn't a control. It's a hope.
The teams that treat verification as a process to be tested — not a policy to be published — will be the ones still standing when the call comes that sounds exactly like the CEO.
Frequently Asked Questions
Direct answers to the questions security leaders, CISOs, and risk owners ask most often about Gartner's 2026 deepfake research and how to translate it into program decisions.
Gartner's May 2026 research on deepfake identity impersonation found that 41% of organizations experienced a deepfake combined with social engineering on an audio call, and 35% on a video call, based on a survey of cybersecurity leaders. A separate Gartner survey found roughly 62% of organizations experienced at least one deepfake incident in the prior 12 months. The key shift is that synthetic media has moved from a novelty into live voice and video calls — the two channels most awareness programs never simulate.
Because it shows where attacks are actually landing. With 41% of incidents on audio calls and 35% on video, deepfake social engineering is overwhelmingly a voice-and-video problem. Most awareness programs still measure readiness by who clicks a phishing email — a metric built for a threat model attackers moved past. Email gateways don't see voice and video attacks, and training doesn't rehearse them, so the channels where attackers are winning are precisely the channels organizations aren't testing.
Not reliably. Gartner's own guidance is that deepfake detection is probabilistic, its benchmarks are immature, and the generation tools improve faster than the point products chasing them. iProov's 2026 Threat Intelligence Report recorded a 1,151% increase in attacks injecting synthetic media directly into identity systems on iOS in the second half of 2025. Detection is a useful layer, but not a control you can stake authorization decisions on. The defense that holds is procedural, not technical.
Second-channel verification — never letting voice or video alone authorize a payment, a credential reset, a payroll change, or a data release. Written into policy, drilled into procedure, and executed, it stops the attack almost every time, because the moment a target confirms through a known channel, the impersonation collapses. It needs no model, no vendor, and no detection arms race. The catch is that it only works if people apply it under authority and urgency — exactly the condition awareness training never measures.
Awareness training teaches the policy; it doesn't test whether the policy holds under pressure. A slide says verify on a second channel, people pass the quiz, and the program reports completion. That proves they can recognize the right answer in a classroom — not what they do when a deepfaked executive is demanding an urgent wire and pushing back when they hesitate. Knowledge is not behavior. Gartner data also indicates only about 10% of security leaders prioritize deepfake recognition in training, so even the teaching is thin. The only honest test of a process is to run the attack against it.
Across Breacher.ai's deepfake-augmented multi-vector engagements, 92% of organizations were vulnerable to deepfake social engineering and 78% rated highly vulnerable. 63% of users could not distinguish synthetic media from real. The median click rate was 14.4% and the median completed-action rate was 11.7% — roughly one in nine targeted users going all the way through. Critically, many of these organizations already had verification policies on the books, and their results didn't meaningfully improve because of it.
Three changes are warranted. First, simulate across voice and video, not just email, because that's where 41% and 35% of attacks are landing. Second, shift the metric from individual click rates to whether organizational processes hold under manipulation — help desk resets, AP wire approvals, executive verification chains. Third, treat second-channel verification as a control to be tested, not a policy to be published: run controlled deepfake scenarios against the exact workflows that move money or grant access, so the verification habit is built before a real adversary tests it.
Gartner statistics referenced in this article are drawn from Gartner research on deepfake identity impersonation published in May 2026 and related Gartner survey data on generative-AI attacks and cybersecurity awareness programs; figures should be verified against your organization's Gartner license. The iProov figure is from the iProov 2026 Threat Intelligence Report, and the human-element figure is from the 2026 Verizon Data Breach Investigations Report. Breacher.ai engagement data reflects aggregate results from client engagements using the OSES™ (Orchestrated Social Engineering Simulations™) methodology.
Test the Process Before an Attacker Does
Gartner shows where the attacks are landing. The harder question is whether your verification process holds when one reaches your help desk, your AP team, or your CEO's calendar. Book a 30-minute scoping call and we'll walk through your highest-risk voice- and video-triggered paths and design a realistic deepfake simulation calibrated to your organization.
Latest Posts
Table Of Contents
About the Author: Jason Thatcher
support@breacher.ai
