Deepfake Deception: Weaponizing AI-Generated Voice Clones in Social Engineering Attacks

As deepfake technology rapidly evolves, its application in social engineering has reached a new level of sophistication. This talk will explore a real-world red team engagement where AI-driven deep fake voice cloning was leveraged to test an organization’s security controls. Through extensive research, we examined multiple deepfake methods, from video-based impersonation for video calls to voice cloning for phishing scenarios. Our findings revealed that audio deep fakes were the most effective and hardest to detect by human targets.

In recent engagements, we have successfully cloned executives' voices using audio samples extracted from publicly available podcast interviews. Trained AI models were then developed to convincingly replicate these targeted voices. These custom models were deployed on social engineering campaigns combined with call spoofing to build team awareness regarding sophisticated threat actor techniques.

This talk will provide attendees with an in-depth look at how threat actors exploit deepfake technology, the technical process of voice cloning, and the implications for enterprise security. We will also discuss countermeasures and detection techniques that organizations can implement to mitigate these emerging threats.

About the Presenter: Dave Falkenstein

David Falkenstein spends his days as the Red Team Tech Lead at IOActive. His experiences span across red team operations, vulnerability research, social engineering, and adversary emulation, with a focus on developing malware, breaking and entering into secure facilities, and researching cutting-edge tradecraft. David’s work blends technical depth and real-world applications to enhance red team capabilities. His current research explores the use of deepfakes in red team operations, pushing the boundaries of human-centric attacks