How can I spot a deepfake?

Increasingly, you can't — at least not by inspection alone. Video and audio deepfakes have improved past the ‘obvious uncanny valley’ stage for most viewers. The defensive move shifts from detection (looking at the artifact) to verification (checking the source and provenance). Don't trust a single video; trust corroboration across sources.

What's the realistic threat to me personally?

Three categories. (1) Financial fraud — voice clones impersonating relatives requesting urgent money. (2) Reputational attack — image or voice deepfakes of you used to harass or extort. (3) Political / civic manipulation — deepfakes of public figures shaping elections or markets. The first two have specific defences; the third is harder to address individually.

How do I protect family from deepfake voice scams?

Agree a verbal password or fact-check question with close family that you'd use to verify identity in an urgent phone call. ‘What did we have for dinner on Mum's birthday last year’ — something an attacker can't research from public information. Most voice-clone scams fail when verification is requested.

Is platform moderation solving this?

Slowly, partially, unreliably. Platform incentives don't fully align with truth labelling, and enforcement is patchy across regions and topics. Civic verification will probably remain a personal-skill issue for the foreseeable future. Don't outsource judgment to platforms.

Should I stop sharing on social media?

Calibrate by what you'd be okay seeing weaponised. Voice content (podcasts, voice notes shared widely) and video are higher-risk than text or still images. You don't have to disappear; you can be intentional about what synthetic-media-attack-surface you give.

What about ‘news’ disinformation?

Most disinformation that affects political and financial decisions isn't deepfaked imagery — it's plain text that's emotionally engineered. Source diversification (don't read only one tribe), reading the strongest critic of any claim you're about to act on, and slowing down before sharing all help.

Deepfakes and disinformation

Where the capability is today

Voice cloning from a few seconds of audio is widely available and convincing. Video deepfakes of public figures are good enough to fool casual viewers, particularly in low-resolution social-media playback. Image generation produces realistic photos of people who don't exist, and increasingly convincing edits of people who do.

All of these are improving rapidly. We'd label the current state as ‘moderate evidence of widespread capability’ under our evidence policy, and the future trajectory as ‘speculative on timing, near-certain on direction.’

Three threat categories

Financial fraud. Voice clones impersonating relatives or executives requesting urgent transfers. The most common direct-harm version today. Defensible with verification protocols.
Reputational attack. Image or voice deepfakes of an individual, used for harassment, blackmail, or smear campaigns. Most concerning for women, public figures, and people in contentious public roles. Often involves intimate imagery.
Civic / political / market manipulation. Deepfakes of public figures shaping elections, markets, or international relations. Harder to defend individually; partially mitigated by media literacy and slower reading.

Verification over inspection

The reliable defensive shift is from looking at the artifact to checking its provenance. Three working filters:

Source. Where did this originally come from? Is the original publisher one you'd trust with money?
Corroboration. Are multiple independent sources reporting the same thing? A breaking event that exists only on one social media account is suspicious until corroborated.
Temporal check. When was this published? Old material recycled out of context is one of the most common disinformation patterns; a clip from three years ago presented as today.

For high-stakes claims, additional checks: reverse image search; check the named source independently; look for reporting from outlets with reputational accountability rather than viral accounts.

Personal defences

The practical protocol for individuals:

Family verification protocol. A verbal password or fact-check question for urgent phone-based money requests. Tell every close family member. Use it.
Slow your ‘urgent’ response. Most fraud relies on time pressure. If a message says ‘act now,’ assume that's the threat signal and verify through a different channel.
Watch your voice / image exposure. Be intentional about what voice content you publish. Treat any public voice file as potential attack material.
Have a plan for image-based abuse. If you, particularly women in your life, are targeted with deepfaked intimate imagery — there are reporting channels, legal remedies in many jurisdictions, and image-takedown services. Search ‘deepfake image abuse’ with your local jurisdiction. Don't handle it alone.
For public figures. Active monitoring (Google Alerts, image search), pre-existing relationship with platforms' reporting channels, and a written plan for if a deepfake of you goes viral.

The cheapest civic move you can make: don't share things you haven't verified.

If it's perfectly aligned with your existing views, that's a red flag, not a green light. Motivated reasoning is a built-in vulnerability.
If you're about to share with anger, wait an hour. Most disinformation goes viral on anger.
If the source is anonymous or unidentified, don't amplify until verified.
If you do share something that turns out to be fake, post the correction visibly. Corrections rarely catch up to the original, but they help.

Use the AI claim evaluation worksheetfor any confident claim about AI, deepfakes, or politics that's about to change your behaviour or your shares.

Common mistakes

Trusting your ability to spot deepfakes by inspection.
Sharing emotionally-charged content within five minutes of seeing it.
Treating one social media account as a corroborated source.
Not having a family verification protocol.
Underestimating the threat of voice cloning from public audio.
Ignoring requests to verify because ‘they'd never fool me.’
Forwarding a viral ‘leaked’ clip without checking the date.

Topic: AI risk literacy.
Topic: Digital privacy basics.
Micro-course: AI Risk Literacy.
Worksheet: AI claim evaluation worksheet.
Worksheet: Digital hygiene checklist.
Path: AI-Era Personal Strategy.