Skip to content

Offline Deepfake Tools Are Real. Your CFO Is the Target.

Sotiris SpyrouUpdated on

Share this article

LinkedInXEmail
Offline Deepfake Tools Are Real. Your CFO Is the Target.

Yes, free and offline AI video generators now run on ordinary laptops, with no content filter and no usage cap. That's real, and it's why "deepfake offline" is one of the fastest-growing searches in this space. The part that matters for your business sits one step downstream: when anyone can make a convincing fake of your CFO from a few clips of an old webinar, video stops being proof. This is a board and risk question now, not a curiosity for the tech team.

Let's be straight about what's happened. Open-source video models like Wan, Hunyuan and tools built on Framepack run locally on a consumer GPU. They cost nothing, they don't phone home to a moderation service, and they don't ask why you want a two-minute clip of a named executive. People search "offline AI video generation" and "deepfake offline" for plenty of harmless reasons, hobby animation, privacy, working without a subscription. The same capability also hands a fraudster a studio.

This post isn't a how-to. We won't name install steps or link to model weights. What we will do is the responsible version: what the risk actually is, how you detect and govern it, and what the law now requires.

Why does offline, free deepfake generation matter to a business?

Because the control point most companies assumed was there has gone.

Cloud deepfake tools could, in theory, be policed. The provider sees the prompt, can refuse a named-person request, can log abuse, can hand records to investigators. Offline generation removes all of that. No prompt log, no provider, no filter. The fraudster runs everything on their own machine. There's nothing to subpoena.

For an attacker the maths is simple. Public source material on your executives is everywhere: conference talks, earnings calls, podcast clips, the "meet the team" video on your own site. A few minutes of footage is enough to train a convincing face and voice. Then the same person who used to send a clumsy phishing email can join a video call as your finance director.

That's not hypothetical. In early 2024, an employee at the engineering firm Arup paid out about $25.6 million across 15 transfers after a video call in which every other participant, including a person presenting as the CFO, was an AI-generated fake. The employee had suspected the initial email was a scam. The video call is what reassured them. Hong Kong police said the fraudsters built the deepfakes from publicly available footage of the real staff (Fortune; CFO Dive).

One call. One trusted face. $25 million.

Who is actually at risk, and how?

Three exposures matter most for the buyers we work with: boards, security teams, brand and comms leads, and anyone running a regulated firm.

Risk What it looks like Who feels it first
Executive impersonation fraud Fake CFO or CEO on a call or voicenote authorising an urgent transfer Finance, treasury, the board
Identity-verification bypass Synthetic face injected into a "selfie plus document" onboarding check Fintech, banking, KYC and fraud ops
Brand and reputation attack Fake "announcement" or fake endorsement using your executive's likeness Comms, legal, investor relations

The identity-verification angle is the one rising fastest. iProov's 2025 threat report recorded face-swap attacks up 300% and native virtual-camera attacks up 2,665% against systems that thought liveness detection had them covered (iProov). The follow-up report logged a 741% annual jump in iOS injection attacks (Biometric Update). The tooling to defeat remote onboarding is now a product, sold as a service to people who can't code.

The financial picture matches the technical one. FinCEN issued a formal alert in November 2024 after a measurable rise in suspicious-activity reports tied to deepfake media used to beat identity checks (FinCEN). Deloitte's Center for Financial Services estimates generative-AI-enabled fraud losses in the US could hit $40 billion by 2027, up from $12.3 billion in 2023, a 32% annual growth rate (Deloitte).

How do you detect a deepfake before it costs you?

Don't bet the firm on a detector. Detection of synthetic video is useful and improving, but it's a moving target: as generators get better, the tell-tale artefacts shrink. Treat detection as one layer, not the wall.

The stronger move is to stop trusting the channel and start verifying the process.

  • Break the urgency loop. Most of these frauds run on speed and authority. A fake exec asks for something urgent, confidential, and off the normal path. Make "urgent and unusual payment instruction" trigger a mandatory pause, by policy, regardless of who appears to be asking.
  • Use an out-of-band callback. Re-confirm any high-value or unusual instruction through a separate, pre-agreed channel and a number from your own directory, never one supplied in the suspicious message or call.
  • Add a shared verbal challenge for sensitive approvals. A simple agreed code word, confirmed by a second authorised person, beats any face you can see on screen.
  • Harden remote identity checks. If you onboard customers by video, ask your vendor directly how they defend against injection and face-swap attacks, and ask for their independent test results. "We have liveness detection" is no longer an answer on its own.
  • Adopt provenance where you publish. For content your firm produces, sign it. The C2PA Content Credentials standard attaches signed, tamper-evident metadata recording who made a file, when, and whether AI was involved. It now has thousands of members and production support across Adobe, OpenAI, Google and major camera makers (C2PA; Content Credentials). It won't catch an attacker's fake, but it lets you prove your own content is real, which matters when someone clones your CEO.

Detection finds the fake. Process stops the loss. You need both, weighted toward process.

What does the law now require on deepfakes?

More than most boards realise, and the clock is short.

Under Article 50 of the EU AI Act, anyone deploying AI to create a deepfake must disclose that the content is artificially generated or manipulated. The duty applies even with no intent to deceive: if the content looks or sounds like a real person, it has to be labelled. These transparency obligations apply from 2 August 2026 (EU AI Act, Article 50; transparency guide). The European Commission published draft guidelines in May 2026 setting out who must label what (Greenberg Traurig).

Two things follow for any business touching the EU market. If your marketing or comms team uses generative video, labelling is now a compliance requirement, not a nice-to-have. And the regime is built on transparency, which an offline tool with no filter simply ignores, so the people most likely to break these rules are exactly the ones the law can't reach directly. That pushes the burden onto you to govern your own use and to defend against everyone else's.

The honest gap: Article 50 governs the people who follow rules. A criminal running an offline model won't label anything. Regulation raises the floor for legitimate use. It does nothing to stop the fraud. That's why your internal controls carry the weight.

Frequently asked questions

Is making deepfakes illegal?

The tool isn't illegal in most places. Using it is what's governed. Fraud, impersonation, defamation and non-consensual content are already crimes, and the EU AI Act adds a labelling duty for AI-generated likenesses from August 2026. Building a fake of a named person to authorise a payment is fraud, whatever software made it.

Can you reliably detect an offline deepfake?

Sometimes, not always. Detectors catch many fakes today, but quality keeps improving and detection lags generation. Use detection as one signal, then lean on process controls, callbacks, out-of-band verification and shared challenge phrases, which don't depend on spotting the fake at all.

What's the single highest-value control for a board?

A hard rule that no urgent, unusual or confidential payment instruction is actioned on the strength of a call or message alone, however convincing. Verify through a separate channel first. That one policy would have stopped the Arup loss.

Does the EU AI Act stop deepfake fraud?

No. It forces disclosure on people using AI legitimately. Criminals using offline tools ignore it. The Act helps your governance and your labelling duties; your own controls stop the fraud.

The bottom line

Free, offline, uncensored deepfake generation is here, and it isn't going back in the box. Treating that as a content-moderation problem misses the point. The problem isn't that fakes exist. It's that your staff still treat a familiar face on a screen as proof, and your payment and onboarding processes still let that proof move money.

Here's the opinion: detection-first thinking is a trap. Boards that pour budget into "can we spot the fake" while leaving a single approver able to wire millions off the back of one video call are defending the wrong wall. Generation will always be a step ahead of detection. Process discipline is the part you actually control, and it's cheaper.

Responsible AI isn't about banning the tools. It's about building an organisation that doesn't fall over when the tools are used against it. Verify the process, not the face. Sign your own content. Govern your own AI use against Article 50. Then the deepfake on the call becomes a failed attempt instead of a wire transfer.

If you want to know more about how we help boards govern this, see our work on deepfake CEO fraud prevention, deepfake-resistant identity verification, and EU AI Act synthetic content rules.

More on how we approach it: board-level AI governance.

Share this article

LinkedInXEmail
Sotiris Spyrou - Author

Sotiris Spyrou

Sotiris Spyrou is the founder of VerityAI, a Responsible AI advisory for boards and AI-deploying businesses. With 27 years across agencies, global in-house roles, and the C-suite, he advises leaders on AI governance and risk, and on answer-engine visibility engineered without the dark patterns the rest of the industry is getting penalised for. He is the author of TRANSFORM, AI Moats, and Ethical AI.

Founder at VerityAI

Areas of Expertise:

AI Governance & RiskResponsible AI StrategyAnswer Engine OptimisationBoard-Level AI Advisory