Generative artificial intelligence (GenAI) can now produce highly convincing audio and video that can impersonate senior C-suite and board members, potentially creating chaos with fabricated instructions. Research into identity fraud found that, in 2024, a deepfake attempt occurred every five minutes.
Executive impersonation used to trigger urgent payments or extract credentials has long been a favored tactic in areas such as financial fraud. GenAI lowers the cost, increases the credibility, and expands the scale on which this tactic can be deployed. In 2024, it emerged that criminals had attempted to use AI-generated audio to impersonate the CEO of WPP, the global advertising company, demonstrating that scammers now have many tools to impersonate those in authority.
Organized criminal groups use deepfakes to enable fraud and extortion. Ideologically motivated groups deploy disinformation to damage reputations or disrupt markets. Nation-states use similar techniques for espionage or political destabilization. Motives differ, but the mechanism is consistent: exploiting trust in senior leadership and often generating a sense of urgency to reduce time for consideration.
Deepfake attacks succeed not simply because the technology is convincing, but because organizations are conditioned to respond quickly to senior authority. A request from the CEO (particularly if it is urgent or confidential) will typically be met with haste to comply, rather than questioning with skepticism.
This is where leadership behavior can become a practical line of defense. Employees should be conscious of how senior leaders usually operate: how they communicate, whether they are prone to making unpredictable requests, and how they expect people to respond under pressure. The clearer those patterns are, the easier it is to spot when something does not fit.
An incident at Ferrari illustrates this dynamic. An executive received messages and calls, apparently from the CEO, urging rapid action on a confidential transaction.
The impersonation was highly convincing. What prevented a costly mistake was not a detection tool, but judgment shaped by experience: the executive recognized that the request was out of character and paused to verify it using personal details only the real CEO could provide.
More than simply individual alertness, this response reflected an environment in which caution and verification were encouraged as responsible behavior. In a more opaque or rigidly hierarchical organization, it might have seemed riskier to delay the response.
For employees, the key question in moments of pressure is not whether a policy exists, but whether their leaders permit them to slow things down.
That permission must be explicit. Employees need to know that questioning unusual requests (even those that appear to come from the CEO) is acceptable and encouraged. They need to know that seeking verification, even if it delays matters, will not negatively affect their career prospects. Training and controls help, but they are reinforced only when leaders consistently signal that accuracy and security matter more than speed.
Where senior leaders fail to articulate their expectations around security, the resultant uncertainty among employees plays into the hands of impersonators. Where leaders make it clear that verification is an important and expected safeguard, deepfake attacks become harder to execute.
Scenario-based exercises help close this gap.
Most organizations have incident response plans, but far fewer have stress-tested how a deepfake or executive impersonation attempt would unfold in practice.
In real incidents, payments are often authorized, or confidential information shared, hastily, with confirmation only sought afterwards (if at all). This is where it can be dangerous if people are conditioned to focus on the speed of response.
Scenario-based exercises help close this gap. Rehearsing realistic situations, such as urgent calls involving unexpected instructions, allows teams to practice stopping, verifying, and escalating before exposing organizational security. It also highlights where protocols are unclear or impractical.
Preparedness is reinforced by repetition. Organizations rarely perform well in situations they have never rehearsed.
In an era of convincing digital impersonation, silence at the top can dangerously amplify vulnerability.
Deepfakes sit at the intersection of cyber-risk, financial risk, and reputational risk, meaning responsibility should not rest solely with IT or security teams.
Boards should be asking the difficult questions: not only whether controls exist, but whether leadership behavior reduces or amplifies risk; whether escalation paths are credible; and whether scenarios have been thoroughly practiced, rather than merely documented. Effective oversight relies on the vigilance of the entire workforce. As such, it depends as much on internal dialogue and trust as on formal reporting.
In an era of convincing digital impersonation, silence at the top can dangerously amplify vulnerability. Leadership presence, clarity, and engagement are no longer peripheral to risk management. Rather, they are central to it.
To unlock true competitive advantage, leaders must learn to integrate the refined intelligence of American AI models with the coordinating power of China. Howard Yu explains why most Western companies are on...
AI excels at complex tasks, yet its effectiveness depends on strictly controlled boundaries...
Audio available
IMD, Media Trust, and Code For Good Now are building a coalition to shape how AI is developed, deployed, and governed, so it becomes a force for inclusive growth, responsible innovation,...
While it is normal to be nervous about AI, organizations must create a psychologically safe environment in which their employees can innovate and experiment, says Publicis Sapient’s Kameshwari Rao ...
Explore first person business intelligence from top minds curated for a global executive audience