• What is AI Impersonation?

    Back to Glossary

    Key takeaways

    • AI-powered impersonation attacks succeed by capturing credentials and triggering unauthorized actions, not merely by fooling human perception. Detection-focused defenses fail because AI improves faster than training programs can adapt.
    • Traditional MFA methods (SMS codes, authenticator apps, push notifications) remain vulnerable to the same social engineering and interception attacks that AI impersonation enables at scale. Attackers use AI-generated voices to convince helpdesk agents to port numbers, create perfect login page replicas that relay codes in real time, and automate push bombing while simultaneously calling users with spoofed voices.
    • Phishing-resistant authentication through hardware security keys eliminates credential theft as an outcome by requiring cryptographic proof-of-possession that no AI can synthesize remotely. Origin binding cryptographically verifies the requesting site is legitimate, and physical touch requirements create a hard boundary that remote attacks cannot cross.
    • Organizations deploying phishing-resistant authentication report measurable outcomes: Afni achieved a 30% reduction in cyber insurance premiums across 10,000 employees, while Kaunas City Polyclinic saw an 80% drop in password reset requests and significantly reduced phishing risk.
    • The shift to phishing-resistant authentication is underway. Organizations that move first eliminate credential theft risk before an attack succeeds.

    In 2024, LastPass security teams received deepfake audio calls impersonating their CEO with voice cloning so convincing that employees nearly granted unauthorized access to sensitive systems. The attack failed only because LastPass had already implemented additional verification protocols. Most organizations don’t have that layer in place.

    Deepfake fraud is now happening at“industrial scale,” with AI-generated voice calls, synthetic video, and flawless phishing emails targeting finance teams, IT helpdesks, and executives across enterprises. These attacks succeed by capturing credentials, not by fooling perception alone.

    Organizations that focus solely on training employees to spot fakes put themselves in an unwinnable arms race against attackers who have access to rapidly improving weapons. What works is making the attack’s objective computationally unfeasible, requiring strong cryptographic proof-of-possession that no AI can synthesize remotely.

    What is AI impersonation, and what do attacks look like?

    AI impersonation refers to the use of generative AI tools to replicate a real person’s voice, appearance, or writing style to deceive employees into granting access or approving transactions. Unlike earlier phishing attacks that relied on generic lures, AI impersonation is targeted, convincing, and scalable.

    Generative AI has eliminated the traditional tells that security training relies on. Attackers now generate grammatically perfect phishing emails, clone executive voices with seconds of sample audio, and create convincing face replacement deepfakes for video calls. And they do it at scale.

    In 2024, a finance worker at a multinational firm transferred $25.6 million after a deepfake video call impersonating the company’s CFO and several colleagues. The worker had initially suspected phishing but put aside those doubts once the call appeared convincing. The company only detected the fraud when the employee checked with head office – the out-of-band verification step that would have stopped it from happening. Awareness of pressure tactics and out-of-band verification slow attacks and raise costs for adversaries. Phishing-resistant authentication serves as the backstop when human judgment fails.

    AI voice cloning and deepfake calls

    Attackers have been shown to use generative AI tools to replicate executive voices with just seconds of sample audio. These synthetic voices place calls to finance teams requesting urgent wire transfers or to IT staff requesting credential resets.

    This technique, also known as vishing (voice phishing), has become increasingly sophisticated. An AI-generated voice can now convincingly replicate a person’s speech patterns and intonations in real time. Attackers often combine voice cloning with caller ID spoofing to make the call appear to originate from a legitimate internal number.

    Synthetic video and AI-generated phishing

    Real-time deepfake videos enable attackers to appear as executives in video calls. The technology now runs on consumer hardware with minimal delay to conduct believable conversations.

    Large language models produce grammatically perfect, contextually aware phishing messages that reference real projects, internal terminology, and current events. AI eliminates broken English and other traditional phishing indicators. Attackers also deploy chatbots to engage targets in real-time conversations, building rapport before requesting credentials or approvals.

    AI-crafted phishing emails

    Large language models allow attackers to generate grammatically perfect, culturally fluent phishing emails in many languages. Previously, non-native speakers launching attacks against English-speaking targets would often betray themselves through awkward phrasing, mistranslations, or generic greetings.

    AI nearly eliminates those tells, producing messages that reference real projects, use internal terminology, and match the tone of legitimate internal communications.

    The common thread across security incidents from organizations like LastPass: AI creates the credibility layer that convinces employees to hand over credentials or approve fraudulent transactions. The sophistication of the message matters less than what happens next.

    The real objective: Credentials and unauthorized actions

    AI-generated deepfakes and phishing serve as the front-end of a credential theft operation meticulously crafted by attackers. Every sophisticated voice clone, convincing fake video call, and flawless phishing email exists to accomplish one thing: getting your employees to log in, approve a transfer, share an authentication code, or trigger a password reset. A successful deepfake attack converts deception into access. The ultimate outcome is often identity theft at the organizational level, where attackers assume the digital identity of legitimate employees.

    Most attackers gain access by logging in with stolen credentials rather than breaking in through technical exploits.

    This pattern shifts where your security controls must focus. When employees fall for AI impersonation, attackers gain valid credentials that provide legitimate access to systems and data. Business email compromise (BEC), CEO fraud, executive impersonation, and helpdesk social engineering all follow this pattern: the attacker impersonates someone with authority (a CEO, finance director, or IT administrator) to convince an employee to perform an action that grants access or moves money.

    The attack succeeds not when the deepfake fools someone, but when the deepfake leads to credentials changing hands, highlighting a critical gap in cybersecurity. The next two sections examine why traditional defenses fail against this pattern before presenting the authentication approach that eliminates credential theft as an outcome.

    Why detection fails against AI-generated attacks

    Security professionals have long counseled users that you must not assume the sender of an email is who they say they are. This advice assumes humans can reliably distinguish real from fake when presented with increasingly sophisticated AI-generated content.

    “AI-powered phishing has made my job significantly harder,” says Marius Sinkevičius, Head of IT Department at Kaunas City Polyclinic. “Attacks are now highly personalized and convincing, making them difficult to detect. We’ve had to strengthen our defenses, train staff more intensively and stay constantly alert.”

    AI improves faster than human pattern recognition

    Training programs teach employees to look for specific indicators: poor grammar, generic greetings, suspicious urgency. AI impersonation eliminates all of them. Voice cloning replicates speech patterns perfectly, while AI-generated phishing produces contextually aware messages that reference real projects and internal terminology. Deepfake video mirrors mannerisms and facial expressions in real time, making visual verification equally unreliable. By the time detection-based training is deployed, the attacks have already evolved past it.

    Urgency defeats deliberation

    Impersonation attacks manufacture time pressure. When someone who looks and sounds like your CEO demands an immediate wire transfer, the psychological pressure to comply overrides the checklist of warning signs.

    Scale favors the attacker

    AI impersonation lets attackers send thousands of personalized phishing attempts, place dozens of voice cloning calls, or conduct multiple deepfake video conferences in the time a human could craft a single attack. A 1% success rate becomes devastating at scale.

    Training remains necessary to raise the baseline and create a reporting culture. But you cannot rely on training alone as the load-bearing wall of your security architecture.

    Why traditional MFA doesn’t stop AI-powered impersonation

    The natural response to phishing and credential theft is multi-factor authentication (MFA). But not all MFA stops AI impersonation. The forms most organizations deploy — SMS codes, authenticator apps, and push notifications — are still vulnerable to the same social engineering and interception attacks that AI impersonation enables at scale.

    When attackers use voice cloning to call helpdesk agents or deepfake video to convince IT staff, these MFA methods become part of the attack chain rather than a defense against it.

    MFA MethodVulnerabilityWhy AI Makes It Worse
    SMS OTPCode intercepted via SIM swap, SS7 attack, attacker-in-the-middle (AitM), commonly known as man-in-the-middle (MitM), or social engineeringAI-generated voice calls to carriers and helpdesks successfully convince agents to port numbers. Voice cloning attacks targeting telecom support have become increasingly effective.
    TOTP Authenticator AppsCodes can be phished in real-time via attacker-in-the-middle proxy sitesAttackers deploy AitM proxy sites that mirror the real login page, relaying codes to the legitimate service in real time.
    Push NotificationsMFA fatigue: users approve requests to stop bombardmentAI can automate push bombing while simultaneously calling users with spoofed voices claiming IT needs them to approve.

    These MFA methods share two critical weaknesses. First, they rely on shared secrets or approval mechanisms that can be intercepted, replayed, or socially engineered. Second, and more fundamentally, none of them perform origin verification. The communication channel is one-way: the authenticating system sends a code or push request, and whether the request is legitimate is left entirely to the judgment of the end user. When voice cloning replicates your IT director or deepfake video shows your CEO requesting access, that judgment fails.

    How phishing-resistant authentication defeats AI impersonation

    Stopping AI impersonation requires moving beyond detection and toward authentication that AI cannot fake, phish, or replicate remotely.

    Hardware-based phishing-resistant authentication eliminates credential theft as an outcome, even when voice cloning fools the employee, deepfake video passes visual inspection, or AI-generated phishing bypasses email filters.

    Origin binding verifies the site

    When authentication uses the FIDO2/WebAuthn protocol, the authenticator cryptographically verifies that the requesting website or service (also referred to as the relying party) is legitimate. Even if an AI-crafted phishing email convinces you to click a link, authentication to the fake site fails because the origin binding prevents it. The authenticator checks whether the request’s origin matches the registered credential. If your credential is registered to yourcompany.com, an attacker’s yourcompany-login.com will always fail verification.

    Private keys never leave the device

    With device-bound passkeys, cryptographic material (passkeys leverage strong asymmetric key pairs) is stored in secure hardware where it never leaves the authenticator. The public key is just that, public and if it leaks then there is no risk as the private key is needed for authentication ceremonies. By leveraging public-private keypair schemes, no shared secret exists to steal.

    Physical presence defeats remote attacks

    FIDO2/WebAuthn enforces proof of presence, meaning that a human needs to be present to perform a physical action (touching the YubiKey) as part of the authentication process. Regardless of how convincing their voice cloning or deepfake video, no remote attacker can trigger authentication without the user’s physical participation.

    How YubiKey combines these protections

    Hardware security keys like the YubiKey 5 Series implement all three of these protections through FIDO2/WebAuthn device-bound passkeys. The YubiKey cryptographically validates the request’s origin, preventing credential harvesting even when AI-generated phishing successfully deceives users. The physical touch requirement creates a hard boundary that remote attacks cannot cross.

    The YubiKey Family – a lineup to meet your needs
    When you need to balance legacy and modern systems: YubiKey 5 Series
    The YubiKey 5 Series is an enterprise-ready, multi-protocol security key that supports FIDO2, FIDO U2F, PIV Smart Card, OTP, OpenPGP, and more, covering both legacy on-premises systems, modern cloud environments, and hybrid environments. This allows organizations to deploy strong authentication schemes supporting complex scenarios with their ever evolving environments. The YubiKey 5 Series eliminates account takeovers with strong two-factor, multi-factor or passwordless authentication, and seamless tap or touch to log-in. It supports USB and NFC interfaces with a simple tap or touch, no batteries or network connection required. With a full range of form factors supported this allows users to secure online accounts on all of the devices that they love, across desktops and mobile.

    When you are ready to use FIDO: Security Key Series
    The Security Key Series is a FIDO-only security key supporting FIDO2 and FIDO U2F which is a great starting point for organizations that are just embarking on their journey towards modern MFA, catering to primarily cloud environments. Integrate support for the Security Key Series within your organization’s systems and applications that support FIDO to protect user access and accounts, even across mobile-restricted or shared workstation environments. The Security Key Series delivers essential two-factor and passwordless authentication via USB or NFC, with no batteries or network required.

    When you are looking to boost convenience with biometrics: YubiKey Bio Series
    For organizations looking to reduce friction in high-frequency authentication workflows, the YubiKey Bio Series streamlines the login experience with on-device fingerprint verification, making authentication as fast as a touch and go. Fingerprints never leave the key’s secure element, and the biometric falls back to PIN in the case of an error. This protects users from locking out their accounts, while providing a biometric authentication method that meets data privacy and biometric sovereignty regulations.

    When you need to meet compliance mandates: YubiKey 5 FIPS Series
    The YubiKey 5 FIPS Series extends this coverage with FIPS 140-3 validated cryptography. All YubiKey models achieve AAL3 in approved multi-factor configurations. FIPS validation adds the specific certification mandated for federal employees and contractors, allowing regulated organizations to meet compliance requirements without compromising usability.

    All YubiKeys provide the same level of security as a hardware passkey to protect against AI-driven attacks, work with no batteries and network connection, and secure thousands of products, services, and applications. 

     Enterprise results: From credential anxiety to phishing-resistant users

    Organizations that shift from detection-focused defenses to phishing-resistant authentication report outcomes that awareness training alone cannot deliver.

    YubiKey 5 Series and YubiKey as a Service: Eliminating credential theft risk at scale and secure digital identity globally 

    Afni’s deployment of the YubiKey 5C NFC to 10,000 achieved a 30% reduction in cyber insurance premiums. 

    “With every user having a YubiKey, I don’t have to worry about leakage of credentials,” says Brent Deterding, Chief Information Security Officer at Afni. “That’s a very, very good place to be as a CISO.” 

    Kaunas City Polyclinic saw an 80% drop in password reset requests and significantly reduced phishing risk after deploying the Security Key Series.

    Total Economic Impact™ (TEI) of Yubico YubiKeys 

    The results of a commissioned Total Economic Impact™ (TEI) of Yubico YubiKeys study conducted by Forrester Consulting highlights further the benefit of YubiKeys. The study, comprised of interviews with global enterprises with over 5,000 employees, found that a composite organization based on interviewed customers achieved a 265% return on investment (ROI) and a net present value (NPV) of $5.3 million over three years by replacing traditional multi-factor authentication (MFA) and one-time passwords (OTPs) with phishing-resistant YubiKeys.

    • Goodbye, Password Reset Tickets: The study found $476,000 in savings just by eliminating the help desk tickets that pile up when employees lose access to mobile apps or forget their passwords.
    • Faster Workdays: We often think of security as a speed bump. However, the TEI study showed that users authenticated 80% faster with YubiKeys than with legacy MFA. For the composite organization of 5,000 employees, that added up to $2.2 million in productivity value.
    • Operational Peace of Mind: By removing the “human error” variable from phishing, organizations saved $912,000 in labor by avoiding the investigation of addressable credential-based attacks.

    “Yubico is easy to work with. They had the ability to deliver at the scale and velocity we needed.” Senior manager, cybersecurity, telecom services

    “Account takeovers have not happened since we rolled everybody over to YubiKeys.” – General director of information assurance, transportation

    “After acquiring YubiKeys to deploy to all our employees, we sought to have it so that their first login would be through a pre-enrolled YubiKey. FIDO Pre-reg satisfied the phishing-resistant requirement and satisfied the goal to be 100% passwordless all in one.” – Principal identity engineer, technology

    “Not only do YubiKeys make us more secure, but they also make it easier for our staff and they are cost-effective. We are going to be 99.99% phishing resistant.” – Director of information technology and cybersecurity, government

    “If we protect these identities and restrict their usage to FIDO2, it really reduces the attack surface. It is affordable for your partners. You can build it into your contracts and offset that cost. Yubico ships globally and they will handle logistics. No partner wants to be the reason that your customer data got out.” – Senior manager, cybersecurity, telecom services

    “Our CEO stated that we are going to be 100% phishing resistant and passwordless. We had to look for what could help us achieve passwordless for the full employee lifecycle and what was 100% phishing resistant. The only solution that fit the bill was YubiKeys.”Principal identity engineer, technology

    “YubiKeys are phishing-resistant. They provide the strongest layer of authentication we can offer our clients.”Director of client authentication, financial services

    “YubiKeys are a fiscally responsible way to increase your cybersecurity posture.”Director of information technology and cybersecurity, government

    “With cybersecurity incidents rising and the climate getting worse, we needed to do everything we could to protect our customer information and data.”Senior manager, cybersecurity, telecom services

    Cyber insurance improvements

    “In the end, Afni received insurance at a 30% decrease from its previous level,” Deterding notes. “When I’m going down by a third and others are going up by 20% or higher, that’s a really big win.”

    Reduced IT burden

    Password-related support tickets drop dramatically. Kaunas City Polyclinic measured an 80% reduction.

    Compliance alignment

    EU healthcare organizations using phishing-resistant MFA report easier paths to NIS2 compliance and other regulatory frameworks.

    Value of YubiKey as a Service

    For your organization facing AI-driven attacks that scale faster than traditional security rollouts can respond, YubiKey as a Service enables rapid enterprise-wide deployment.  Get cost-effective, phishing-resistant authentication that protects every user with passwordless security at global scale. Easily deploy the highest assurance hardware passkey—the YubiKey—globally to secure employees, supply chain, and end customers.

    You also get access to turnkey Enrollment and Delivery services. Enrollment helps IT onboard users with YubiKeys quickly, fast-tracking the organization to phishing-resistance.

    This hardware as a service solution provides Enrollment services like Yubico FIDO Pre-Reg that deliver pre-enrolled YubiKeys users can activate immediately.  

    Delivery handles global logistics, shipping YubiKeys to corporate and residential addresses worldwide. Users can even experience self-service ordering of YubiKeys, giving them the freedom to have the keys shipped to their preferred address anytime they need. YubiKey as a Service customers receive continual enhancements to available and new services assuring a smart and future-proofed security investment.  

    Red flags that still matter and verification steps that work

    Awareness of pressure tactics and out-of-band verification slow attacks and raise costs for adversaries. Phishing-resistant authentication serves as the backstop when human judgment fails.

    Recognize urgency as a warning sign

    Watch for these pressure patterns:

    • Demands for immediate payment or action
    • Requests to bypass normal approval processes
    • Claims that delay will cause serious consequences
    • Instructions to keep the request confidential

    Out-of-band verification protocols

    • Call back using a known phone number from your contacts or the company directory, never a number provided in the suspicious communication
    • For wire transfer requests, establish pre-shared verification codes or phrases with executives
    • When in doubt, verify in person or through a completely separate communication channel

    Digital communication hygiene

    • Hover over links before clicking to verify domains
    • Be suspicious of requests arriving through channels that bypass your normal workflows
    • Report suspicious communications even if you’re unsure, especially if you’re unsure

    Social media awareness

    Limit sharing your personal details on social media, where attackers research their targets extensively to personalize impersonation campaigns.

    What to do Monday: Role-based next steps

    Start with an inventory to determine where you still rely on human perception as the security control for high-risk actions.

    For CISOs and security executives

    • Audit which authentication flows still accept phishable credentials (SMS, TOTP, push)
    • Evaluate phishing-resistant MFA for privileged accounts, then expand to all users
    • Review helpdesk and password reset procedures, as these are often the weakest link
    • Update cyber insurance applications to reflect phishing-resistant MFA deployment

    For IT and security operations

    • Harden helpdesk verification workflows to require phishing-resistant step-up authentication before credential changes
    • Implement conditional access policies that require stronger authentication for sensitive actions
    • Test your own organization with simulated AI-generated phishing to identify gaps

    For finance teams

    • Establish verification protocols for wire transfers that don’t rely on voice or email alone
    • Require dual approval with step-up authentication for high-value transactions
    • Document and practice the verification procedure so it’s automatic under pressure

    For executive assistants and administrative staff

    • Use pre-established verification codes for unusual requests from executives
    • Verify any urgent request through a separate channel before acting
    • Report suspicious requests even if they appear to come from leadership

    As Sebastian Thum, Senior SOC Analyst at Abtis, puts it: “Strong MFA isn’t a question anymore, it’s now become mandatory. Stop thinking about it and just do it.”

    Frequently asked questions

    Enterprise security teams evaluating phishing-resistant authentication commonly ask these questions about deployment, scope, and integration.

    Are passkeys enough to stop AI impersonation attacks?

    Passkeys are a FIDO2/WebAuthn credential type that replace passwords with public-private key cryptography. They come in two distinct flavors with very different security profiles.

    Device-bound or hardware-backed passkeys store the private key in a dedicated secure element and it never leaves that hardware. A hardware security key like the YubiKey 5 Series is a device-bound passkey authenticator. Because the key cannot be copied or extracted, the attack surface is limited to whoever physically possesses the device. Phishing, remote malware, and cloud account compromise cannot reach it.

    Synced passkeys store the private key in cloud-synced store(such as Apple iCloud Keychain, Google Password Manager, or a third-party password manager). The credentials are expected to be copied across devices, which is convenient but introduces a fundamentally different risk model.

    The private key is encrypted in transit, but its security ultimately depends on the provider’s infrastructure and your account security. An attacker who compromises your Apple ID, Google account, or password manager vault can potentially access or export the private key, or simply use those credentials to access accounts without the user knowing.

    The cloud account itself becomes an attack surface, and social engineering attacks (including AI-generated impersonation of account recovery flows) can lead to credential theft even when the underlying passkey protocol is sound.

    For enterprise environments facing sophisticated AI impersonation threats, device-bound passkeys on hardware security keys, YubiKeys, provide the highest-assurance protection because the credential cannot be phished, synced, or extracted remotely.

    What about executive video calls where we need to verify identity?

    Don’t trust visual or audio verification alone. Before acting on any request from a video call (especially financial approvals or credential changes), verify through a separate channel using contact information you already have on file.

    Keep in mind that attackers specifically target the individuals who approve these requests. A single approver acting alone is a high-value target. The stronger control is a two-part approval process: require a second, independent approver to authenticate and confirm any sensitive action before it is executed. This means a successful impersonation attack against one approver is not enough to complete the transaction. Pair this with phishing-resistant authentication at both approval steps and the attacker must simultaneously compromise two separate individuals, each with a hardware key, eliminating the need to judge whether any video or voice call is real.

    How do we harden helpdesk and password reset workflows?

    Helpdesks are often asked to verify identity using information that attackers can easily obtain or spoof. Replace knowledge-based questions with phishing-resistant step-up authentication. Require users to authenticate with their YubiKey before any credential changes. For complete loss of all authenticators, implement high-assurance recovery processes that include identity verification through government-issued documents and in-person or video verification by trained staff.

    How fast can we deploy phishing-resistant authentication across the enterprise?

    YubiKey as a Service streamlines and simplifies global rollout of YubiKeys by bundling the services you need to deploy phishing-resistant security quickly and globally. 

    • Customer Portal: Manage inventory, fulfillment, and deployment status as your rollout scales.
    • Enrollment Services: Pre-enroll YubiKeys for end users to reduce setup time and accelerate adoption. This includes FIDO Pre-reg. FIDO Pre-reg, a first-of-its-kind solution that removes the complexity of enrolling users into passwordless authentication. FIDO Pre-reg is General Availability to Ping Identity,  Okta and Versasec, and Early Access with Microsoft.
    • Delivery Services: Distribute YubiKeys worldwide with centralized fulfillment.
    • Self-service Ordering: Enable your employees to order YubiKeys directly, reducing IT overhead and deployment delays.
    • Customer Success Management: Work with a dedicated Customer Success Manager to guide deployment and adoption.

    YubiKey as a Service with Yubico FIDO Pre-reg enables rapid deployment by delivering factory-enrolled, pre-configured YubiKeys directly to users. Okta deployed YubiKeys to their entire global workforce of over 6,000 employees using this approach. The YubiKey arrives pre-registered to the user. They receive a PIN from IT, plug in the YubiKey, enter the PIN, and immediately have phishing-resistant authentication.

    “By integrating our technologies, Okta and Yubico give IT teams the security and flexibility they need to protect their enterprise resources. Together, we deliver phishing-resistant authentication that safeguards those vulnerable moments in the employee lifecycle, from onboarding and authentication to account recovery.”

    – Stephen Lee | Vice President of Technical Strategy and Partnerships, Okta

    Further Enterprises: T-Mobile deployed YubiKeys companywide in nine months to stop phishing attacks. Hyatt leveraged passwordless to reduce risk & elevate the guest experience

    Stop AI impersonation before it succeeds

    AI-generated deepfakes, voice clones, and phishing will continue to improve. Warnings from the Federal Trade Commission (FTC) and other regulatory bodies can’t stop attacks—phishing resistant authentication is the most successful way to eliminate credential theft and secure digital identity

    Hardware-based phishing-resistant authentication like the YubiKey 5 Series, Security Key Series, YubiKey Bio Series, and YubiKey 5 FIPS Series, and deployed through  YubiKey as a Service to accelerate phishing-resistant deployment and adoption stops credential theft even when impersonation succeeds. When credentials cannot be phished, intercepted, or replayed, even the most convincing deepfake cannot convert deception into access.

    The shift to phishing-resistant authentication is underway across industries. The question for your organization is whether you make it before or after an AI impersonation attack succeeds. Explore how YubiKey protects against AI-powered threats.