CFOtech US - Technology news for CFOs & financial decision-makers
United States

Guides

#
artificial intelligence
#
data analytics
#
digital transformation
#
fintech
#
health technologies

Search

Corporate finance manager haunted by ai deepfake email fraud
#
UC
#
Physical Security
#
Email Security

AI phishing resets threat curve, finance teams at risk

Sat, 31st Jan 2026
Author image
By Mark Tarre, News Chief

Research from Osterman Research, commissioned by Ironscales, has found that 88% of surveyed organisations experienced at least one security incident over the past 12 months that undermined trust in digital communications, as attackers used AI-driven phishing and business email compromise techniques.

The study, titled Restoring Trust in Business Communications, surveyed 128 cybersecurity decision-makers. It reported that 82% saw increased interest from threat actors in exploiting trusted communications. It also found that 60% lacked confidence in their ability to counter deepfake attacks effectively.

Threat shift

The research described a change in the mechanics of phishing and BEC. It pointed to AI-generated impersonation, deepfake audio and video, and more personalised fraud attempts. It also described multi-channel approaches that can involve email, phone, video and collaboration tools.

"The threat curve just got reset," said Michael Sampson, Principal Analyst, Osterman Research. "Even 'solved' attack types like phishing and business email compromise have become immature again. BEC attacks from 2025 bear little resemblance to those from 2020-they're now hyper-personalized, multi-channel, and can be launched autonomously at scale."

Respondents said they expected more change in the near term, even as incident rates remained high. The survey found that 28% believed AI-generated phishing was "just getting started". It found that 25% said the same about deepfake audio attacks. It also found that 28% thought deepfake video attacks remained nascent.

The report argued that common cues used by employees and security systems have reduced value. It cited better written messages and improved targeting. It also highlighted the ability to generate content in multiple languages and tailor messages to individual recipients.

Finance exposure

Finance teams emerged as a high-risk group in the survey results. The research found that 59% of organisations rated finance as a "high" or "extreme" priority target for threat actors. It also found that 59% expressed high concern about the readiness of finance employees to defend against trust-based attacks.

"Finance teams control the money, so they're priority number one for attackers," said Audian Paxson, Principal Technical Strategist, IRONSCALES. "But cybersecurity leaders report the lowest confidence in these teams' ability to spot sophisticated BEC and impersonation scams. That gap is getting exploited daily."

The study also pointed to vendor impersonation as a frequent route for fraud. It found that over 33% of organisations saw threat actors successfully masquerade as trusted vendors to steal funds or information in the past year. It also reported that 13% of respondents saw major increases in vendor impersonation attacks year on year.

Training limits

The research questioned the effectiveness of existing training and established email security controls against newer techniques. It reported that nearly one in five security leaders said security awareness training was proving ineffective against AI-enhanced threats.

Respondents also rated detection training for deepfakes and AI-generated phishing as falling short. The survey found that 38% rated training for detecting deepfake audio attacks from "not at all effective" to "moderately effective". It found the equivalent figure was 39% for deepfake video attacks. It reported that 43% applied that rating to training for detecting AI-generated phishing.

"Legacy email protections are too blunt an instrument to recognize the subtle indicators of modern AI-powered attacks," said Sampson. "Organisations can no longer trust these legacy solutions to protect against threats that didn't exist when they were designed."

Technology changes

The survey results suggested that security teams expected to make changes in response. It found that 70% of organisations viewed detection of deepfake audio impersonation attacks as "extremely important". It described that measure as the highest priority increase recorded in the research.

In procurement terms, respondents signalled a willingness to change suppliers and tools. The survey found that 70% were willing to add point solutions to address gaps. It found that 68% were willing to change vendors entirely. It also found that 70% were willing to replace their entire security technology stack.

The research also tied the issue to the risk of broader security failures. It found that 55% of security leaders said failing to defend against trust-exploiting attacks significantly increased the likelihood of a data breach.

The study focused on US organisations with 1,000 to 5,000 employees across industries. The findings added weight to a wider shift in defensive priorities in corporate security teams, with more emphasis on identity verification across communications and tighter controls around payments, supplier change requests and approval workflows.

Related stories
Nium adds three C suite leaders to drive global growth
Contented raises NZD $4.1m to fuel AI expansion
Data gaps stall AI scale-up despite strong AIOps gains
NetSuite unveils AI finance tools & low-code integration
FDATA appoints Kat Cloud to strengthen open finance security

Top stories

New foundation to track real-world AI in accounting
FalconX launches leveraged DeFi prime brokerage on Hyperliquid
Virtual Spotter grows in US with lean direct debit model
Xero to retire app store billing, shift to API tiers
ORCA Opti plots global AI growth & 2027 IPO roadmap