By Guest contributor |
We’re entering a moment in history where trusting anything ‘digital’ is becoming not just difficult, but dangerously naive. The accelerating use of AI in cyberattacks – particularly agentic AI systems that autonomously create adaptive, personalised and convincing malicious content – has pushed us into a new era of deception. Today, video, voice, email, documents and even ‘live’ video calls can no longer be assumed to be real. The fabric of trust that has underpinned the internet for decades is tearing, and the consequences for individuals, businesses and governments are profound.
Internal threat intelligence materials already highlight the scale of the problem. Threat actors now use AI to automate sophisticated phishing, create malware, poison data, generate new attack paths, and produce deepfake audio and video capable of convincing even experienced professionals. These deepfakes are being leveraged in highly targeted social engineering campaigns, impersonating trusted colleagues, executives or partners with almost flawless realism.
Cybercriminals are not just using AI, they are abusing it at scale. Attackers have launched massive social engineering campaigns targeting AI platform users, promoted fake AI services, deployed cybercrime tools such as FraudGPT to generate scam communications, and used deepfake impersonation to steal more than $25 million from a multinational corporation.
This convergence of internal observations and global intelligence paints a clear picture: AI is now the most potent force multiplier cybercriminals have ever had, and trust – digital trust – is the casualty.
Deepfake technology has advanced so rapidly that the human eye and ear simply can’t keep up. Internal analysis already notes how AI can generate realistic fake audio and video to manipulate victims in social engineering attacks, often bypassing traditional scepticism.
External reporting from cybersecurity firm Fortinet highlights deepfake-driven fraud increasing by over 1,300 per cent year-on-year, with attacks now infiltrating financial systems, corporate processes and political information flows. Even mainstream media has recognised this collapse. NBC News describes a “complete erosion of trust online”, where audiences can no longer easily distinguish manipulated media from authentic evidence, particularly during breaking news events. This mistrust can be weaponised when deepfakes are mixed with real content to distort public perception.
In the digital world of 2026, every image, video or call is now suspect by default. The World Economic Forum reports deepfake fraud surged 1,740 per cent in North America between 2022 and 2023, with financial losses exceeding $200 million in the first quarter of 2025 alone. These attacks have successfully impersonated CEOs and other executives, leading to multimillion-dollar losses.
In a 2025 article titled ‘AI Deepfakes Are Forcing Companies to Rebuild Trust’, Newsweek further confirms that deepfakes have become embedded in corporate fraud, with more than 2,000 verified incidents in Q3 2025, many involving identity impersonation on live calls or fraudulent financial transactions triggered by AI-cloned voices.
Traditional cyber defence strategies simply weren’t built for adversaries who can instantly scale, personalise and adapt deception. Enter the ‘zero trust’ cybersecurity model, a cornerstone of modern security architectures built around the principle of “never trust, always verify.” But until now, that philosophy has rarely been applied to the content itself or the identity signals behind interactions.
In the age of AI-enabled deception, trust must be decoupled from perception.
Zero trust for AI means every digital artefact – video, audio or email – requires cryptographic or metadata-based verification. It will also require authenticating identity through multi-channel verification, embedding content provenance like watermarking and authenticity checks into content, building detection capabilities specifically for AI-generated deception and continuously educating employees to stay vigilant and sceptical of unexpected digital interactions.
The challenge is not to eliminate AI-driven risk, but to redesign trust for a world where deception can be engineered at scale. Zero trust for AI is not a theoretical framework; it’s the practical foundation for operating securely in an environment where authenticity can no longer be taken for granted.
To find out more contact Atech.
James Pearse is the chief technology officer at Atech, part of Iomart Group
Discover more insights in the Spring 2026 issue of Technology Record. Don’t miss out – subscribe for free today and get future issues delivered straight to your inbox.