Skip to main content

Deepfake video call simulations

A deepfake video call simulation is a live, operator-run exercise: an admin joins a real video call (Zoom, Teams, Google Meet, Webex, GoTo Meetings, Slack huddle, Telegram, or Signal) wearing a real-time face- and voice-swap so they appear and sound like someone the target trusts, a CEO, a board member, an IT admin, and tries to get the target to comply with a request (authorize a payment, hand over credentials, grant access). It is distinct from the Deepfake Videos library, which generates standalone pre-rendered video assets rather than running a live impersonated call. In the console, this feature is labeled Deepfake Video Call in the sidebar.

When you launch a campaign, the platform spins up a dedicated real-time face- and voice-swap session for your workspace, and your browser joins that session so the operator can run the call.

Prerequisites

  • Deepfake video calls are a paid feature that must be enabled for your workspace. Trial workspaces can build a campaign in draft but cannot launch it; the launch button shows an upgrade prompt instead.
  • Only one live deepfake or voice-impersonation session can run at a time per workspace. The platform checks for an existing session first and blocks with a message like "A deepfake session already exists" or "…is already being used by another admin" if one is active.
  • For Telegram or Signal delivery, the operator needs an active account on that platform and a mobile device for pairing.

How to use it

  1. From the console sidebar, open Deepfake Video Call and select Create New Campaign.
  2. Delivery Channel: pick the platform the call will run on (Zoom, Slack, Microsoft Teams, Telegram, Signal, Google Meet, Webex, or GoTo Meetings). For platforms that need a meeting link (Zoom, Teams, Meet, Webex, GoTo Meetings), add the meeting details via the modal that opens. Switching platforms clears any meeting details you already entered.
  3. Scenario Setup, filled in across four sub-sections:
    • Exercise Configuration: the use case (Tabletop Exercise, Red Team / Penetration Test, Security Awareness Training, …) and the target audience (pick from a list or type a custom one).
    • Impersonated Identity Details: the impersonated person's name and job title (e.g. "Craig Jones", "Head of HR"), someone the target audience knows and trusts.
    • Attack Configuration: the target department, the attack objective (wire transfer, credential harvesting, data exfiltration, access provisioning, malware delivery, vendor payment redirect, gift card / crypto purchase, info disclosure, physical bypass), and one or more social-engineering tactics (urgency, authority, pretexting, familiarity, fear, helpfulness, confidentiality, technical jargon, reciprocity, social proof).
    • Generated Scenario: an AI-drafted scenario name and description built from the fields above; regenerate with the wand icon or edit manually.
  4. Scenario Summary: review the configuration, then Launch. This creates or updates the campaign and requests browser notification permission so you're alerted when the live session is ready.
  5. Once the session is ready, the operator joins the live session UI (face and voice swap active) and conducts the call on the chosen platform.
  6. After the call, log the outcome: an operator fills in the Target Vulnerability assessment (outcome + vulnerability level + a written observation), optionally using AI to draft the summary from the scenario and outcome.
  7. Call recordings appear on the campaign detail page (thumbnail + duration per recording) for later review.

Configuration & options

PlatformNeeds meeting detailsNeeds an active account + mobile pairing
ZoomYesNo
Microsoft TeamsYesNo
Google MeetYesNo
WebexYesNo
GoTo MeetingsYesNo
Slack (huddle/call)NoNo
TelegramNoYes
SignalNoYes
FieldWhat it does
Use caseFrames why the exercise is run (tabletop demo, red-team attack, awareness training, …)
Target audience / departmentWho the scenario is aimed at, for reporting and targeting
Impersonated name / titleIdentity the operator wears via the face and voice swap
Attack objectiveThe compliance outcome the exercise is testing for
Social engineering tacticsMulti-select tags describing the pressure techniques used

Gotchas & limitations

  • This is a live, human-operated call, not an autonomous AI call: an admin has to actually join and run the session in real time (unlike the fully-automated AI vishing calls). Budget operator time accordingly.
  • Shared live-session slot. Deepfake and voice-impersonation campaigns draw from the same single live-session slot per workspace; you can't run a deepfake call and a voice-impersonation call at the same time, and a second admin can't join a session someone else already started.
  • Leaving the tab ends or cancels the session. Closing the browser tab or navigating away tears the live session down: if it already produced a recording it is ended, otherwise it is cancelled. Don't rely on just closing the tab to pause and resume later.
  • Trial workspaces can draft but not launch: attempting to launch on a trial workspace shows an upgrade prompt instead of provisioning a session.
  • Changing the delivery platform wipes meeting details you'd already entered for the previous platform, a banner warns about this in the Delivery Channel step.
  • Telegram and Signal require the operator to have an active account and a paired mobile device; there's no headless path for those two channels.

Troubleshooting / FAQ

Why can't I launch my campaign? Either the workspace is on a trial plan (draft-only), or another deepfake or voice-impersonation session is already active for this workspace, only one live session can run at a time, and only the admin who started it can use it until it ends.

I switched the meeting platform and my meeting link disappeared, is that a bug? No, switching the delivery channel intentionally clears previously entered meeting details, since a different platform needs a different link/format.

Do I need anything installed to run Telegram or Signal simulations? Yes, those two channels require an active account on the platform and a mobile device for pairing; the other channels (Zoom, Teams, Meet, Webex, GoTo Meetings, Slack) don't.