In January 2026, a multinational company in Germany transferred €25 million to an account it believed belonged to a subsidiary. The order came via video call from the CEO — except the CEO wasn't real. It was a deepfake.
📖 Read more: January 2026: The Biggest Cyber Attacks and What We Learned
🎭 How the Scam Worked
The fraudsters created a real-time deepfake video and a cloned voice model using public videos of the CEO from interviews and corporate presentations. They called the CFO and two other executives to a corporate Zoom meeting.
The call lasted 12 minutes. The “CEO” requested an immediate fund transfer for a “secret acquisition” that couldn't “leak.” The tone, voice, and even body language were convincing. The CFO approved the transfer. The money moved through three intermediary accounts in Singapore, Dubai, and Hong Kong.
🔍 How It Was Discovered
The fraud was detected 4 hours later when the real CEO showed up at the office. The CFO mentioned the “transfer,” and the CEO replied he never made such a call. The company immediately contacted authorities, but the money had already been moved to crypto wallets.
📖 Read more: NIS2: Which Businesses in Greece Face New Obligations?
German authorities, working with Europol, traced part of the flow to nodes connected to North Korean hacking groups. The connection remains unconfirmed, but Germany's BKA (federal police) called the method “extremely sophisticated.”
📈 The Deepfake Fraud Trend
In 2025, deepfake-based fraud increased by 350% compared to 2024. Deloitte estimates global businesses will lose over $40 billion to deepfake fraud by end of 2026. The corporate video call — once considered a secure identification method — is no longer reliable.
🛡️ How to protect yourself: Establish a “safe word” with executives for large transfers. Always request a second verification channel (phone, email). Don't trust video calls as the sole means of identification.
📖 Read more: OpenSSL: Critical Vulnerabilities Affect Millions in 2026
🇪🇺 Europe's Response
The EU is considering legislation mandating deepfake detection tools for corporate communications. Germany already requires dual-authentication for money transfers above €100,000 — but enforcement isn't universal. In Greece, the Bank of Greece issued a warning about deepfake scams but without binding guidelines.
