Learn about the latest deepfake tools used by fraudsters in 2025–26 and the growing challenges they pose for recruiters and businesses.
Abhishek Kaushik
Nov 3, 2025
Cybercriminals are increasingly leveraging AI-generated deepfakes hyper-realistic fake voices and videos to commit fraud. In fact, deepfake scam attempts surged by 3,000% in 2023, with businesses facing average losses of nearly $500,000 per incident by 2024.
This spike is fueled by easy-to-use software that can clone voices or swap faces with stunning realism.
Below we spotlight some of the most popular deepfake software tools used by fraudsters in 2025-26, explaining how they work, why they attract criminals, and how they’re being misused in job interviews, voice impersonation scams, and identity theft schemes.
Deepfake Video Generation Tools (Face-Swapping & Video Avatars)
1. DeepFaceLab
DeepFaceLab is an open-source tool (on GitHub) that uses deep neural networks to swap one person’s face onto another in video. It trains on source and target footage to replicate the facial features and expressions of the source onto the target, producing highly convincing fake videos.
Deepfacelab - a leading software to create deepfakes
Why fraudsters use it?
It’s free, well-documented, and extremely powerful - reportedly responsible for 95%+ of all deepfake videos online. Its availability and community support lower the barrier for non-experts to create realistic fake footage.
Fraudsters favor DeepFaceLab because it can generate high-quality impersonations (e.g. making a scammer look exactly like a CEO or public figure on video (also called deepfake phising) without expensive equipment.
Malicious use cases:
Commonly used to impersonate executives or celebrities in scam videos - for example, creating fake CEO video calls that trick employees into approving wire transfers.
Criminals also use it to forge identities in recorded video interviews or “deepfake” job applicants (swapping a accomplice’s face with a stolen identity to infiltrate companies).
Additionally, DeepFaceLab has been misused to create false video evidence and even non-consensual explicit videos for extortion - all by swapping faces onto video with frightening realism.
Source: deepstrike.io
2. FaceSwap
FaceSwap is another popular open-source application for deepfake face-swapping. Like DeepFaceLab, it employs AI models (often autoencoders/GANs) to overlay one face onto another in images or video. It provides a user-friendly interface to train and generate face swaps.
source: faceswap.dev
Why fraudsters use it?
FaceSwap is freely available and relatively easy to use, which means even low-skilled actors can produce deepfakes. It comes with pre-built models and active forums, making deepfake creation accessible.
Researchers note that tools like FaceSwap and DeepFaceLab are among the common technologies for video deepfakes used in cybercrime.
Malicious use cases
Fraudsters turn to FaceSwap for many of the same schemes - creating fake ID videos, manipulating social media footage, or crafting impersonation videos.
For example, a scammer might use FaceSwap to bypass “liveness” identity checks by superimposing a stolen photo onto their face in a video, fooling biometric verification systems.
This contributes to the rise of deepfake attacks on remote ID verification (up 704% in 2023 alone).
FaceSwap has also been used in investment scams (e.g. deepfake videos of entrepreneurs endorsing fake crypto schemes) and other impersonation frauds.
3. Avatarify
Avatarify is an AI tool that lets a user puppet a target face in real time on video calls. Using a single photo of a person, it employs a first-order motion model to animate that face with the scammer’s own facial movements (or keystrokes controlling expressions).
The result: on a live webcam feed, the attacker appears as someone else, blinking and moving naturally.
source: https://avatarify.en.softonic.com/
Why fraudsters use it?
It claims to enable instantaneous impersonation during Zoom/Teams calls or live chats. No lengthy training is required - the software maps facial landmarks in real time. This makes it ideal for schemes where the fraudster needs to interact live while hiding their true identity.
Advanced deepfake tools like Avatarify are hard to detect, often evading automated anti-deepfake checks. Its low cost (even free versions) and simplicity attract criminals looking to fool victims "face-to-face" over video.
Malicious use cases:
Deepfake job interviews are a major use - scammers have used Avatarify to pose as job candidates with stolen identities, complete with perfectly lip-synced fake faces.
This tactic has been used to gain employment under false pretenses and then access company systems. Avatarify is also discussed on dark web forums for bypassing selfie ID verifications (for bank accounts, crypto exchanges, etc.), by manipulating video or selfie checks in real time.
In one reported 2024 case, criminals even impersonated a company’s CFO on a live video call to authorize a fraudulent $25 million transfer - illustrating how real-time deepfake avatars can facilitate high-stakes impostor scams.
4. Synthesia
By nature Synthesia is a commercial AI video generation platform that creates lifelike talking-head videos from text.
Users can type a script and choose a digital avatar (or even create a custom one), and Synthesia generates a video of that virtual “person” speaking with natural expressions and lip-sync. It essentially provides synthetic presenters without needing a real actor.
source: synthesia.io
Why fraudsters use it?
It allows scammers to produce polished, credible-looking videos with minimal effort. No technical skill is needed - the service handles the heavy AI lifting.
This is attractive for fraud campaigns that benefit from a human face: e.g. a fake company rep delivering a pitch. Synthesia’s avatars look professional and can speak multiple languages, letting fraudsters adapt scams to different targets.
As one cybersecurity analysis noted, AI avatar generators are being used to create fake spokesperson videos that lend credibility to scams.
Malicious use cases:
Social engineering and marketing scams often leverage Synthesia-style videos. For instance, criminals have created fake “CEO announcements” or investment opportunity videos featuring a realistic avatar to win victims’ trust.
We’ve also seen deepfake news or propaganda where an avatar resembling a known journalist or official spreads disinformation. In identity theft, a fraudster might synthesize a video of a non-existent individual (a fully AI-generated persona) to establish a fake identity for online schemes.
While Synthesia’s service has policies against misuse, determined fraudsters may use leaked or stolen avatar models, or similar platforms, to generate convincing video messages as part of their con.
5. ElevenLabs
ElevenLabs provides an AI-driven text-to-speech voice cloning service known for its realism. With a short audio sample of a person’s voice, ElevenLabs’ deep learning model can create a digital voice that closely mimics the original speaker’s tone, accent, and mannerisms.
The user can then generate any speech in that cloned voice by typing text.
source: https://elevenlabs.io/voice-cloning
Why fraudsters use it?
ElevenLabs became notorious in 2023-25 for how quickly and convincingly it can clone voices. It requires only a small snippet of audio (sometimes seconds long) to generate a passable impersonation.
The platform is relatively low-cost and easy to access, allowing scammers to scale up voice-fraud operations cheaply. Security analysts explicitly warn that off-the-shelf tools like ElevenLabs are being leveraged by attackers for voice impersonation.
The appeal is that a fraudster can obtain a target’s voice (say from a YouTube video or voicemail) and within minutes produce an AI clone that can speak on phone calls or voice messages almost indistinguishably from the real person.
Malicious use cases:
Voice impersonation scams have exploded thanks to services like this. For example, criminals have cloned CEOs’ voices to perform “CEO fraud” phone calls, urgently instructing employees to wire money to fraudulent accounts.
Another common scheme is the “family emergency” scam – a fraudster clones a loved one’s voice and calls a victim (e.g. a parent or grandparent) claiming they’re in trouble and need money immediately.
ElevenLabs-style cloning has also been used to defeat voice-based identity verification and even to leave fake voicemail directives.
One alarming statistic: scammers now need as little as 3 seconds of audio to create an 85% accurate voice clone, and a high-quality fake voice call can cost under $1 and 20 minutes to produce.
This convenience has led to a surge in AI-driven vishing (voice-phishing) and “deepfake robocalls” targeting both individuals and organizations.
6. Resemble AI
Resemble AI is another platform that offers custom AI voice generation. Users can train a clone of a voice using provided audio data or choose from preset AI voices.
It then allows text-to-speech output in that cloned voice and even voice conversion in some cases. Technically, it uses sophisticated speech synthesis models that capture the vocal fingerprint of the target.
source: resemble.ai
Why fraudsters use it?
Resemble AI is known for flexible APIs and high-quality output, making it a favorite for developers – including malicious actors – who want to integrate voice clones into their tools.
It’s commercially available but with fewer safety restrictions publicized than some big tech offerings, which can make it an attractive option on underground markets. Cybercrime reports list Resemble AI (alongside ElevenLabs and others) as go-to solutions for generating synthetic voices.
For criminals, it’s another avenue to obtain a believable voice clone if one service gets shut down or if they want to automate scam call campaigns via API.
Malicious use cases:
Similar to ElevenLabs, Resemble AI’s technology has been linked to fraud call operations and deepfake audio in phishing. Scammers might use it to mass-produce robocalls that mimic a bank’s customer service line or a government agent’s voice instructing victims to divulge information.
It’s also used to create audio for deepfake videos – e.g. pairing a fake video of a person with a cloned voice track for greater authenticity in an impersonation. Additionally, threat actors have experimented with such tools to bypass voice biometric login systems (creating the victim’s voice to trick phone banking security).
In essence, any scam that requires a tailored, realistic voice - from fake tech support calls to bogus voicemail orders - can be supercharged by services like Resemble AI.
Deepfake technology has rapidly evolved into a powerful toolkit for fraudsters, lowering the skill required to commit convincing impersonation scams.
Whether it’s a forged video identity in a remote job interview or an AI-cloned voice pleading for an urgent money transfer, these tools exploit trust and the difficulty of telling real from fake. As we’ve highlighted, popular software like DeepFaceLab, Avatarify, Synthesia, ElevenLabs, and others are enabling criminals to create credible illusions of people for malicious gain.
Recognizing the capabilities of these deepfake tools is critical for organizations and individuals alike - it underscores why verification steps (such as secondary authentication, liveness tests, or call-backs) are increasingly necessary when something feels off.
The deepfake threat will likely continue to grow through 2025–26, but awareness of the software fraudsters use is a first step in defending against this AI-powered deception.
If deepfake in Interview is concern for you, try Sherlock on withsherlock.ai
