Example:
When Recognition Becomes the Vulnerability
Select the Start button to begin
Start
Select the Listen button to play the narration for this slide
Navigation
Listen
buttons
Use the following buttons to navigate through the course content
Listen
Play the audio for the current page
hOME
nEXT
PREVIOUS
Return to the previous page
Return to the course home page
Move to the next page
home
next
previous
Select the Listen button to play the narration for this slide
Listen
Hi, I’m Jim, and I want to walk you through a case that felt like a cybersecurity incident… but the real vulnerability wasn’t a firewall. It was human trust—specifically, the kind of trust you build when you think you recognize someone’s voice.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Part I - The situation
You work for a company that does time-sensitive payments. It could be a logistics firm paying vendors, a nonprofit moving grant funds, or a business that handles urgent supplier invoices. The point is: money moves fast, approvals happen quickly, and people are used to solving problems immediately.
One Friday afternoon—late, right when everyone is trying to wrap up—you get a message on your phone. It’s a voicemail, and it’s from your “CFO.” The voice is perfect. Same tone. Same pace. Same little habits—like the quick inhale before a sentence, the slightly clipped endings on certain words. The voicemail says something like:
“Hey—call me back ASAP. We have a payment situation. We need a wire out today. It’s confidential. I’m in a meeting and I can’t talk for a long time, but I’m going to text you details. This is critical. Please move fast.”
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
The Situation
Right away, your body reacts. That message triggers urgency. It triggers authority. It triggers fear of being the person who slows down the company.
A minute later, a text arrives. It says the CFO is dealing with a sensitive vendor issue and needs you to process a wire to a new account before the end of day. The text includes the routing number, the account number, and a note: “Do not loop in others. We’ll explain it later. I’m counting on you.”
This is where deepfakes become dangerous: not because the audio is technically impressive, but because it lands inside a real workplace pressure system—authority, time, confidentiality, and fear of consequences.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
The Situation
You hesitate because something feels off—but you can’t explain why. The request is unusual, but not impossible. And the voice message makes it feel real. You decide to walk down the hall to your manager, but your manager is already out. People are leaving. The finance team is thin.
You open the banking portal. You start the wire template. And then you stop—because you remember a training you barely paid attention to: “Verify out-of-band.”
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
The Situation
You decide to call the CFO directly.
No answer.
You try again.
Still no answer.
Now the pressure spikes. The voicemail said the CFO was in a meeting. That “explains” it. The fake covers the gap. Then another text hits:
At this point, you’re not just deciding about a wire. You’re deciding what kind of organization you work in:
One that rewards speed at any cost,
or one that protects people with process.
“Any update? We’re running out of time.”
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Part II – The Shift
Instead of sending the wire, you do something simple that becomes the entire defense: you verify through a channel the attacker can’t control.
Now you know something is wrong. You report the incident to security and your finance lead. Within minutes, a few more discoveries happen:
You call the CFO’s assistant—someone who schedules meetings and knows where the CFO is. The assistant answers immediately and says: “He’s not in a meeting. He’s on a flight.”
- Another team member got a similar text.
- Someone else received a short voice note from “the CEO” asking for gift card purchases.
- An employee in HR got a message that sounded like a senior leader asking for sensitive personnel info “for a legal matter.”
So, this isn’t random. It’s a coordinated synthetic social engineering campaign.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Investigation
Security begins triage:
- They ask you to preserve voicemail and text messages.
- They check whether the CFO’s phone number was spoofed.
- They look for recent public videos or interviews of the CFO—because deepfake creators often need source material.
- They search for email compromise or calendar access to understand how the attacker timed the attempt so perfectly (late Friday, low staffing, high urgency).
Then the organization faces a second problem: communication.
If you tell everyone “deepfake attack,” people may panic and stop trusting any audio or video. But if you say nothing, the attacker will keep trying.
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
Response
So, you choose a calm, specific message: “We’re seeing impersonation attempts using realistic voice messages. Do not process payment, credentials, or sensitive requests based on voicemail or text alone. Verify via known internal channels and follow the approval process. If you receive a message like this, report it immediately.”
That message is powerful because it focuses on behavior, not fear.
Meanwhile, leadership works with legal and compliance. Because now you also have ethical questions:
- Do you publicly disclose the attempt?
- Could this harm trust with customers?
- How do you protect employees from blame if they almost complied?
- How do you handle the possibility that some requests did go through?
The organization decides to treat it like a serious incident, but also a learning moment. They emphasize: the attacker exploited human systems—urgency and authority—not stupidity.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Part III – Results
Because you verified out-of-band, the wire never happens. And because you reported quickly, the campaign gets contained.
- Tighter payment verification requirements for new accounts
- Mandatory dual approval for end-of-day wires
- A clear “no secrecy” rule: confidentiality never cancels verification
- An internal code-word or verification phrase for urgent requests (used carefully and updated regularly)
- Quick awareness training that focuses on behavior: pause, verify, report
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Results
A week later, something important happens culturally: leadership publicly thanks the people who slowed down. Not because “nothing happened,” but because the absence of harm was the result of disciplined process.
That changes incentives. People learn that protecting the organization is more important than moving fast under pressure.
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
Part IV – Takeaway
Here’s your Week 3 takeaway: deepfakes don’t just trick your eyes or ears—they exploit your urgency and your trust in authority.
Your best defense is not just detection technology. It’s verification discipline:
- Use out-of-band confirmation
- Require proof for sensitive actions
- Follow approval processes even when pressure is high
- And communicate calmly so trust is protected, not destroyed
That’s what cybersecurity looks like in a world where reality can be fabricated on demand.
home
next
previous
Select the Listen button to play the narration for this slide
Listen
Congratulations!
You've successfully completed the example
home
previous
W3_LSTD517_Example
Griky Kontent
Created on February 3, 2026
Start designing with a free template
Discover more than 1500 professional designs like these:
View
Akihabara Connectors Infographic
View
Essential Infographic
View
Practical Infographic
View
Akihabara Infographic
View
Vision Board
View
The Power of Roadmap
View
Artificial Intelligence in Corporate Environments
Explore all templates
Transcript
Example:
When Recognition Becomes the Vulnerability
Select the Start button to begin
Start
Select the Listen button to play the narration for this slide
Navigation
Listen
buttons
Use the following buttons to navigate through the course content
Listen
Play the audio for the current page
hOME
nEXT
PREVIOUS
Return to the previous page
Return to the course home page
Move to the next page
home
next
previous
Select the Listen button to play the narration for this slide
Listen
Hi, I’m Jim, and I want to walk you through a case that felt like a cybersecurity incident… but the real vulnerability wasn’t a firewall. It was human trust—specifically, the kind of trust you build when you think you recognize someone’s voice.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Part I - The situation
You work for a company that does time-sensitive payments. It could be a logistics firm paying vendors, a nonprofit moving grant funds, or a business that handles urgent supplier invoices. The point is: money moves fast, approvals happen quickly, and people are used to solving problems immediately.
One Friday afternoon—late, right when everyone is trying to wrap up—you get a message on your phone. It’s a voicemail, and it’s from your “CFO.” The voice is perfect. Same tone. Same pace. Same little habits—like the quick inhale before a sentence, the slightly clipped endings on certain words. The voicemail says something like:
“Hey—call me back ASAP. We have a payment situation. We need a wire out today. It’s confidential. I’m in a meeting and I can’t talk for a long time, but I’m going to text you details. This is critical. Please move fast.”
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
The Situation
Right away, your body reacts. That message triggers urgency. It triggers authority. It triggers fear of being the person who slows down the company.
A minute later, a text arrives. It says the CFO is dealing with a sensitive vendor issue and needs you to process a wire to a new account before the end of day. The text includes the routing number, the account number, and a note: “Do not loop in others. We’ll explain it later. I’m counting on you.”
This is where deepfakes become dangerous: not because the audio is technically impressive, but because it lands inside a real workplace pressure system—authority, time, confidentiality, and fear of consequences.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
The Situation
You hesitate because something feels off—but you can’t explain why. The request is unusual, but not impossible. And the voice message makes it feel real. You decide to walk down the hall to your manager, but your manager is already out. People are leaving. The finance team is thin.
You open the banking portal. You start the wire template. And then you stop—because you remember a training you barely paid attention to: “Verify out-of-band.”
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
The Situation
You decide to call the CFO directly.
No answer. You try again. Still no answer.
Now the pressure spikes. The voicemail said the CFO was in a meeting. That “explains” it. The fake covers the gap. Then another text hits:
At this point, you’re not just deciding about a wire. You’re deciding what kind of organization you work in:
One that rewards speed at any cost, or one that protects people with process.
“Any update? We’re running out of time.”
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Part II – The Shift
Instead of sending the wire, you do something simple that becomes the entire defense: you verify through a channel the attacker can’t control.
Now you know something is wrong. You report the incident to security and your finance lead. Within minutes, a few more discoveries happen:
You call the CFO’s assistant—someone who schedules meetings and knows where the CFO is. The assistant answers immediately and says: “He’s not in a meeting. He’s on a flight.”
So, this isn’t random. It’s a coordinated synthetic social engineering campaign.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Investigation
Security begins triage:
Then the organization faces a second problem: communication.
If you tell everyone “deepfake attack,” people may panic and stop trusting any audio or video. But if you say nothing, the attacker will keep trying.
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
Response
So, you choose a calm, specific message: “We’re seeing impersonation attempts using realistic voice messages. Do not process payment, credentials, or sensitive requests based on voicemail or text alone. Verify via known internal channels and follow the approval process. If you receive a message like this, report it immediately.”
That message is powerful because it focuses on behavior, not fear. Meanwhile, leadership works with legal and compliance. Because now you also have ethical questions:
The organization decides to treat it like a serious incident, but also a learning moment. They emphasize: the attacker exploited human systems—urgency and authority—not stupidity.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Part III – Results
Because you verified out-of-band, the wire never happens. And because you reported quickly, the campaign gets contained.
home
next
previous
Select the Listen button to play the narration for this slide.
Listen
Results
A week later, something important happens culturally: leadership publicly thanks the people who slowed down. Not because “nothing happened,” but because the absence of harm was the result of disciplined process.
That changes incentives. People learn that protecting the organization is more important than moving fast under pressure.
home
next
previous
Listen
Select the Listen button to play the narration for this slide.
Part IV – Takeaway
Here’s your Week 3 takeaway: deepfakes don’t just trick your eyes or ears—they exploit your urgency and your trust in authority. Your best defense is not just detection technology. It’s verification discipline:
That’s what cybersecurity looks like in a world where reality can be fabricated on demand.
home
next
previous
Select the Listen button to play the narration for this slide
Listen
Congratulations!
You've successfully completed the example
home
previous