AI Scam SensePart of AI Sure Tech

Deepfake video request from an executive

The Executive Video That Changed the Payment

An employee receives a short video message that appears to show an executive approving an urgent payment change, but the request bypasses normal controls.

Try this in Before You ActBack to scenarios

Scenario story

The message before closing

Evan works in finance for a regional manufacturing company. Late Friday afternoon, he receives a message marked urgent. It includes a short video that appears to show the company's chief operating officer asking him to approve a same-day vendor payment. The video is brief, direct, and sounds like the executive.

The unusual details

The request says the payment is confidential because it relates to a sensitive deal. Evan is told not to discuss it with the usual approvals team. The account information is new, and the deadline is before the bank cutoff. The video makes the request feel more trustworthy than a normal email would.

The control that matters

Evan follows company policy anyway. Payment changes require independent verification using a known phone number and a second approver. He calls the executive assistant through the internal directory. The assistant confirms the executive is in meetings and did not send the video.

The aftermath

The company blocks the sender, alerts staff, and reviews whether any public executive videos could have been used to imitate the executive. Evan's decision shows the key lesson: a realistic video should not override payment controls.

Warning signs

  • A video or audio message requests urgent financial action.
  • The request bypasses normal approval procedures.
  • The sender asks for secrecy or confidentiality.
  • Payment details have changed.
  • The deadline is designed to beat bank cutoff times.
  • The message arrives through an unusual channel.

Questions to ask

  • Would this request be approved if it came by ordinary email?
  • Does it follow our payment-change policy?
  • Can I verify the request through a known internal phone number or system?
  • Why am I being told not to involve the usual approver?
  • Are urgency and realism being used to bypass controls?

Safer next steps

  • Follow payment verification procedures even when a video or voice message seems real.
  • Verify urgent requests through known internal channels.
  • Require second approval for new bank details or high-risk payments.
  • Report suspicious messages to IT, security, or leadership.
  • Train staff that deepfake realism is not proof of authority.

What not to do

  • Do not approve payments based only on a video or voice message.
  • Do not skip controls because a request appears to come from an executive.
  • Do not use phone numbers or links included in the suspicious message for verification.
  • Do not keep the request secret from required approvers.
  • Do not rush a payment just to meet an artificial deadline.