From Novelty to Weapon: The Rise of Realtime Deepfake Scams
Realtime deepfake scams have moved from theory to everyday risk. Tools such as Haotian AI and similar face replacement software allow fraudsters to map one person’s face onto another in live video, creating convincing but entirely fabricated identities. Originally marketed as entertainment or experimentation, these tools are now openly advertised in underground communities as turnkey solutions for video call fraud and AI impersonation. In practice, a scammer can join a WhatsApp, Zoom, or Teams call appearing as a trusted boss, colleague, or relative, then pressure victims to transfer data, money, or access. This is a new category of social engineering that exploits our trust in seeing a familiar face. Unlike pre-recorded deepfake videos, these tools adjust in real time to facial expressions and lighting, making improvised conversation possible and traditional visual checks far less reliable.
How Face Replacement Software Targets Video Platforms
Face replacement software works by capturing a live camera feed and overlaying a synthetic face in real time before the image reaches WhatsApp, Zoom, Teams, or similar platforms. To the recipient, it looks like a normal video call with a recognizable face, even though the person behind the camera is a stranger. Scammers can combine this with stolen profile photos, leaked meeting links, or compromised accounts to slip into corporate calls or family chats. Because these platforms were designed primarily for performance and ease of use, they typically do not include robust checks for AI-generated facial replacements. Video call fraud becomes especially dangerous when combined with audio manipulation and social engineering, such as urgent requests to approve payments, share passwords, or bypass normal procedures. When a fake face appears in a legitimate meeting room, many victims do not realize they are being manipulated until long after the call ends.
Why Detection Is Lagging Behind AI Impersonation
Video platforms currently lack sufficient mechanisms to spot AI impersonation in live sessions. Deepfake scams rely on subtle but rapid transformations, and existing moderation tools focus more on content reporting than real-time analysis. At the same time, AI is being used to probe and exploit weaknesses in digital systems more broadly. Security researchers have already documented AI-generated exploits designed to bypass multi-factor authentication, demonstrating how machine learning can identify and weaponize vulnerabilities faster than humans. Although this particular exploit was detected and neutralized, it shows the same pattern: AI lowers the barrier for attackers to create sophisticated tools without deep technical expertise. In the context of face replacement software, this means that realistic impersonation on video calls can be assembled from readily available components, leaving defenders to catch up with detection algorithms, device-level protections, and better platform safeguards.
Recognizing Video Call Fraud and Deepfake Red Flags
Even without platform-level detection, individuals can spot warning signs of deepfake scams. Look closely at facial details: slight blurring around the jawline, unnatural blinking, or inconsistent lighting compared to the background may indicate face replacement software. Pay attention to lip-sync issues, especially when the speaker talks quickly or turns their head. Another red flag is unusual behavior from a familiar contact—such as an unexpected request to rush a financial transaction, share one-time passwords, or install unfamiliar software during a call. When a supposed boss or colleague joins from a new account or device, verify why. If the call quality seems oddly smooth or artificial despite a poor connection, that can also hint at AI processing. Ultimately, any mismatch between a person’s usual communication style and their on-screen appearance should prompt closer scrutiny and verification through other channels.
Practical Steps to Protect Yourself from Deepfake Scams
Defending against deepfake scams requires combining technical settings with cautious behavior. First, establish out-of-band verification: if a video call involves sensitive requests, confirm them via a separate channel such as a known phone number, secure messaging app, or in-person conversation. Companies should define strict policies that no financial or access changes can be approved solely based on video instructions. Use platform security features like locked meeting rooms, waiting rooms, and authenticated invitations to reduce the chance of impostors joining calls. Enable multi-factor authentication for accounts to limit hijacking, recognizing that even these protections can be targeted by AI-generated exploits. Educate staff, family, and partners about AI impersonation risks so they know to pause and verify when something feels off. By assuming that any face on a screen could be fabricated, and embedding verification into workflows, users can significantly reduce the effectiveness of realtime deepfake fraud.