Video calls were once considered one of the most reliable ways to verify that you are actually speaking with the person you think you are. That certainty has eroded significantly. Deepfake technology — AI systems that can replace a person’s face and voice in a live video feed in real time — has become accessible enough that it is no longer a concern limited to political disinformation or high-profile fraud. It is now a realistic threat in personal finance scams, corporate impersonation attacks, and family targeting schemes.
This guide does not require technical expertise to implement. These are practical, immediate techniques anyone can use during a video call to identify whether the person on screen is who they claim to be.
Understand What Current Deepfakes Cannot Easily Do
The best defense strategy starts with knowing the limitations of the technology you are defending against. Current real-time deepfake systems, despite their sophistication, have consistent weak points that you can probe during a call.
Side profiles remain the most technically challenging aspect of real-time face replacement. Most deepfake systems are trained predominantly on front-facing images and struggle to maintain consistent rendering when a face turns significantly to the side. Extreme expressions — a wide open mouth, exaggerated surprise, touching the face — also tend to cause visible artifacts or unnatural distortions.
Audio and video synchronization is another known weakness. When a deepfake system is processing both the visual replacement and the audio in real time, there is often a measurable delay between mouth movements and the sound of hard consonant sounds — P, B, and M are the most reliable test cases. This lag is typically in the range of 50 to 100 milliseconds, small enough to miss if you are not looking for it but visible once you know what to watch.
Use Physical Challenges During the Call
The most direct detection method is asking the person on screen to do something that current deepfake systems handle poorly. Ask them to turn their head fully to one side — a ninety-degree profile view. Ask them to hold an object close to their face. Ask them to wave their hand in front of their face, which causes most face-replacement systems to produce visible tearing or distortion at the edge of the hand.
These requests should feel natural in the context of the conversation, not like an interrogation. You might look at something to the side of your screen and ask the other person to look at something in their environment — which naturally prompts them to turn their head. The goal is to observe the behavior, not to announce that you are running a verification check.
If the person resists any request that would change their position or bring an object near their face, treat that as a significant warning sign.
Establish Verification Phrases in Advance
For any relationship where video calls involve financial decisions, sensitive information, or access requests — family members, business partners, financial advisors — establish a shared verification phrase before you ever need it.
This is a specific word or short phrase that both parties agree in advance to use at the start of any call involving money or sensitive requests. It should not be something predictable — not a name or a standard greeting — and it should not be stored in any digital communication that could be compromised. The phrase itself is less important than the agreement: if the phrase is absent from a call involving a significant request, the call should be terminated and the person contacted through a separate verified channel.
This is the same principle used in security-conscious corporate environments. It works because it requires prior knowledge that a deepfake, operating in real time, cannot possess.
Check Background Lighting Consistency
Deepfake overlays often create a subtle but detectable inconsistency between the lighting on the caller’s face and the lighting in their background. In a genuine video, light sources illuminate both the person and their environment in a physically consistent way — shadows fall in the same direction, light intensity matches, ambient color is uniform.
In a deepfake, the face replacement is typically rendered with a default or averaged lighting model that may not match the actual environment behind the person. Look at the direction of shadows on the caller’s face and compare them to shadows visible in the background. Look at whether the color temperature of the light on the face matches the light in the room. A mismatch is not definitive proof — video compression and camera quality can create similar artifacts — but it is a useful indicator to combine with other observations.
Use Real-Time Detection Tools
Several tools now exist specifically for detecting synthetic artifacts in live video streams. Browser extensions from security companies like CloudSEK and ZeroFox analyze incoming video frames for statistical patterns associated with AI-generated faces — compression artifacts, unnatural skin texture, rendering inconsistencies in hair and eye edges.
These tools are not infallible. Detection rates vary depending on the quality of the deepfake system being used, and adversarial deepfakes are specifically engineered to evade known detection methods. Use them as one layer of a multi-layer approach rather than as a single definitive check.
For high-stakes calls, run detection software alongside the behavioral checks described above. A call that triggers a detection flag and where the caller resists profile-view requests is a call you should not trust.
Establish a Response Protocol
Knowing how to detect a potential deepfake is only useful if you also know what to do when you suspect one. Establish a clear personal protocol before you ever need it.
If something seems off during a video call that involves a request for money, access, or sensitive information, end the call politely on a pretext — a technical problem, an interruption — and contact the supposed caller through a completely separate channel. Call their known mobile number. Send a message through a platform you have previously verified as their genuine account. Do not respond to the request until you have confirmed the caller’s identity independently.
Time pressure is a common manipulation tactic in impersonation scams. Genuine urgent requests can withstand a brief delay for verification. Any caller who insists you act immediately, before you have a chance to confirm their identity, is using a social engineering technique regardless of whether a deepfake is involved.
