AI-driven threats & deepfakes: verify, then trust

Course description:

This hands-on, interactive course explores how attackers use AI for voice cloning, deepfake videos, and phishing automation. Through real-world cases, simulations, and roleplay, you’ll learn verification techniques to spot and counter these threats. The course prioritises fun, engagement, and practical learning, with no dry theory or heavy assessments.

This course description is open source. Feel free to use it.

Course outline

Duration: 1 day (6 hours, including breaks)

Format: In-person or virtual (adaptable for both)

Audience: Employees, managers, it teams, or anyone interested in digital security.

Timetable

Session 1: introduction to AI-driven threats (60 mins)

  • Overview of AI in cyber threats: voice cloning, deepfakes, phishing automation.

  • Real-world cases: ceo fraud, fake video calls, political disinformation.

  • Activity: “spot the fake” – quick quiz on AI-generated vs. authentic content.

Session 2: deepfake deep dive (90 mins)

  • How deepfakes are made (simplified technical breakdown).

  • Real-world examples: manipulated videos, audio scams.

  • Hands-on activity: “is this real?” – compare AI-generated and authentic messages/videos.

  • Verification techniques: call-back protocols, multi-factor checks, metadata analysis.

Break (15 mins)

Session 3: phishing automation & voice cloning (90 mins)

  • How attackers use AI to scale phishing campaigns.

  • Voice cloning: how it works and how to detect it.

  • Roleplay: “the suspicious call” – participants practise verifying a cloned voice request.

Lunch (30 mins)

Session 4: the big exercise – red team vs. blue team (120 mins, optional)

  • Based on a real-world AI-driven attack (e.g., a ceo fraud case).

  • Red team: designs a deepfake or AI-phishing attack.

  • Blue team: devises detection and response strategies.

  • Debrief: what worked, what didn’t, and key takeaways.

Session 5: “verify, then trust” checklist (45 mins)

  • Building a personal and organisational verification framework.

  • Fun quiz: “can you beat the AI?” – test your skills in spotting fakes.

  • Q&A and wrap-up.

Resources required

  • Sample deepfake videos and audio clips (pre-prepared).

  • Phishing email examples (AI-generated vs. real).

  • Roleplay scripts for voice cloning exercise.

  • Slides with real-world case studies.

  • Access to a video/audio editing tool (basic, for demonstration).

  • Printed/digital “verify, then trust” checklists.

Key activities explained

  1. “Is this real?” simulation

    • Participants compare AI-generated content with real examples in small groups.

    • Discuss clues (e.g., unnatural speech patterns, odd lighting in videos).

  2. Roleplay: the suspicious call

    • One participant plays an attacker using voice cloning to request sensitive data.

    • Another must use verification techniques (e.g., call-back protocols) to confirm legitimacy.

  3. Red team vs. blue team exercise

    • Scenario: A company receives a fake video call from a “senior executive” asking for a fund transfer.

    • Red team designs the attack (script, fake video, or audio).

    • Blue team detects and responds (e.g., checks with another executive, analyses the video).

Takeaways

  • A personalised “verify, then trust” checklist.

  • Confidence in identifying AI-driven threats.

  • Practical experience through roleplay and simulations.

  • A completion certificate (no pass/fail).

Notes for facilitators

  • Keep the tone light and engaging.

  • Encourage participation but no pressure.

  • Adapt real-world cases to the audience’s industry.

  • For virtual delivery, use breakout rooms for group activities.

This course is designed to be memorable, practical, and fun—because the best learning happens when people enjoy themselves.

Last update: 2025-06-08 13:05