I Got Deepfaked in 15 Minutes. Here's What AI-Powered Social Engineering Looks Like.
I work in cybersecurity. I talk about social engineering, AI-assisted attacks, and identity-based threats for a living. I know the attacker playbooks.
So when Rachel Tobac, three-time DEFCON Social Engineering Competition champion and CEO of Social Proof Security, offered to demonstrate a live attack on me during our recent webinar, I figured I knew roughly what was coming.
I was very wrong.
In fifteen minutes, Rachel built a complete attack dossier, a spear-phishing pretext so personal it made me laugh, a cloned version of my voice, and a deepfake video of my face asking a colleague for my password. All she used was off-the-shelf AI tools pulling publicly available data.
That is the threat landscape in 2026. And it means the question every security team should be asking is no longer how to stop every attacker from getting in but how to make sure that when someone clicks, the damage stays contained.
Fifteen minutes was all it took to build an attack pretext
Rachel started with the basics: finding my contact details.
Using data broker sites like Rocket Reach and ContactOut, she pulled my email addresses and phone numbers in seconds. She then confirmed they were active by abusing password reset flows on Facebook, eBay, and Twitter.
This was standard attacker methodology with no hacking required. That part alone took her a few minutes.
From there, she plugged those contact details into a breach data repository called Dehashed. She found me in eight separate data breaches, and pulled dating including:
- Three phone numbers
- Three physical addresses
- Two email addresses
- One username
- My date of birth
- A plain text password
Having that information on the web wasn’t my fault, technically. Breaches happen to organizations I trusted with my data. But the attacker doesn’t care whose fault it is.
Then came the pretext, which is the scenario she would use to get me to click, call back, or hand over a credential.
She found on my public social media that I’m an avid cricket fan and a devoted listener of a comedy podcast called The Grade Cricketer. She built an email impersonating two of the hosts, Sam Perry and Ian Higgins, inviting me to participate in a short listener interview segment.
The link in that email would’ve been malicious.
Here’s the embarrassing part. I have actually emailed Sam and Ian before, asking them to discuss a topic on the show. I’m a genuine superfan.
When Rachel revealed the pretext on screen, my honest reaction was that I would’ve clicked it immediately — not out of carelessness but excitement. Every piece of my professional security training would’ve evaporated the moment I thought my favorite podcast had finally replied.
“People don’t realize that there are little nuggets on the internet that allow me to create a believable, rewarding pretext,” Rachel said.
The cricket podcast was that nugget for me.
Rachel showed that effective social engineering succeeds by finding the one thing that makes you human, whether that’s a passion, a relationship, or a moment of excitement, and exploiting it precisely.
The more you share publicly, the more raw material you hand an attacker.
Then I got deepfaked
The voice clone came next.
Rachel had found an episode of a podcast I appeared on five months ago. Using roughly a minute of that audio, she cloned my voice with an AI tool.
It was my voice, asking a colleague to read out my password because my password manager had stopped working right before a board meeting.
Then she layered it over a real-time deepfake video of my face. The full package included what looked like a Zoom call, my face on screen, my voice on the line, and a plausible high-pressure scenario.
I read the phrase myself so the audience could compare. The deepfake version was smoother than my real delivery.
Rachel assumed that someone at work, especially someone who sees me only occasionally in meetings, would be far more likely to comply than someone who hears me every day and knows my exact cadence.
What struck me most was the timeline. The voice clone took minutes. The deepfake was generated in real time.
Three years ago, Rachel told us, building an OSINT dossier took her close to a hundred hours. Today, AI compresses that to twenty or thirty minutes.
The same compression is happening across the entire attack chain. The attacker’s workflow has been industrialized.
“AI changes the scalability and believability of the attack,” she said. “It allows you to wear somebody else’s face, wear somebody else’s voice, and become a different person much more credibly.”
The rise of AI-powered social engineering
The cricket podcast moment was embarrassing, but it’s also a window into how fundamentally AI has changed the attacker's toolkit.
Three years ago, Rachel told us, building the kind of dossier she assembled on me in fifteen minutes took close to a hundred hours. Today, AI compresses that across every stage of the attack chain.
The attacker’s workflow has been industrialized, and the skill floor has dropped dramatically. A moderately resourced attacker can now execute the kind of targeted, personalized attack that used to require serious expertise.
What makes this especially dangerous is that the tactics haven’t changed, but AI has significantly improved the speed, scale, and believability.
According to Rachel, AI has made existing attacks nearly impossible to spot. And no amount of training prepares someone for an attack that feels distinctly personal to them.
What the attack chain actually looks like end to end
Our third panelist was Andrew Lemon, CEO of Red Threat, who completes the picture on the attacker side as a red team hacker.
After Rachel gets access into the network, Andrew’s job is to show just how far attackers can spread.
The patterns he sees most often include:
- Flat networks that allow unrestricted lateral movement
- Over-privileged service accounts that can be impersonated to reach domain admin functions
- Unprotected file shares full of sensitive data
- Legacy systems sitting completely outside the monitoring perimeter
In the cloud, developers deploy AI tools and minimum viable products fast, while security catches up later. The proof-of-concept becomes production infrastructure with no controls in place.
As Andrew said, “There’s nothing more permanent than a temporary change.”
Segmentation is the single architectural decision Andrew said frustrates him most as a hacker. His options run out quickly when users are confined to their own network segments, when lateral movement is blocked by internal policy, and when relay attacks can’t reach across VLAN boundaries.
He described weeks spent inside isolated segments with nothing to attack but switches and printers. That is the right outcome for a red team exercise.
What getting attacked taught me about cybersecurity
Having been on the receiving end of this attack chain, even in a controlled setting, here’s what shifted in my thinking.
Your public attack surface is bigger than you think, and so is your employees’. Everything about you online is raw material for a hacker’s pretext. This means we need to build protocols that don’t rely on the assumption that employees will recognize a sophisticated, personalized attack when it arrives.
Most importantly, invest in what limits the blast radius after the credential is stolen. Microsegmentation is the most critical control here. When workloads can only communicate with the specific systems they need to reach, an attacker with a stolen credential hits a wall almost immediately.
The goal is to make the attacker’s journey from initial credential to meaningful fallout so time-consuming and noisy that containment kicks in long before the damage is done.
As she put it, when she encounters an environment armed with breach containment tools like microsegmentation, her reaction is that this engagement is going to be painful.
For a criminal actor without a contractual obligation to keep trying, that friction is often enough.
Watch the webinar on demand, and contact us today to learn how Illumio can help you build microsegmentation.
