In 1865, the same year the Civil War ended, American newspapers routinely ran fabricated photographs — composites stitched together in darkrooms that purported to show events that never occurred. By the 1890s, "yellow journalism" pioneers William Randolph Hearst and Joseph Pulitzer were commissioning illustrations of Spanish atrocities in Cuba that artists invented wholesale. The public, encountering photography and mass print for the first time, had no framework for systematic skepticism. Each new medium arrived faster than the public's ability to distrust it.
The same pattern replayed with recorded audio in the 1930s, broadcast television in the 1960s, desktop photo editing in the 1990s, and social-media video in the 2010s. In each era, a narrow window existed — sometimes only a few years — before audiences developed the instincts to question what they were seeing. We are currently inside that window for AI-generated media. Since 2022, tools capable of producing photorealistic images, convincing video, and cloned voices have moved from specialized research labs to free smartphone apps. The fabrications are now cheap, fast, and often visually indistinguishable from authentic footage.
This course is a practical guide to that window. It won't make you immune to manipulation — no course can — but it will give you a working vocabulary for what these tools are, documented cases of how they have already been used to deceive, and concrete detection habits you can apply immediately. The goal is calibrated skepticism: not paranoid rejection of all media, but the specific, informed suspicion that the moment requires.
If you finish every module, here's who you become:
On January 1, 2019, Gabonese state television broadcast a video of President Ali Bongo Ondimba delivering a New Year's address to the nation. Bongo had been absent from public view for two months following a stroke in October 2018, and the video was intended to reassure citizens that he remained in command. Instead, it triggered a military coup attempt. Opposition politicians and Gabonese generals publicly declared the video fake — a deepfake, they argued, manufactured to disguise the president's true incapacitation. Within two weeks, army officers seized the national broadcaster in an attempted takeover. The coup failed, but the damage was done: a contested video, real or fabricated, had nearly toppled a government. Forensic analysts later disagreed about authenticity. The uncertainty itself was the weapon.
The term has a precise, traceable origin. In late 2017, a Reddit user posting under the handle "deepfakes" began sharing pornographic videos in which celebrities' faces had been digitally grafted onto performers' bodies. The account used a machine-learning technique called a Generative Adversarial Network, or GAN, which had been published as an academic paper by Ian Goodfellow and colleagues at the University of Montreal in 2014. Within weeks, other Reddit users had replicated the method. By January 2018, a developer had released an open-source desktop application called FakeApp that required no programming knowledge.
Reddit banned the deepfakes community in February 2018, citing its non-consensual pornography policy — but the code was already loose in the world. Within eighteen months, the same technique was being used to fabricate political speeches, financial fraud videos, and, as the Gabon case illustrated, potential instruments of destabilization. The technical democratization that took photography from a specialist craft to a smartphone default happened to deepfakes in roughly thirty-six months.
A deepfake video is produced by a neural network trained on two things simultaneously: a large collection of images of a target person's face, and a source video of a different person performing the desired action. The GAN architecture pits two competing networks against each other — a generator that tries to produce convincing fake images, and a discriminator that tries to detect fakes. Over thousands of training iterations, the generator gets better at fooling the discriminator. The result is a face-swap that can track head pose, lighting, and expression in real time.
By 2022, the GAN approach had been largely supplanted by diffusion models — the technology underlying Stable Diffusion, Midjourney, and OpenAI's DALL-E. Diffusion models work differently: they learn to denoise randomly scrambled images, gradually recovering structure. They produce higher-quality outputs with less training data, which is why the quality ceiling rose so sharply between 2022 and 2024. Video synthesis tools including Runway ML (founded 2018, public release 2022) and Sora (OpenAI, announced February 2024) extend these capabilities to full motion video, including scenes with no source footage at all.
Early deepfake coverage focused heavily on celebrity face-swaps and political leaders. The more significant threat, documented by the FBI in a 2021 public service announcement, is targeted fraud: synthetic audio cloning a CEO's voice to authorize wire transfers, or fabricated video used in sextortion campaigns against private individuals. These low-profile, high-damage uses vastly outnumber the political cases in raw frequency.
Detection research has consistently lagged behind generation capability. In 2020, Facebook and Microsoft jointly released the Deepfake Detection Challenge dataset — over 100,000 videos — and offered prizes for detection algorithms. The winning model achieved 65% accuracy on the held-out test set. Human viewers tested on the same clips performed at roughly 50% — chance. More recent benchmarks using 2023-era synthetic video show detection rates falling further as generation quality improves.
This asymmetry has a practical consequence: you cannot reliably spot a high-quality deepfake by looking carefully. The visual tells that older guides described — unnatural blinking, blurry ear edges, inconsistent lighting on hair — have been largely engineered away. What remains useful is a set of contextual and behavioral habits: examining the source, verifying through independent channels, and applying particular suspicion to content that arrives already emotionally charged and demands immediate sharing.
Your eyes are no longer a reliable deepfake detector. Context, source verification, and behavioral skepticism are. This module will build those habits systematically across four lessons.
You're going to interrogate the AI assistant about how deepfake technology works, what its real-world limits are, and how the Gabon case fits into the broader history of synthetic media. Push back, ask follow-ups, and try to find the edges of what the technology can and cannot do.
In February 2024, a finance worker at the Hong Kong branch of a British multinational engineering firm attended what appeared to be a routine video conference call with his company's UK-based Chief Financial Officer and several other colleagues. The CFO instructed him to execute a series of wire transfers totaling HK$200 million — approximately US$25.6 million. The worker harbored initial doubts but was reassured by seeing and hearing the CFO and other familiar colleagues on screen. He made fifteen separate transactions. Every person on that call except the worker himself was an AI-generated avatar. Hong Kong police confirmed the fraud in February 2024 and described it as the largest deepfake-assisted financial crime recorded to that point.
Modern voice synthesis requires remarkably little source material. ElevenLabs, a startup founded in 2022 and valued at over $1 billion by 2024, offers cloning from as little as one minute of audio. Its underlying technology — a neural text-to-speech model trained on massive audio corpora — learns the spectral fingerprint of a voice: pitch distribution, formant patterns, speaking rhythm, and prosody. Given a text string, it then synthesizes novel speech that sounds like the target speaker saying words they never recorded.
The technical barrier fell sharply in 2023. Microsoft's VALL-E, demonstrated in January 2023, could clone a voice from three seconds of audio. The same month, Meta released Voicebox, capable of in-context speech synthesis across six languages. These tools were research demonstrations, but the underlying weights often leaked or inspired open-source reimplementations within months of publication.
The Hong Kong case had predecessors. In March 2019, the CEO of a UK-based energy company received a phone call from his parent company's German executive — or so he believed. The voice instructed him to wire €220,000 to a Hungarian supplier within the hour. The CEO complied. The Wall Street Journal reported this case in August 2019; the "German executive" was a voice cloning system. It was the first publicly documented corporate AI voice fraud.
In 2021 and 2022, the FBI's Internet Crime Complaint Center began receiving reports of "virtual kidnapping" scams in which a family member's cloned voice was used to simulate distress calls demanding ransom. By 2023, these scams had been documented in at least four US states. The Arizona mother Jennifer DeStefano testified before the US Senate in June 2023 about receiving a call in which she heard what she was certain was her daughter's voice screaming — it was synthesized from publicly available social media videos.
Security systems that rely on voice authentication — phone banking, corporate verification calls — assume a live speaker. Cloned voices defeat these systems entirely. HSBC, Barclays, and other major banks deployed voice ID as a security layer in the mid-2010s; the assumption that voice is biometrically difficult to fake is now outdated. Several banks began phasing out voice biometrics as a standalone authentication factor in 2023.
The Hong Kong fraud succeeded not because the technology was flawless but because it exploited specific cognitive vulnerabilities. The finance worker reported being "reassured" by seeing multiple familiar faces simultaneously — a social proof effect. The call mimicked a routine business context with familiar participants, reducing the cognitive load that would otherwise trigger skepticism. Urgency was manufactured through the framing of a time-sensitive transfer.
Psychologists call this contextual coherence bias — when a situation's overall shape matches our expectations, we reduce scrutiny of individual components. Fraudsters understood this before AI gave them the tools to exploit it technically. The technology did not create a new psychological vulnerability; it created a new and highly efficient method of exploiting an existing one.
Financial institutions and security researchers now recommend "callback verification" — independently calling a known number for the person who made the request, never using contact information provided during the suspicious communication itself. This low-tech habit defeats virtually all voice-cloning fraud scenarios, regardless of audio quality.
You'll work through real and hypothetical voice-cloning fraud scenarios with the AI assistant. Try to identify the specific moment a target could have broken the chain of deception in each case. Ask about technical limits, organizational defenses, and why voice authentication is now considered a weakened security layer.
On the morning of May 22, 2023, an image circulated rapidly across Twitter and Facebook showing a large explosion near the Pentagon in Arlington, Virginia. The image was photorealistic — a billowing smoke plume, architectural details consistent with the building, dramatic lighting. Within minutes it had been shared by verified accounts including BloombergFeed, a parody account that at the time carried a blue verification checkmark. The S&P 500 dipped briefly before markets realized no explosion had occurred. The Arlington Fire Department and Pentagon press office issued denials. The image was synthetic — generated by an AI image tool. It was, to date, one of the most consequential single AI-fabricated images in terms of immediate, measurable financial impact.
Two weeks before the Pentagon image, in March 2023, Eliot Higgins — founder of the open-source intelligence organization Bellingcat — published a series of AI-generated images depicting Donald Trump being arrested and physically restrained by police officers. Higgins created the images using Midjourney and explicitly labeled them as synthetic, posting them as an experiment in what the technology could produce. They spread anyway, stripped of context, across Telegram channels, WhatsApp groups, and right-wing news aggregators. Midjourney subsequently banned Higgins from the platform, citing its policies on generating images of real political figures. The episode illustrated a structural problem: explicit labeling does not prevent decontextualization at scale.
In the same month, an image of Pope Francis wearing a white designer puffer jacket went globally viral. Millions of people shared it as genuine. The image was created by a Chicago construction worker named Pablo Xavier using Midjourney v5; he told BuzzFeed News he had generated it while under the influence of a mild psychedelic and was surprised it spread so far. The image was eventually traced and debunked by fact-checkers at Reuters and AFP, but only after it had achieved wide genuine belief. This case is significant because it involved no political motive or organized campaign — a single person, a consumer AI tool, and an unexpected viral moment.
The Pope image made visible something researchers had been documenting more quietly: AI image generation had crossed a realism threshold at which ordinary people's prior confidence in photographic authenticity — developed over 185 years of photography — could not be relied upon. The aesthetic tells that had distinguished CGI from photography for decades were gone.
Following the Pentagon image and similar incidents, the Associated Press updated its AI use policy in July 2023, prohibiting the use of AI-generated images in editorial content and requiring byline disclosure for any AI-assisted work. Reuters and Agence France-Presse issued similar policies. The News/Media Alliance, representing 2,000 US publishers, published guidance on AI image verification protocols. These policies represent the journalism industry's first systematic response to synthetic image proliferation — but they govern professional newsrooms, not the social media accounts that now originate most viral content.
Reverse image search remains the first-line tool. Google Lens, TinEye, and Yandex Images can identify if an image has appeared before in different contexts. A novel image with no prior appearance history appearing during a breaking news event warrants heightened suspicion.
Metadata examination is useful for images that haven't been stripped. Genuine camera images embed EXIF data — camera model, GPS coordinates, timestamp. Images generated by AI tools typically lack this metadata entirely, or contain metadata inconsistent with the claimed context.
AI detection tools exist — Hive Moderation, Illuminarty, and Google's SynthID (applied to images generated by Google's own tools) — but these have significant false-positive and false-negative rates. They are useful as a single data point, not a verdict. The most reliable detection approach remains a combination of source verification, contextual implausibility assessment, and reverse-search cross-referencing.
Before sharing any image from a breaking news situation: Where did this specific file come from, and who is the first person claiming it is real? If you cannot answer both questions, do not share. This rule, applied consistently, eliminates a substantial fraction of synthetic image spread before any technical tool is needed.
Work through a systematic image verification workflow with the AI assistant. You'll examine specific scenarios — a breaking news image, a social media viral photo, a historical document scan — and build a step-by-step verification protocol you could actually apply. Challenge the assistant on edge cases where the standard tools fail.
In 2018, Facebook's platform became the primary distribution channel for anti-Rohingya propaganda in Myanmar, contributing to conditions that the United Nations would later describe as constituting genocide. Authentic video evidence of military atrocities — real footage, not synthetic — was systematically dismissed by military officials and their supporters as "fabricated" and "fake news." The dismissal worked partly because audiences had already been primed by years of discussion about digital manipulation. The existence of a category called "fake video" gave bad actors a ready-made defense against authentic documentation. Researchers Nina Schick and Danielle Citron, who documented this dynamic in 2019 and 2020 respectively, named it the Liar's Dividend: the phenomenon by which the mere existence of synthetic media allows real media to be dismissed.
The term "Liar's Dividend" was coined by law professors Bobby Chesney and Danielle Citron in their 2019 paper "Deep Fakes: A Looming Crisis for National Security, Democracy, and Privacy" (published in the California Law Review). Their core argument was counterintuitive: the primary damage from deepfake technology would not be from people believing false things, but from people acquiring a justifiable excuse to disbelieve true things.
The asymmetry matters. To fool someone with a deepfake requires a high-quality fabrication, a plausible distribution story, and some luck. To exploit the Liar's Dividend requires only a claim — "that could be deepfaked" — delivered into an already polarized information environment. The defensive move is trivially easy; the authentic documentation it undermines is often irreplaceable.
In April 2021, video emerged appearing to show Gabonese soldiers committing summary executions of civilians. The Gabonese government immediately declared the video a deepfake. Independent verification by Amnesty International's Digital Verification Corps and Bellingcat ultimately concluded the footage was authentic. But the government's "deepfake" claim occupied media attention for weeks and reduced the video's immediate political impact internationally.
In December 2022, a US congressman under investigation for financial misconduct publicly suggested that incriminating text messages and emails presented against him could have been "AI-generated fabrications." No evidence supported this claim. The suggestion alone — requiring no proof — was sufficient to introduce uncertainty in some media coverage. Chesney and Citron had predicted this exact dynamic in 2019.
In 2023, multiple defendants in legal proceedings in the United States raised "deepfake defenses" — claiming that video or audio evidence submitted against them could be synthetic. Courts have so far generally rejected these claims when prosecutors can demonstrate chain of custody, but the proceedings have become more expensive and time-consuming as a result. Legal scholars predict this will become standard practice regardless of actual evidence authenticity.
Chesney and Citron argued that the deepfake era risks producing what they called "epistemic corrosion" — a generalized collapse of trust in audiovisual evidence that advantages those in power (who have the resources to fight evidence) and disadvantages those with less power (journalists, human rights workers, ordinary citizens attempting accountability). The issue is not just individual gullibility — it is the structural damage to shared evidentiary standards.
Content credentials and provenance standards represent the most serious technical response. The Coalition for Content Provenance and Authenticity (C2PA), formed in 2021 and backed by Adobe, Microsoft, Intel, the BBC, and the Associated Press, has developed an open standard for cryptographically signing media at the point of creation. A C2PA-compliant camera embeds a cryptographic certificate at capture; any editing is logged and signed. The New York Times adopted C2PA credentials for its photojournalism in 2023.
Legal frameworks are still developing. The DEEPFAKES Accountability Act was introduced in the US Congress in 2019 and again in 2023 but had not been enacted as of early 2024. Several states — including California (AB 730, 2019) and Texas (SB 751, 2023) — passed laws targeting deepfakes in electoral contexts. The EU's AI Act, approved by the European Parliament in March 2024, includes disclosure requirements for AI-generated content.
None of these responses fully addresses the Liar's Dividend, because the problem is not primarily technical. A camera with cryptographic provenance cannot retroactively credential the footage a human rights worker shot on a phone in 2018. The asymmetry between producing doubt and producing trust remains structurally unfavorable.
Calibrated skepticism cuts in both directions. The same critical habits that protect you from believing fabricated content should also protect you from dismissing authentic content on the basis of unsubstantiated deepfake claims. Ask for the affirmative evidence of fabrication, not just the assertion of possibility. "This could be fake" is not the same as "this is fake."
Explore the Liar's Dividend with the AI assistant. Work through specific scenarios in which authentic evidence has been or could be dismissed as AI-generated. Try to identify which institutional defenses — C2PA, legal chain-of-custody standards, journalistic verification protocols — actually address the problem and which ones don't reach it.