Deepfakes Targeting Benefits with AI-Generated Claims

AI-generated fraud isn’t coming—it’s already here. Criminals use synthetic voices to redirect veterans’ benefits. They generate fake medical documents to claim reimbursements. They deploy deepfakes to bypass identity verification. Most notably, British engineering giant Arup was defrauded of $25M using video and voice clones. And unlike other fraud schemes that traditionally require individual effort for each attempt, AI lets fraudsters increase their chances of success by scaling, personalizing, and automatically adjusting attacks on the fly.

As a result, the FBI recently warned “…that criminals exploit generative artificial intelligence (AI) to commit fraud on a larger scale which increases the believability of their schemes.” Meanwhile, the Department of the Treasury reported that “…FinCEN has observed an increase in suspicious activity reporting by financial institutions describing the suspected use of deepfake media in fraud schemes…”

The tools for these attacks are widely available and becoming more sophisticated. In February 2025, ByteDance, the Chinese tech giant behind TikTok, unveiled OmniHuman-1, an advanced AI model capable of creating highly realistic deepfake videos from a single still image. And Consumer Reports recently tested six voice-cloning products and found they offered limited safeguards to prevent misuse. While deepfake videos are becoming increasingly realistic and concerning to those responsible for identity verification, audio and text attacks have emerged as immediate threats to federal programs. 

Given the significant risk to federal agencies, Booz Allen conducts ongoing research into specific techniques used for deepfake fraud and develops dynamic defenses against these attacks. In this blog, we share insight into key trends and emerging best practices federal agencies can adopt to defend themselves.

AI tools don’t just create fakes—they create sophisticated, believable counterfeits at unprecedented scale. A synthetic voice matches tone, emphasis, timbre, and cadence. AI-generated medical documents include subtle details that typically validate authenticity. Traditional verification methods that rely on human review can’t keep pace.

When fraudsters had to personally make each call or create each fake document, manual reviews could catch irregularities. Now, AI generates hundreds of variations in minutes, allowing scammers to launch more attacks with less effort.

Most troubling, fraudsters are learning to bypass traditional verification methods. They steal enough personal information to answer security questions correctly. They generate documentation that matches expected formats. They create voiceprints that pass basic biometric checks. And when one agency catches their methods, they simply shift to another program, often using the same stolen data in slightly different ways.

Deepfakes will only improve as more powerful technology becomes increasingly available to a wider audience. For example, new multimodal diffusion-based media generators output imagery and video that are more difficult to detect. Approaches like spatiotemporal motion modeling—which is used in sports analytics and elsewhere to study the movement of objects over time and space—can help produce deepfakes with more humanlike behavior. Furthermore, open-source and jailbroken AI models are more available, making these tools more accessible for nefarious use, especially by third-party providers operating on the dark web.

The U.S. Government Accountability Office (GAO) has stated that “all federal programs and operations are at risk of fraud.”  While the size of their budgets makes federal agencies an obvious target for fraud, they are also especially vulnerable because the benefits they administer need to be accessible to Americans. It isn’t always practical or appropriate to subject veterans to extensive verification processes, and disaster recovery programs need to process claims quickly, for example. 

Because federal agencies have millions of beneficiaries, finding synthetic voices or AI-generated documents among legitimate claims becomes even harder. A suspicious call that might stand out among thousands becomes even more challenging to spot among millions.

And most federal organizations maintain strict divisions between fraud and cyber teams, even though AI-generated fraud sits squarely at the intersection. When fraud units don’t share data with cyber units and vice versa, critical patterns go unnoticed. When teams operate in silos, fraudsters exploit the gaps.

Similar risks stem from agency-to-agency informational silos. Scammers who succeed with one program often use similar schemes to target others. Or a synthetic voice caught by one program might succeed at another simply because the information and/or detection capabilities never crossed department lines. These situations amplify the urgency for agencies to share data about fraud attempts, though organizational cultures and privacy policies have historically made this challenging to execute.  

Combating AI-generated deepfake fraud requires a comprehensive approach that combines advanced detection tools with strategic organizational changes.

To fight back effectively against AI-generated fraud, organizations should embrace a three-part approach:

1. Conduct a thorough risk assessment. Examine current systems for vulnerabilities, analyze historical data for signs of previous attacks, and understand how fraudsters might target specific programs. For example, a call center could analyze past call recordings to identify potential synthetic voices and patterns of suspicious activity.
   
   
2. Break down barriers between teams and agencies. Fraud units need to collaborate directly with cyber teams. Agencies should share data about emerging threats and successful defenses. The old model of territorial protection could put billions of dollars at risk.
   
   
3. Implement detection tools that work at the speed of real operations. For example, consider synthetic voice detection, where voice analysis needs to happen while a caller is still on the line. Document verification must catch AI-generated fakes without creating backlogs for legitimate claims.

These tools need to work at the speed and scale of government operations while adapting to evolving threats. The most effective defenses use traditional signal processing with AI to identify synthetic content. In our research and analysis, we often combine several approaches:

Reality Defender, a leading platform that analyzes speech, video, images, and text for signs of manipulation, supports many of these approaches. Recognizing its potential to protect government programs, Booz Allen made a strategic investment in the company in 2024 and integrated it into our AI Security tech stack. Reality Defender offers real-time protection against synthetic media threats and impersonations, with scalable and customizable solutions specifically designed for government needs.

The platform helps call centers spot synthetic voices in the first six seconds of a call—fast enough to act while the caller is still on the line. For document processing, it uses advanced computer vision to detect inconsistencies that human reviewers miss, such as subtle patterns in AI-generated medical images or fabricated signatures.

Booz Allen works with clients to continually adapt and refine these detection systems as deepfake methods evolve, learning from each detected fraud attempt to improve future detection. Tools like Reality Defender scale to handle millions of transactions while working fast enough for real-world operations.

Some argue these defenses cost too much. While the investment is significant, the actual—not just potential—losses from fraud are far greater. GAO estimates that federal programs lose between $233 billion and $521 billion to fraud annually, roughly 2% of America’s GDP.  Furthermore, the intelligence and automation offered by AI tools can greatly reduce detection costs as well.

Preventing AI-generated fraud isn’t just about money, though—when criminals steal benefits meant for veterans or seniors, real people suffer. Every dollar lost to fraud is a dollar that can’t help its intended beneficiary. And public trust erodes when agencies can’t protect beneficiary data and funds.

Government programs, by design, must balance accessibility with protection, making them prime targets for sophisticated scams. Agencies will need to unite and continuously adapt defenses to safeguard billions in public funds while ensuring vital benefits reach the people who need them most.