European startups get serious about deepfakes as AI fraud losses surpass €1.3 billion

TITLE: Europe’s Cybersecurity Renaissance: How Startups Are Battling the €1.3 Billion Deepfake Epidemic

The Deepfake Crisis: From Niche Threat to Mass-Scale Fraud

The landscape of digital deception has undergone a seismic shift. What was once a sophisticated, expensive technique accessible only to well-resourced actors has become democratized—and the consequences are staggering. According to Surfshark’s comprehensive study, deepfake-related fraud has now surpassed €1.3 billion in losses, with an alarming €860 million stolen in 2025 alone. This represents a year-on-year increase of €500 million, signaling an acceleration that has caught many traditional security providers off guard.

The Deepfake Crisis: From Niche Threat to Mass-Scale Fraud
The Economics of Deception: How Cheap AI Tools Fuel Fraud
Beyond Pet Scams: The Expanding Threat Landscape
Europe’s Startup Ecosystem Fights Back
The Regulatory Backdrop: Europe’s Legal Framework Tightens
The Human Element: Education as First Defense

Oliver Quie, CEO of British cybersecurity startup Innerworks, captures the essence of the challenge: “We’re facing AI-powered deception that can mimic legitimate users with frightening accuracy. Existing security companies have become obsolete because they assume threats will behave differently than legitimate users.”

The Economics of Deception: How Cheap AI Tools Fuel Fraud

The driving force behind this explosion in synthetic media fraud is fundamentally economic. Where producing a one-minute deepfake video once cost between €257 and €17,000, the emergence of accessible AI video tools like Veo 3 and Sora 2 has collapsed this cost to just a few euros. This price revolution has transformed deception from a boutique criminal enterprise into an industrialized operation., according to related coverage

Miguel Fornes, Information Security Manager at Surfshark, explains the criminal calculus: “As the cost of fabricating lifelike images and videos approaches zero, scammers are industrialising deception. The lost-pet scam is a clear example: it exploits emotion for small sums, making victims less suspicious and far less likely to pursue legal action. For criminals, that’s an ideal model for mass-scale fraud.”, according to expert analysis

Beyond Pet Scams: The Expanding Threat Landscape

While emotionally manipulative schemes like the lost-pet scam (where fraudsters generate AI-made images of supposedly found pets to extract small “recovery fees”) demonstrate the psychological sophistication of modern fraud, they represent only the visible tip of the iceberg. The more significant threats emerge in corporate and financial contexts:, according to additional coverage

Identity spoofing in recruitment processes, including one documented case where a cybersecurity company unwittingly hired a North Korean hacker who faked his entire video interview and credentials
Deepfake-enabled investment schemes using fabricated endorsements and presentations
Synthetic document fraud targeting financial institutions and government services

Europe’s Startup Ecosystem Fights Back

The surge in AI-driven deception has triggered a corresponding wave of innovation across European cybersecurity. A new generation of startups is emerging with technology specifically designed to combat synthetic media threats, attracting significant investment in the process. Italy has emerged as a particular hotspot, developing a national cluster around biometric and deepfake-detection innovation with two active ventures leading the charge.

These startups reflect a continental effort to counteract what Pablo de la Riva Ferrezuelo, Co-founder and CEO of Acoru, describes as a fundamental technological mismatch: “AI has changed the face of fraud and money laundering. You simply cannot expect technology built in 2010 to combat fraud happening in 2025.”

The Regulatory Backdrop: Europe’s Legal Framework Tightens

2025 has emerged as a pivotal year for Europe’s regulatory response to AI misuse. The EU Artificial Intelligence Act began applying key provisions in February, requiring clear labeling of AI-generated content and transparency in human-AI interactions. Systems that deceive or exploit vulnerable users can now be classified as posing “unacceptable risk,” effectively banning them from the EU market.

Simultaneously, the Digital Services Act (DSA) now obliges large online platforms to assess and mitigate systemic risks from manipulative or fraudulent content, including deepfake media used in phishing and impersonation scams., as as previously reported

The financial sector received specific attention when the European Banking Authority issued an opinion in July 2025 highlighting how AI is being exploited for money laundering and fraud through fabricated identities and documents. The EBA urged financial institutions to adapt anti-money-laundering systems to account for AI-enabled risks—creating natural alignment with the missions of startups like Acoru and Trustfull.

The Human Element: Education as First Defense

Despite technological and regulatory advances, industry experts consistently emphasize that vigilance and education remain the critical first line of defense. As detection technologies evolve, so do generation technologies, creating a continuous arms race between creators and detectors of synthetic media.

The convergence of regulation, awareness, and financial backing has positioned 2025 as a turning point in Europe’s approach to synthetic media risks. While fraudsters exploit generative AI to manipulate voices, identities, and video, Europe’s new breed of cybersecurity startups are deploying the same technology to expose, verify, and block malicious activity before it reaches victims—creating a digital immune response to one of the decade’s most challenging technological threats.