A report by GetReal Security analyzed how artificial intelligence (AI) transformed identity attacks in 2025. According to the report, 41% of IT, cybersecurity, risk, and fraud leaders say their company has hired and onboarded a fraudulent candidate. The results also show that 88% of organizations encounter deepfake or impersonation attacks at least occasionally, and 45% of all leaders surveyed report that these types of attacks are now frequent occurrences. 

At the same time, 40% believe their current defenses are “definitely” adequate, underscoring a widening gap between the scale and effectiveness of AI-enabled identity attacks and enterprise confidence in defenses that lag behind. 

The survey revealed an understanding gap that underlies growing risk. Phishing scams, video impersonation, and synthetic identity fraud emerged as the top concerns for roughly half of cyber leaders, but there's a lack of clear consensus on the most pressing risk. Despite 41% of enterprises admitting to having hired and onboarded a fake candidate, only 35% listed fake candidates as a primary concern. 

All top concerns cited by respondents tie directly to identity integrity, showing that identity-related issues are top of mind. However, there is work to be done connecting the dots to security. Only 52% say they're definitely rethinking identity and access management (IAM) strategies to address AI-driven identity threats. And only 28% say deepfake-resistant verification tools are a priority for IAM modernization. 

Download the report.