★ Featured: A deepfaked brawl between Bank of England Governor and Nigel Farage was promoted on X
LBC's Bank of England fighting Andrew Bailey deepfakes on X reports that AI-generated videos depicting Governor Andrew Bailey in a fabricated brawl with Nigel Farage were allowed to run as paid advertisements on X, with Bank staff filing takedown reports and Bailey publicly warning on June 9 that the scams are designed to criminally exploit vulnerable members of the public.
- Category: Fraud / Impersonation
- Type: Attack
- Modality: Video
- Policy / Regulatory: Bank staff are reporting the ads to X manually; reporting links the proliferation to deep cuts in the platform's safety and moderation teams since 2022.
- Trend: Scam networks purchasing ad placement to distribute synthetic content, substituting paid reach for the organic credibility the fakes could not earn on their own.
- Attack vector: Deepfake videos of trusted financial figures bought as promoted posts through recently verified, low-follower accounts, funneling viewers toward investment fraud.
- What we saw in the content: The videos carry the markers of templated scam generation rather than bespoke fabrication, for example:
- The set is dressed to resemble Question Time, a program Bailey has never appeared on, borrowing a real broadcast format for instant credibility.
- Multiple interchangeable variants of the same scene circulated simultaneously, one showing Farage with a gun and a black eye, another showing a figure covered in green paint, which is the signature of template-driven generation.
- The ads were purchased through freshly verified X accounts with minimal follower counts, so paid placement did the distribution work.
- The premise is deliberately absurd and engineered for engagement, the fraud lives at the click destination rather than in the video itself.
The Bank of England spent part of this week filing takedown reports with X about fake videos of its own Governor, and new variants kept being purchased as ads through fresh accounts while staff worked through the queue. The scammers can produce and place these videos far faster than anyone can flag them, and a central bank's only real tool was the same report button available to any of us. That mismatch matters more than the videos themselves.
The persistence makes sense - these campaigns do not need a video to survive long, they need it to run long enough to route a few thousand viewers into an investment funnel, and the ad systems that took payment for placement carry no obligation to verify what they distributed. Our incident database has tracked this paid-placement pattern accelerating through the spring, and this week's Reddit story below shows the identical scam structure running on a second platform against a second set of trusted brands.
Platforms already review paid placements before they run, and that review is where provenance and deepfake checks should live, before money changes hands and distribution begins. A watermark embedded at generation and read at ad upload along with a deepfake detection run, would have flagged every one of these videos automatically, instead the Bank ended the week where it started, reporting fakes of its own Governor one at a time.
1. UK gives Apple and Google three months to block nude images on children's phones
The UK government's Protecting young people online at the heart of new VAWG strategy pledges to make it impossible for children to take, share, or view nude images on their devices, with Prime Minister Keir Starmer announcing at London Tech Week that Apple and Google have three months to ship the protections voluntarily before legislation forces the issue.
- Category: CSAM / NCII
- Type: Response
- Modality: Image
- Policy / Regulatory: The mandate sits alongside a planned ban on nudification tools within the violence against women and girls strategy, and extends online safety obligations past platforms to the operating system layer for the first time.
- Trend: Child protection regulation moving upstream from content moderation to device-level prevention, with controls on by default and adult opt-out gated behind age assurance.
- Attack vector: Addresses the harvesting pipeline where ordinary photos of children are scraped from social media and school websites to produce sextortion material.
Moving the obligation from platforms to the device changes more than any single content rule could, because it intervenes where the image is created rather than where it spreads. It is the same logic we argue for in provenance, the cheapest place to stop synthetic harm is the point of generation, and everything downstream of that point is cleanup. The default-on design matters just as much, protection no longer depends on a parent finding the right settings menu.
The numbers driving the policy are hard to read. The NSPCC reports child sexual abuse image crimes recorded by UK police rose almost ten percent in the past year, with Snapchat accounting for 43 percent of cases where a platform was identified, and schools are now being advised to pull identifiable student photos from their own websites because they feed deepfake sextortion. A three-month voluntary window with legislation behind it is a short fuse by regulatory standards, which tells you how the government reads the trajectory.
2. Deepfake BBC news segments ran as paid Reddit ads for fake investment platforms
Mashable's Reddit scam ads pose as news outlets to promote AI investment platforms covers Bitdefender Labs research published June 8 documenting paid Reddit advertisements that use deepfake BBC, Financial Times, and Guardian news segments to drive users in the US and Europe toward fraudulent platforms with names like EncoinX, Coin AI, and Nevo Coin.
- Category: Fraud / Impersonation
- Type: Attack
- Modality: Video, Image
- Policy / Regulatory: Bitdefender tied the infrastructure to a network it documented running on Meta in March 2026, showing the same actors recycling across platforms faster than platform-by-platform enforcement responds.
- Trend: Full impersonation stacks, fabricated anchors, cloned outlet websites, fake testimonials, and live phone follow-up, packaged as a repeatable cross-platform product.
- Attack vector: Paid sponsored posts carrying synthetic news segments, redirecting to counterfeit news sites where contact capture hands victims to a human "personal advisor" within 24 hours.
Bitdefender documented a complete supply chain rather than a single fake video. Fabricated anchors deliver invented financial reporting in the BBC's broadcast format, the click lands on a faithful clone of the outlet's site, and the final extraction is done by a human on the phone applying pressure against a countdown timer. The synthetic media sits at the top of a funnel that ends in a call center.
The lure is calibrated to this exact news cycle, with the fake platforms trading on public anticipation of IPOs from companies like Anthropic, OpenAI, and SpaceX. The March-to-June migration from Meta to Reddit also shows the cost of the current enforcement model, each platform discovers the same network independently while the actors move their infrastructure over intact.
3. Oklahoma district shuts down student email after AI images of administrators spread
KRMG's Sand Springs Public Schools shut down student emails after distribution of deepfake photos of administrators reports that the district disabled all student email accounts after Charles Page High School students distributed AI-generated images depicting administrators in compromising situations through the district's own email system, with Sand Springs police now investigating.
- Category: Harassment / Public Safety
- Type: Attack
- Modality: Image
- Policy / Regulatory: The district warned that students responsible face discipline up to expulsion plus potential civil or criminal penalties under Oklahoma and federal law.
- Trend: School-aged perpetrators using consumer AI tools against the adults running their institutions, forcing districts to improvise policy mid-incident.
- Attack vector: Synthetic images distributed through school-issued email accounts, turning the district's own trusted infrastructure into the delivery channel.
The district's only immediate defense was switching off its own email system, because the attack ran on infrastructure the school provides and the school had no way to filter what moved through it. For parents and teachers this is the unsettling part, the generation tools sit on student phones, the distribution channel is the one the institution itself issued, and the response toolkit is suspension hearings and a police report after the images have already circulated.
This follows a spring of similar cases, Radnor in Pennsylvania and the districts the Boston Globe documented in April, where schools wrote their first synthetic media policies only after an incident forced the question. Every district so far has responded after the fact, and the UK story above is the first major attempt anywhere to move the intervention ahead of the harm.
4. CrowdStrike: North Korean operatives behind 47% of state-backed intrusions into US tech
TechCrunch's North Koreans behind nearly half of US tech industry hacks, says CrowdStrike reports new CrowdStrike findings that the group Famous Chollima accounted for 47 percent of state-backed intrusions against the US tech sector between April 2025 and May 2026, using AI-generated real-time deepfake images and counterfeit identity documents to get hired as remote workers.
- Category: Fraud / Impersonation
- Type: Attack
- Modality: Image
- Policy / Regulatory: Stolen salaries and intellectual property fund sanctioned weapons programs, placing victim companies in indirect sanctions exposure on top of the breach itself.
- Trend: Hiring pipelines functioning as an unguarded authentication surface, with synthetic faces and forged documents clearing standard recruitment vetting at scale.
- Attack vector: Real-time deepfake imagery paired with stolen passports and licenses to pass interviews, then credentialed insider access used for IP theft, cryptocurrency theft, and extortion.
The remote-worker scheme itself has been documented for two years, what is new is the scale CrowdStrike puts on it, with nearly half of all state-backed intrusions into the US tech sector now arriving through a job application rather than a software vulnerability. Hiring has quietly become a security perimeter, and most companies still vet a candidate's identity with less rigor than they apply to a password reset.
The full lifecycle is what makes this profitable enough to dominate the category. The operative draws a salary, exfiltrates intellectual property and cryptocurrency, and when detected, pivots to extortion using the stolen data. Identity verification at the interview stage, with liveness checks that catch real-time face synthesis, is the one control point that breaks the chain before any of it starts.
Honorable mentions
Continuing the xAI thread from last week's issue, Canada's federal privacy commissioner is releasing findings from an investigation into sexualized deepfakes generated by the Grok chatbot, adding a regulator's voice to the litigation pressure already building from Jess Asato's UK case and the US class actions.
The Munich Regional Court ruled Google liable for incorrect AI-generated search summaries that falsely linked local publications to scams, a notable expansion of platform accountability from hosted content to AI-generated output.
Closing a loop from last week's Watching list, Florentino Pérez won the Real Madrid presidential election on June 7 with 65 percent of the vote, the club's first contested vote since 2006. No formal challenge tied to the AI Mourinho video has been reported, and post-election coverage notes that a genuine Mourinho return is now being discussed.
The pattern
- The ad system is the new distribution channel for synthetic fraud. The Bailey videos ran as paid promotions on X, the BBC segments ran as paid promotions on Reddit, and in both cases the platform was paid to distribute the fraud. Scam networks have learned that purchased placement skips the slow work of building credible accounts, and platform ad review currently verifies neither the provenance of the media nor whether the depicted institution had anything to do with it.
- Every story this week runs on infrastructure the victim trusted. A central bank's governor depicted in a national broadcast format, a news outlet's brand wrapped around a call-center funnel, a school's own email system carrying fabricated images of its administrators, a company's hiring pipeline admitting a state operative. In each case the attacker's real skill was choosing a trusted channel, which is why detection of the artifact alone keeps arriving after the harm.
- Enforcement is moving upstream, and quickly. The UK device mandate puts obligations at the operating system layer, the Munich ruling puts liability on AI output rather than hosted content, and EU AI Act Article 50 adds disclosure obligations at the model layer when enforcement begins in August. The period when platforms alone carried the duty, and discharged it through report buttons, is closing.
Watching next week
- Apple and Google's response to the UK deadline. The three-month clock is running, and any public commitment or pushback from either company will shape whether the September legislation threat materializes.
- Sand Springs investigation outcome. Whether Oklahoma prosecutors bring charges will signal how seriously school-based synthetic harassment gets treated under existing state and federal law.
- The xAI/Grok regulatory front. Canada's privacy commissioner findings and procedural movement in the Asato case could land within days of each other.
- EU AI Act Article 50. Enforcement begins August 2026, and compliance positions across the industry should continue crystallizing.
The Deepfake Watchlist publishes every Friday. Subscribe to receive it in your inbox, or follow Zohaib Ahmed on LinkedIn for the weekly social companion. Track every documented incident in the Resemble Deepfake Incident Database, and read the full methodology in our 2025 Deepfake Threat Report.