Topics / Spotting deepfakes

How do I spot deepfakes?

In shortYou spot deepfakes most reliably by checking a clip's connections instead of just staring at the image: where did it first appear, which independent sources confirm the event, does the context match verifiable facts? A real photo or video hangs on many real relations; a deepfake only imitates the surface. Visible glitches around hands, teeth, or transitions still help, but they get rarer as generators improve.

What is a deepfake?

A deepfake is an image, video, or audio recording created or altered with deep learning — hence the name, a blend of 'deep learning' and 'fake'. Typical forms are swapped faces in videos, cloned voices speaking arbitrary sentences, or entirely generated scenes that never happened. The technology behind it is freely available and gets better, cheaper, and faster every year.

To understand why deepfakes are so hard to pin down, it helps to look at what a real photo actually is. A real photo is an entity with grown relations: to the situation it captured, to the camera, to the place, to the time of day, to the people in the frame, to independent witnesses, to other recordings of the same moment. These connections are invisible, but they exist — and they can be checked.

A deepfake only imitates the surface of that entity. It looks like a photo, sounds like a voice, moves like a person. But the relations into the real event are missing, because the event never took place. That is exactly the entry point for detection: you don't just check what something looks like, you check what it is attached to.

How can you tell a deepfake video or image?

The first level is zooming into the details. Generators still make mistakes in particular spots: hands with too many or merged fingers, irregular teeth, ears and earrings that change shape between frames, glasses whose rims blur into the face, hairlines that fade unnaturally softly into the forehead. In videos, look at lip sync, at oddly regular or missing blinking, and at shadows that don't match the light source.

The background gives a lot away too. Text on signs, posters, or screens is hard for generators — often you get characters that merely look like writing. Patterns such as tiles, fences, or keyboards fall out of rhythm. With voices, watch for flat intonation, missing breath sounds, and an overly clean tone without room reverb.

Getting the weighting right matters: such artifacts are hints, not proof. And their absence is not an all-clear. A cleanly rendered deepfake shows none of these errors anymore — at that point the detail level alone won't carry you, and you have to move one level up.

Why are deepfakes getting harder to detect?

Because detection and generation are locked in a race that generation structurally wins. Many generators are trained specifically to fool detectors: every flaw a checking system finds becomes training information for the next generator version. What counts as a reliable tell today — the six fingers, the missing blink — is fixed tomorrow.

That doesn't make detection pointless. It means the most reliable lever shifts: away from the surface of the individual clip, toward its relations. A generator can imitate the surface arbitrarily well. What it cannot produce are real connections into the actual event — independent witnesses, a traceable publication history, other cameras at the same place.

In the model's terms: the surface of an entity can be faked, its network cannot. A real event activates many relations at once, in many directions. A deepfake stays relationally isolated or loops back to itself — the same file, passed from account to account, without a single independent source ever joining in.

What does provenance say about authenticity?

A lot — often more than any pixel. The first question is: where did this image or video appear for the very first time? A reverse image search shows you whether it is older than claimed, whether it comes from a different context, or whether there is no trace at all before the viral moment. A freshly created, anonymous account as the only source is a clear warning sign.

The second question: which independent relations can be activated? If a politician really said something scandalous, several newsrooms report it independently, there are more recordings from other angles, people who were present speak up, official channels react. Each of these confirmations is its own connection into the event. If they all stay silent even though the event should be big, that says more than any image analysis.

The third question: does the context match verifiable facts? Place, date, weather, clothing, who was where and when — much of this can be cross-checked. If it rains in the video although that day was dry at that location, the relation between claim and reality is broken. The more such connections you check and the more of them hold, the more load-bearing the entity becomes.

Which tools and standards help (C2PA, Content Credentials)?

Automatic deepfake detectors exist, but don't rely on them alone. They deliver probabilities, not verdicts, err in both directions, and age quickly because generators catch up. More useful day to day are tools that make relations visible: reverse image searches like Google Lens or TinEye, archive services for older versions of a page, and the work of fact-checking newsrooms, which run exactly this provenance check professionally.

The most important structural approach is called C2PA, implemented for example as Content Credentials. The idea: cameras and programs cryptographically sign, at creation and editing time, where a file comes from and what happened to it. The provenance relations are thus technically attached to the entity and travel with it. Instead of guessing after the fact, you can look up which chain of editing steps the image has behind it.

The right reading applies here too: present, valid credentials are a strong signal of documented origin. Missing credentials, however, are no proof of forgery — most genuine recordings still carry none today. The standard is slowly shifting the burden of proof; it does not replace your own checking yet.

Deepfakes in the larger network: why trust is the real target

Zoom out once. At the level of the single video, the question is real or fake. At the network level, something else is at stake: the trust relations between people, media, and institutions. A deepfake doesn't have to deceive you permanently to work. It's enough if it spreads fast in the first hours — or if it weakens trust to the point where you eventually believe nothing at all.

This second effect has a name: whoever shouts 'deepfake' at a genuine, damning recording can dodge accountability — the mere existence of forgeries becomes a shield for those caught in the act. The target of the attack is then not a single image but the relation between recording and evidentiary weight itself. Both blind belief and blanket dismissal weaken the same network.

Your own role in this is concrete: every share activates relations further. A deepfake nobody passes on remains an isolated file. Checking before sharing is therefore not distrust of everything — it is maintenance of the connections everyone depends on once seeing alone is no longer enough.

Seen through the model

Imagine a video surfacing in your feed: a well-known politician apparently announces his resignation and insults his own party while doing so. The video is sharp, the voice sounds real, the outrage in the comments is boiling. Your first impulse is to share. This is exactly where you pause — because the strong emotional reaction is no accident, it is the delivery mechanism.

Now you check the relations instead of the surface. Where did the video first appear? The trail leads to a six-day-old account with no history. The reverse search finds no older version, but no second source either. Is a single newsroom reporting independently? No — every mention just quotes the same clip. Is there a second camera, someone who was present, a reaction from the official channel? The official channel shows the politician an hour later at an entirely different event. The network around the alleged event is empty; every connection you try to activate loops back to the clip itself. Only now do you zoom into the details and find confirmation in the small things: the earring changes shape between two shots, and a sign in the background carries characters that only look like writing.

In the end your judgment rests not on a single clue but on the pattern: an entity with no real relations into the claimed event. The relations model is only one lens here — but one that shifts your gaze from the fakeable image to the hard-to-fake network behind it.

Step by step

  1. Pause before you share. If the video instantly triggers anger, fear, or triumph, that is often the point — strong feelings speed up spread and switch off scrutiny.
  2. Find the first source. Use reverse image search, check when and where the material first appeared and how old the account spreading it is. A single anonymous source is a warning sign.
  3. Activate independent relations. Are several reputable newsrooms reporting independently? Are there other recordings of the same moment, statements from people present, reactions from official channels? If everything stays silent although the event would be big, that speaks against authenticity.
  4. Zoom into the details. Check hands, teeth, ears, glasses, hairline, shadows, lip sync, and text in the background. Artifacts are hints — but their absence is no all-clear.
  5. Check provenance signals and fact-checks. See whether the file carries Content Credentials (C2PA), and search whether fact-checking newsrooms have already assessed the clip.
  6. Weigh the whole picture. The more real connections into the event you can confirm, the more load-bearing the recording. If everything loops back to the clip itself, don't share — not sharing is a decision in the network too.

Frequently asked

Is there an app that reliably detects deepfakes?

No, no app detects deepfakes reliably. Detectors deliver probabilities, err in both directions, and age quickly because new generators are trained specifically to fool them. Use such tools as one clue among several at most. Checking provenance is more dependable: reverse image search, looking for independent sources, and inspecting provenance data such as Content Credentials.

What is the difference between a deepfake and a cheapfake?

A deepfake is created or altered with deep learning, for instance through face swapping or voice cloning. A cheapfake needs no AI: a genuine video is slowed down, cropped, falsely subtitled, or placed in a wrong context. Cheapfakes are far more common because they cost almost nothing — and are often just as effective. The check is the same: origin, first source, and independent confirmation of the claimed context.

How do I recognize AI-generated images by their details?

Typical weak spots are hands and fingers, teeth, ears and jewelry, the rims of glasses, hairlines, and background text that only looks like writing. Shadows that don't match the light source and patterns falling out of rhythm, like tiles or fences, also give generators away. But note: these errors get rarer with every model generation. An image without visible artifacts can still be generated — provenance checking remains decisive.

Are deepfakes illegal?

That depends on the use and the country. The technology itself is not banned — satirical or artistic use is permitted in many places. It often becomes illegal through the content: deepfakes can violate personality rights, be punishable as defamation, fraud, or identity abuse, and non-consensual intimate deepfakes are explicitly banned in a growing number of countries. In the EU, the AI Act additionally requires AI-generated or manipulated content to be labeled as such.

What are Content Credentials and what does C2PA do?

C2PA is an open standard from a coalition of tech and media companies; Content Credentials are its best-known implementation. Cameras and editing programs cryptographically sign where a file comes from and which editing steps it has gone through. This provenance chain travels with the file and can be verified. Valid credentials are a strong authenticity signal — missing ones are no proof of forgery, though, since most genuine recordings still carry none today.

How do I protect myself against deepfake calls with a cloned voice?

Stop treating the voice alone as proof of identity, because a few seconds of audio are enough for cloning today. If a supposed relative or manager demands money or credentials on the phone, end the call and ring the person back on the number you already know. Agree on a code word for emergencies within your family or team. Be especially wary of artificial time pressure — its purpose is to prevent exactly the follow-up call that would expose the scam.

Keep thinking

Related terms: Entity, Relation, The three states: empty, active, passive, Network level, Zoom in / zoom out

Last updated: 2026-07-02Sources