Skip to content
AS
Alonso Sala
CRIMINAL LAWYERS
ES

Generative AI Fraud: Deepfakes, Vishing and Impersonation

Criminal defense and prosecution of fraud perpetrated with generative AI: deepfakes, cloned voice (vishing), automated CEO fraud, deepnudes and digital evidence manipulation.

Last updated:

The New Frontier

Generative AI has multiplied the sophistication and volume of digital fraud. Image, video and audio models allow creating hyper-realistic deepfakes, cloning voices with minutes of audio, generating indistinguishable false documentation and automating social engineering at scale. Deepfake and cloned-voice fraud has multiplied in Spain in recent years.

This is the macro landing of our family. For specific topics see deepfake challenge, voice cloning vishing, sexual deepfakes, algorithmic expert evidence and AI digital evidence.

Most Widespread Typologies

  • Non-consensual sexual deepfake.
  • Deepnudes.
  • CEO fraud with cloned voice.
  • Targeted vishing.
  • Real-time video call deepfake.
  • Evidence manipulation.
  • Identity impersonation for opening bank accounts.
  • Romantic scam with synthetic avatar video.

Legal Framework

The Criminal Code already allows these conducts to be prosecuted: non-consensual distribution of real intimate images through the privacy offence (Art. 197.7 CP) and, where the image is fully synthetic, through the moral-integrity offence (Art. 173 CP) and related types; aggravated fraud (Arts. 248 and 250 CP) when especially sophisticated means are used; and civil-status usurpation (Art. 401 CP). A reform introducing a specific offense for sexual deepfakes and reinforcing synthetic-content labeling is also in progress. Regulation EU 2024/1689 (EU AI Act) imposes on generative AI providers obligations of transparency and identifiable watermark marking.

Digital Evidence

Expert challenge of synthetic content is the key defense piece. Forensic markers include: spectral artifact analysis in audio, lighting and blinking inconsistencies in video, absence of subtle physiological markers, metadata and EXIF analysis, and comparison with known models. We work with generative AI forensic experts in each case.

Our AI Methodology

We apply a five-phase protocol: immediate forensic capture; technical expertise with two independent experts; procedural defense adapted to type and jurisdiction; content removal through platform coordination and AEPD; patrimonial recovery in financial fraud with preventive seizure order.

Ordinary fraud versus computer fraud: why the right article matters

Not every deception carried out with generative AI fits the same offence, and the correct classification shapes the penalty, the limitation period and the whole defence strategy. When AI is used to deceive a human being —an email drafted by a language model, a cloned voice impersonating an executive, or a manipulated video that induces someone to transfer money— the conduct is ordinary fraud under Articles 248 and 250 of the Spanish Criminal Code: there is sufficient deception that produces error in the victim and a damaging act of disposal of assets. The core of the reproach is the manoeuvre that overcomes a person's will.

Computer fraud is something different. After the reform introduced by Organic Law 14/2022 (in force since January 2023), the conduct previously found in the now-repealed Article 248.2 is today set out in Article 249.1.a CC: it punishes anyone who, with intent to profit and by means of a computer manipulation or similar artifice, achieves an unauthorised transfer of an asset to the detriment of another. Here no human being is deceived; instead, the operation of an automated system is altered. Citing the old 248.2 is a technical error that should be corrected from the first written submission, because the defence is built on the offence that actually applies.

The distinction is not academic. In AI-driven fraud the boundary can be thin: a single episode may combine the deception of a person and the subsequent manipulation of a system, opening up concurrences that must be analysed case by case. Pinpointing whether the conduct attacked a person's will or the functioning of a machine is the first technical filter of any serious defence.

Concurrence with documentary forgery, identity usurpation and computer damage

AI-driven fraud rarely appears in a pure state. The manoeuvre often relies on fabricated or altered documents —invoices, contracts, certificates or doctored screenshots— which may trigger the documentary forgery offences (Articles 390 and following CC, depending on whether the document is public, official, commercial or private). Cloning a third party's voice or face to pass for them may also amount to usurpation of civil status under Article 401 CC where someone fully assumes another's identity with a degree of permanence, a figure that must not be confused with the mere one-off use of identifying data.

If the operation involved unauthorised access to systems or accounts, the disclosure and revelation of secrets under Article 197 and the unlawful access to information systems under Article 197 bis CC come into play; and where data or programs are deleted, damaged or altered, the computer damage offence of Article 264 CC. These offences protect distinct legal interests —privacy, public faith, property, the integrity of systems— and may therefore concur with fraud without that meaning the same fact is punished twice.

For the defence, the task is to delimit which conducts are actually charged and to resist the automatic stacking of classifications. Not every use of a manipulated document is criminally relevant forgery, nor does every use of another person's data constitute usurpation under Article 401. Arguing the concurrence —whether of offences, of norms, or instrumental— has direct consequences for the final penalty and for the limitation period applicable to the whole.

The Article 197.7 gap for intimate deepfakes when the image is fully synthetic

When fraud or blackmail relies on sexual images or videos generated with AI, it is essential to be precise about the scope of Article 197.7 CC. This provision punishes the dissemination, without consent, of intimate images or recordings obtained with the victim's agreement in a private setting, where disclosure seriously harms their privacy. Its premise is that a real image of the affected person exists and is then circulated without permission.

The difficulty arises with the fully synthetic intimate deepfake: where the content does not start from a real recording but is fabricated entirely by a generative model from the victim's face, part of the legal scholarship considers that it does not sit comfortably within Article 197.7, because the intimate image obtained with consent that the offence presupposes is missing. This is the well-known gap concerning fabricated images, distinct from the reinforced protection that the real or simulated child pornography of Article 189 does afford when the victim is a minor.

This does not mean impunity. Depending on the case, the conduct may be channelled into threats or coercion where a demand is made (Articles 169 and 172 CC), into the offence against moral integrity of Article 173, into fraud where an asset transfer is obtained, or into defamation and the civil protection of the right to one's own image. The classification requires a careful analysis of the specific content and its origin, and the defence must ensure that the facts are not forced into an offence the legislator did not design for fabricated images.

Digital evidence, secrecy of communications and limitation

In these proceedings the evidence is essentially digital: emails, server logs, metadata, traces left by AI tools, destination wallets or accounts and seized devices. Its value depends entirely on having been obtained lawfully. The secrecy of communications is protected by Article 18.3 of the Constitution, and the interception of electronic communications requires judicial authorisation under Articles 588 bis a) and following and 588 ter of the Criminal Procedure Act. The search of mass data-storage devices requires the specific authorisation of Article 588 sexies. A measure carried out without proper legal cover may lead to the nullity of the evidence and of anything derived from it.

The defence must scrutinise the chain of custody, the integrity of the forensic images, the traceability of the data and respect for the principle of proportionality in the intrusion. In the evidentiary terrain of AI-driven fraud, it is also worth challenging technical attribution: the fact that content was generated or sent from a particular device or account does not by itself prove who was behind the keyboard.

As to limitation, Article 131 CC applies according to the offence's maximum penalty. Where the maximum penalty does not exceed five years' imprisonment, the offence prescribes after five years; where it exceeds five and does not exceed ten, it prescribes after ten years. There is no intermediate three-year band for these offences. On jurisdiction, the Investigating Court of the place of commission instructs the case, and the Criminal Court tries it where the penalty does not exceed five years, or the Provincial Court where it does; the National High Court has no competence unless an expressly assigned connecting point applies. In money-mule schemes —someone who lends their account to receive and forward funds— the key is intent: knowledge of the illicit origin can support intentional money laundering, while Article 301.3 CC punishes laundering committed through gross negligence, a decisive line between conviction, mitigation and acquittal.

balance

Penalties & Consequences: Generative AI Fraud: Deepfakes, Vishing and Impersonation

Type / ScenarioCriminal Penalty
Sexual deepfake (Arts. 197.7 and 173 CP)Non-consensual distribution of real intimate images is prosecuted under the privacy offence (197.7); a fully synthetic deepfake is channelled into moral integrity (173) and related offences, as 197.7 requires a real image.
Aggravated fraud (Arts. 248 and 250 CP)1 to 6 years' imprisonment when cloned voice or deepfake is used in CEO fraud exceeding €50,000.
Identity impersonation (Art. 401 CP)6 months to 3 years' imprisonment for civil status usurpation.
Privacy offense (Art. 197 CP)1 to 4 years' imprisonment when there is personal data discovery or distribution.

* Penalties shown are indicative. The actual penalty depends on case circumstances, applicable mitigating and aggravating factors.

shield_lock

Defense Strategy: Generative AI Fraud: Deepfakes, Vishing and Impersonation

gavel01

Urgent 72h action

Capture, rapid expert analysis and distribution blocking in first 72h, key to limit damage.

gavel02

Private prosecution

Appearance as private prosecution to drive investigation and obtain seizure order.

gavel03

Ex delicto civil claim

Moral and patrimonial damages claim within the same criminal procedure.

gavel04

AEPD coordination

Parallel claim before AEPD for illicit personal data processing, with autonomous sanction.

Cybercrime in Spain: Hacking, Phishing & Digital Fraud — Defence Guide

Cybercrime encompasses illegal access to computer systems (Art. 197 bis CP), computer damage and ransomware (Art. 264 CP), phishing and digital fraud (Art. 249.1.a CP), and the production or distribution of hacking tools (Art. 197 ter). Spain's prosecution of cybercrime has intensified dramatically, with specialised units in the National Police (BIT) and Guardia Civil (GDT) leading investigations. Defence requires a unique combination of criminal law expertise and advanced technical knowledge.

Penalty Table: Cybercrime

OffenceArticleDescriptionPenalty
Illegal access to systemsArt. 197 bisUnauthorised access breaching security measures6 months – 2 years
Interception of dataArt. 197 bis.2Intercepting non-public data transmissions3 months – 2 years
Production/supply of hacking toolsArt. 197 terCreating or distributing tools designed for cybercrime6 months – 2 years
Computer damage (basic)Art. 264.1Deleting, damaging or making data inaccessible6 months – 3 years
Aggravated damage (critical infrastructure)Art. 264.2Affecting essential services or critical infrastructure2 – 5 years prison
Cyber fraud (phishing)Art. 249.1.aIT manipulation to obtain unlawful transfer of assets6 months – 3 years

Key Defence Strategies

IP Attribution Challenge

An IP address does not identify a person. Shared Wi-Fi networks, VPNs, Tor exit nodes and NAT configurations mean multiple users may share one IP. The prosecution must prove the accused was the actual user at the relevant time.

Chain of Digital Custody

Digital evidence is extremely fragile. If the police failed to image the hard drive with a write-blocker, if hash values don't match, or if evidence was handled improperly, the defence can seek exclusion of the entire digital evidence chain.

Authorised Security Testing

Ethical hacking and penetration testing carried out with the system owner's authorisation is legal. If the defendant had a written engagement contract, bug bounty agreement or responsible disclosure policy, there is no criminal offence.

Lack of 'Breaching Security Measures'

Art. 197 bis requires that security measures were breached. If the system had no password, no firewall, or the access point was public, the element of 'breaching security' may be absent, negating the offence.

Key Case Law

Doctrina TSElements of illegal access (Art. 197 bis)

The Supreme Court confirmed that 'access' requires effectively entering the system, not merely attempting it. The prosecution must prove: (1) access occurred, (2) it was unauthorised, and (3) security measures were breached. Port scanning alone does not constitute the offence.

Doctrina TSRansomware as combined offence

The Court ruled that ransomware attacks may constitute a concurrent offence of computer damage (Art. 264) and extortion (Art. 243 CP). The encryption of data satisfies the 'damage' element even if data is technically recoverable upon payment.

Doctrina TSPhishing and the 'money mule' defence

In phishing operations, the Court distinguished between the organiser and the 'money mule' (account holder). The mule's liability depends on proof of knowledge that the funds were illicit. Wilful blindness may suffice, but mere negligence does not.

gavel

Why Choose Us?

Need a criminal defense lawyer for this type of offense? Here's how we work:

check
Independent algorithmic expert evidenceForensic analysis by two specialized experts to establish (or dismantle) synthetic nature of content.
check
Immediate forensic capturePreservation of material and metadata through certified procedure before any alteration.
check
Platform coordinationUrgent removal of distributed content and traceability of distributors.
workspace_premium
+15 Years of ExperienceTeam dedicated exclusively to criminal law before Spanish courts and tribunals.
support_agent
Direct AttentionYour case is handled directly by a senior lawyer of the firm.
Consult My Casearrow_forward

Do you need specialised legal assistance?

The judicial system is complex. We have the criminal-law specialisation and technical resources required to take on the defence.

call