#328 Kevin Tian: Exploring Doppel's AI-Native Social Engineering Defense Platform

What It Covers

Kevin Tian, cofounder and CEO of Doppel, explains how AI-native social engineering attacks—spanning deepfake phone calls, fake LinkedIn personas, SEO poisoning, and brand impersonation—are scaling faster than human defenses, and how Doppel's platform scans, takes down, and simulates these multichannel threats for hundreds of enterprise customers.

Key Questions Answered

• •Attack Kill Chain Framework: Social engineering attacks follow a predictable sequence—preparation, engagement, and asset seizure (money or data). Defenders should map security tools against each stage rather than treating attacks as isolated incidents. Doppel structures its entire platform around disrupting all three phases simultaneously across domains, social media, phone, and ad networks.
• •Phone Call Vectors Dominate Enterprise Breaches: Groups like Scattered Spider and Shiny Hunters compromise casinos, banks, airlines, and tech companies primarily through phone calls to customer support, IT helpdesks, and HR lines—not email. Security training programs that focus only on phishing emails miss the highest-impact attack vector currently being exploited against large organizations.
• •AI Agent Simulations Run Six-Minute Conversations Undetected: Doppel's offensive AI agent, which it calls Vibe Phishing, conducts deepfake voice calls where targets engage for an average of six minutes without detecting the deception. Organizations should test helpdesk and customer support staff specifically with multichannel simulations—not just phishing emails—because those roles are the primary targets.
• •Out-of-Band Verification Reduces Deepfake Risk Without Technology: When verifying someone's identity on a video call, ask them to show their phone's selfie camera view, pose questions about hyper-local topics, or reference fictional places to test for pre-scripted AI responses. Cross-referencing through a second known communication channel—a verified phone number or LinkedIn message—makes simultaneous multi-platform impersonation significantly harder to execute.
• •Ground Truth Data Scales Defensively: Doppel's business model—charging enterprises directly rather than monetizing ads—gives it verified ground truth on what legitimate brand activity looks like for each client. This data advantage compounds as more customers onboard, enabling more accurate threat detection. Enterprises should prioritize security vendors whose detection models train on verified organizational data rather than generic threat feeds.