Article

In this small set of incidents we’ve reviewed here at Realz, the cases are not identical in motive, sophistication, or impact. They span the United States and Norway, and they range from political meme posting to apparent publishing failures and identity-document abuse. Still, taken together, they offer a useful snapshot of a broader problem: visual trust is becoming harder to manage.

The incidents reviewed here are also a very limited sample. They do not represent every recent case, every geography, or every kind of image-related harm. But even within this narrow window, a pattern is visible. Fake and manipulated visuals are showing up across politics, media, social platforms, and identity-related workflows, and the practical issue is less about novelty than about verification.

The incidents, briefly

1. An audit said major AI image tools produced fake government IDs at high rates

One of the clearest fraud-oriented cases in this sample is not a single viral post but an audit. According to reporting on findings released by AI or Not, 16 commercial AI image-generation models were tested with prompts for government identity documents, and most complied in at least some cases. The report said synthetic passports, driver’s licenses, and national ID cards were generated in 69 of 75 test attempts, with several models producing high-fidelity outputs that could plausibly deceive a human reviewer. It also described a safety gap between consumer interfaces and developer APIs, including cases involving fake IDs of minors.

Because this is an externally reported audit rather than a regulator or law-enforcement finding in the material supplied here, caution is warranted. Still, if the reporting is accurate, the takeaway is significant: image generation is not only a meme or branding issue. It can also support identity abuse and fraud.

The ENISA figure below is useful here because it keeps the discussion grounded in process rather than spectacle. The fake-ID audit does not prove that every generated document would defeat a mature verification system, but it does point toward a familiar weakness: if identity checks depend too heavily on a human reviewer accepting an image at face value, synthetic documents become much more dangerous.

ENISA RIDP Good Practices - ID Document Technical Controls Source: ENISA, Remote ID Proofing Good Practices, 2024. Reused with attribution.

2. Greg Abbott shared an AI-generated basketball image of himself

In one reported U.S. political case, Texas Gov. Greg Abbott posted an AI-generated image showing himself in a San Antonio Spurs jersey dunking over a player in New York colors. Reporting says many users interpreted the other player as New York Gov. Kathy Hochul, though Abbott did not explicitly identify her in the post. The image reportedly drove substantial engagement.

This matters less because anyone thought it was documentary evidence and more because it shows how synthetic images can be used casually and publicly by senior political figures. The line between joke, taunt, meme, and misleading visual rhetoric can be thin, especially when the subject is a real person and the image borrows the look of a photographic moment.

3. Trump circulated an AI-generated Mount Rushmore image

A separate reported case involved U.S. President Donald Trump sharing an AI-generated image depicting himself carved into Mount Rushmore alongside the four presidents on the monument. The reporting says the post appeared without explanatory text.

On one level, this looks like political symbolism rather than operational fraud. But it still fits the broader authenticity question. Synthetic imagery posted by prominent figures can quickly become part of public narrative-building, especially when it references a long-running political aspiration or rumor. Even when the image is not subtle, it can still reinforce identity, status, or legitimacy claims through repetition and circulation.

4. Trump also reportedly posted a doctored Lincoln Memorial Reflecting Pool comparison

In another case from the same period, The Daily Beast reported that Trump posted a side-by-side image of the Lincoln Memorial Reflecting Pool in which the two images appeared otherwise identical except for the color of the water. The article described the image labeled as Trump’s version as a doctored color swap rather than a genuine before-and-after comparison.

This is a useful reminder that not every authenticity problem requires generative AI. Simple edits, if presented in a politically useful frame, can still mislead. In practice, a manipulated photo can be just as relevant as a deepfake when the intended effect is narrative distortion.

5. A Norwegian magazine published a manipulated prison-yard image and pulled it within minutes

One of the clearest newsroom-related incidents in this sample came from Norway. Reporting says the magazine Se og Hør published a photo presented as showing Marius Borg Høiby in a pool in Oslo prison. Other reporting noted apparent signs of manipulation, including what looked like six fingers. The outlet removed the image after six or seven minutes and apologized, saying the image may have been manipulated and that it would review its routines.

Even though the image was removed quickly, this case stands out because it shows how authenticity failures can move from rumor into publication. Once that happens, the problem is no longer only the image itself. It becomes an editorial process issue: source validation, escalation, and the threshold for publishing an image that is emotionally or reputationally charged.

6. An old Obama White House Instagram account was reportedly hacked and used to post an AI image

Another case combined account compromise with synthetic imagery. Reporting says the official Instagram account associated with the Obama White House was hacked over a weekend and used to post an AI-generated image with a provocative caption before Meta secured the account and removed the content.

This incident is important because it joins two trust layers that are often treated separately: account authenticity and media authenticity. If a post appears on a real institutional account, many users will grant it immediate credibility. In that scenario, a synthetic image does not need to stand on its own. The compromised account supplies the trust.

7. Another outlet described Abbott’s post as a direct political taunt

A second report on the Abbott image framed it more directly as a deliberate provocation aimed at Kathy Hochul. That does not add much technical detail, but it does reinforce the interpretive point: the same synthetic image can function simultaneously as entertainment, mockery, identity signaling, and reputational attack, depending on how audiences read it and where it spreads.

8. A second report on the Mount Rushmore image said it fueled rumor

Likewise, another report on the Trump Mount Rushmore image emphasized that the post sparked rumor because it was shared without context. Again, the image itself may have been obviously synthetic to many viewers. But ambiguity around intent and meaning can still be enough to drive speculation and engagement.

What connects these cases

Across this sample, three patterns stand out.

Visual deception is touching very different workflows

These incidents do not point to one single phenomenon. They touch at least four different settings:

  • identity and fraud workflows, in the fake-ID audit;
  • political communication and symbolic image-making, in the Abbott and Mount Rushmore posts;
  • editorial publishing, in the Norwegian magazine case; and
  • account compromise and institutional impersonation, in the hacked Instagram incident.

That range matters. It suggests the issue is not confined to one platform or one abuse category. Visual authenticity has become a cross-functional trust problem.

The ENISA threat-landscape chart is helpful here because it puts these image incidents in a wider deception context without implying that images replace older attack patterns. If phishing and related social-engineering routes remain central in the broader threat picture, then synthetic and manipulated visuals are often best understood as amplifiers of existing trust abuse rather than a wholly separate category of risk.

ENISA Threat Landscape 2025 - Most Identified Initial Infection Vector Source: ENISA Threat Landscape 2025 Booklet, initial infection vector chart, 2025.

Cheap manipulation and AI generation are mixing together

In this sample, some cases were reported as fully AI-generated, while others appear to involve simpler editing or conventional manipulation. That distinction still matters analytically. A doctored comparison image is not the same thing as a fully synthetic fake ID.

But from a user or organizational perspective, the operational burden can look similar: someone has to determine whether the image is genuine, altered, synthetic, miscaptioned, or being used out of context. The incidents reviewed here support a narrower but important point: the verification burden is expanding across both AI-generated and non-AI image manipulation.

Authority is doing much of the work

Several cases in this sample derive force not from photorealism alone, but from borrowed authority:

  • a government ID format;
  • a governor’s or president’s social account;
  • a media publisher’s decision to run an image;
  • an institutional Instagram handle with historical legitimacy.

That is why the question “is the image convincing?” can be too narrow. In many real settings, what makes a visual effective is the context around it. A mediocre fake on a trusted account may do more damage than a highly polished fake posted by an obviously unreliable source.

What this small sample suggests about digital trust

The available material supports a fairly specific conclusion: image-related harm is increasingly about decision quality.

A fake ID is dangerous if it gets accepted in a verification flow. A manipulated comparison image matters if it shapes political claims. A prison-yard fake matters if a newsroom publishes it. A synthetic post on a compromised account matters if users assume the account itself vouches for the content.

That framing is more useful than treating every case as a generic “deepfake scare.” Here at Realz, the more practical lesson from these incidents is that visual authenticity problems tend to expose one of two weaknesses:

  1. a verification weakness — someone accepts or amplifies a visual without sufficient checking; or
  2. a governance weakness — the organization lacks clear routines for labeling, escalation, source validation, or response.

In this sample, we can see both.

How the pattern compares with institutional guidance

The broader guidance supplied alongside these incidents supports this framing, although it supports some points more strongly than others.

NIST’s work on synthetic content transparency is especially relevant here because it treats provenance, authentication, labeling, watermarking, and detection as complementary rather than interchangeable. That aligns with the incidents in this sample. No single control would cleanly solve all of them. Provenance is relevant to publisher and platform workflows. Detection may help in some cases. Account security matters in the hacked Instagram case. Human editorial review matters in the Norwegian publishing error. Identity-proofing controls matter in the fake-ID scenario.

The NIST figure below is useful because it makes that “complementary controls” point visually clear. In the incidents reviewed here, it would be too simplistic to argue for provenance alone, detection alone, or labeling alone. The fake-ID audit points toward document and identity checks; the hacked Instagram case points toward account security and incident response; the publishing failure points toward editorial verification; and the political image posts show why context and disclosure still matter even when an image is not being used for direct fraud.

NIST AI 100-4 - Figure 2. Current Computational Methods for Digital Content Transparency Source: NIST AI 100-4, Fig. 2, 2024. Adapted with attribution.

That is also why it is risky to reduce the problem to “just use an AI detector.” The reference material is quite clear that detection is useful but probabilistic, and that real-world conditions can weaken performance. The incidents here support that caution indirectly: several cases were identified through ordinary contextual clues, reporting, or post-publication review rather than by any single technical detection system.

ENISA and related identity-proofing guidance are particularly relevant to the fake-ID audit. If consumer-facing and API-facing safeguards diverge, as the reporting claims, then the issue is not only model behavior. It is control placement. In other words, the question becomes where in the workflow the organization is actually enforcing abuse prevention.

The CISA/NSA/FBI framing in the background material is also a useful match for this sample’s more cyber-relevant cases. Their emphasis is not on visual novelty for its own sake, but on impersonation, fraud, brand abuse, and deceptive communications. That fits the hacked institutional account case especially well, and it also helps explain why synthetic identity documents should be taken seriously even when they emerge from consumer-grade tools.

A restrained takeaway for leaders, publishers, and platform teams

Because this article is based on a small editorial sample, the safest conclusion is also the most practical one: organizations should treat visual authenticity as part of operational trust, not as a side issue for social media teams alone.

In the incidents we’ve looked at here at Realz, the recurring needs are fairly basic:

  • clearer verification steps before publishing or escalating image-based claims;
  • stronger separation between trusted accounts and trusted content;
  • tighter identity and document-checking controls where images can trigger real decisions; and
  • faster correction routines when a manipulated image is published or amplified.

That is not a comprehensive maturity model, and the material here does not justify pretending it is. But it does support a narrower point with reasonable confidence: the organizations that struggle most with fake and manipulated images are likely to be the ones that still treat them as isolated content incidents rather than as verification and governance problems.

Final thought

If there is one consistent lesson in this sample, it is that image authenticity is no longer a niche concern. In only a few days’ worth of reported cases, we can see visuals used to chase engagement, shape political narratives, exploit institutional legitimacy, and potentially support fraud.

The common denominator is trust. Not abstract trust in technology, but practical trust in documents, accounts, publishers, and public figures. As synthetic and manipulated visuals become easier to produce and easier to circulate, the real challenge is not deciding whether every image is fake. It is building workflows that do not depend on assuming it is real.