Theoretical Framework: In the era of advanced digitalization, concerns about false information and social engineering attacks are currently the main concerns in the field of information security. Information security relies on users' recognition and awareness of the risks associated with social engineering attacks. Identity-protective cognition theory , Information security, social engineering attacks, regulations in Indonesia are used as the underlying theories. Purpose: This research aims to analyze Indonesia’s preparedness to face social engineering attacks with deepfake technology. Method: The research method used in this research is a qualitative method. Activities in data analysis are data reduction, data presentation, and conclusion drawing or verification. Result: Indonesia already has legal regulations that can take action against perpetrators who have abused deepfakes and inflicted losses on their victims, especially if they contain elements of decency. Conclusion: Law enforcement in Indonesia has actually been regulated in the Criminal Code, the Pornography Law, and the Electronic Information and Transaction Law. However, in order to complement its protection and law enforcement, Indonesia can consider the regulations that are being proposed by the United States by specifically regulating deepfakes and also consider media companies to apply content moderation to deepfake material on its platform.