Your CEO's Voice on the Phone Might Not Be Your CEO Anymore
A familiar voice on a call. A face you recognize on a Zoom screen. For most of history, that was enough to trust the person on the other end. It isn't anymore.
Real-time voice and video generation has quietly become a working tool for scammers, not a sci-fi concept. Grab a handful of public recordings, feed them into a model, and a fraudster can swap their voice or face for someone else's in the middle of an actual phone call or video meeting. From the outside, nothing looks off — the phone number is real, the messaging account is real, only the voice and face are synthetic. Which means the fraud-detection systems and security teams watching for threats see what looks like a completely ordinary call. Because, technically, it is one.
A study published in PLOS ONE tested this directly: 529 participants listened to a mix of real and AI-generated voice recordings, and only 73% could tell them apart. Almost one in four fake voices went completely unnoticed — and that's in a calm lab setting, not during a stressful, time-pressured call.
The financial damage is already substantial. In 2024, an employee at engineering firm Arup authorized a $25 million transfer after a video call where the "executives" on screen were deepfakes. Ferrari had a similar close call — scammers cloned the CEO's voice and tried to push through a financial transaction, but the attack fell apart when someone asked a question the fake voice couldn't answer. LastPass faced something similar: attackers used an audio deepfake of the CEO over WhatsApp trying to get access to internal systems, but an employee caught the deception in time.
By 2025, an estimated 8 million synthetic media files were circulating globally, with the volume growing at roughly 900% a year. Security researchers widely expect 2026 to be the year real-time voice swapping and identity fraud through cloud services and biometric checks go fully mainstream as attack methods — not just proof-of-concept demos.
How the Fake Actually Gets Made
These attacks generally follow three steps: gather source recordings, train a model, then swap the voice or video live during a call. Attackers pull audio and video from wherever it's publicly available and use it to build a digital profile of someone's voice or face. From there, they either generate the fake stream on a server or alter their own voice and image in real time using voice conversion tools, a virtual camera, or a hijacked video feed.
Voice cloning has become alarmingly accessible. A few years ago, faking someone's voice took real technical effort. Now, 3 to 15 seconds of clean audio is enough to produce a recognizable voice clone. Getting a version good enough to fool someone who knows the person well takes more — typically 10 to 30 minutes of varied audio across different emotional tones — but that's still a low bar.
There are two basic approaches: voice cloning, where a model is trained to speak like a specific person, and voice conversion, where an attacker's own voice is converted into the target's voice live, in real time. Processing delay has dropped low enough that these swapped voices sound completely natural on a normal phone or VoIP call.
The cost has collapsed just as fast. Back in 2023, a minute of convincing deepfake audio could cost anywhere from $300 to $20,000 to produce. Security researchers now report dark web voice-cloning services starting around $30, with legitimate commercial tools charging as little as $1 per minute of synthesized speech. The technical and financial barrier to entry has basically disappeared. Worse, modern voice models don't just copy tone — they replicate urgency, irritation, and stress, which is exactly what makes a rushed, panicked-sounding request from "the boss" so convincing.
Video is following the same trajectory. Real-time face-swapping tools use GPU acceleration and virtual cameras — software that feeds a fabricated video stream into an app instead of the actual camera signal. There's also a nastier variant: injection attacks, where the fake video is inserted directly into the app's data pipeline after the camera but before any liveness check, meaning it bypasses biometric verification entirely and leaves none of the visual glitches a detector would normally look for. These techniques are already being used to get around remote identity verification at banks and financial platforms.
Creating a convincing face used to require thousands of reference photos taken from different angles and lighting conditions. Recent research from Samsung and Skoltech showed that a single photo — sometimes just one or two — is now enough, once a model has been pre-trained on a broad dataset of general facial movement and lighting behavior. Generation delay is now down to 50-100 milliseconds, well within the normal lag of an ordinary video call.
Video conferencing turns out to be an unusually convenient environment for this kind of fraud, for a few reasons that have nothing to do with sophistication: apps trust a virtual camera the same way they'd trust a real one; heavy video compression on platforms like Zoom or Teams smooths over the small artifacts that would otherwise give a fake away; the small video window and inconsistent resolution hide flaws that would stand out on a full screen; short calls with minimal head movement are exactly the conditions synthetic video handles best; and most people are focused on the conversation, not scrutinizing pixel quality — while call recording and real liveness checks are frequently switched off entirely.
The most dangerous version combines both at once — synchronized fake voice and fake video. Getting lip movement, facial expression, and cloned audio to line up convincingly is technically hard, but the gap is closing fast, and it undermines the one thing video calls were supposed to guarantee: that you're actually talking to a real person.
Why Your Existing Security Tools Don't Notice
None of your standard defenses are built to catch this, and that's not a bug — it's a mismatch of purpose.
Email security tools don't see it because the attack isn't happening in email — it's a phone call, a messaging app, a video meeting. Security monitoring systems log it as a completely normal call, because it's arriving over a legitimate channel through an app the employee uses every day. Multi-factor authentication doesn't help either, since nobody's hacking an account — they're convincing a real employee, using a fake identity, to voluntarily do something.
Even biometric verification, which was supposed to be the answer to exactly this problem, has become a target itself. When attackers inject a fake video feed before the liveness-check step, the system receives what looks like a completely normal live face, synced to a cloned voice, with none of the tell-tale distortion a detector is trained to catch.
A well-executed synchronized deepfake doesn't trip any technical alarm and doesn't leave much of a trail in the logs. It works purely by exploiting the fact that people trust a familiar voice and a familiar face.
Humans Aren't a Reliable Backstop Either
There used to be a comforting assumption that people could just tell — an odd tone, unnatural lip-sync, something that felt "off." In a calm setting, sure, that sometimes works. In an actual conversation, especially one carrying a sense of urgency or authority, people don't analyze details. They hear a voice they recognize, see a face they recognize, and default to trust. That's not carelessness — it's how trust works.
iProov's research puts the number in stark terms: roughly 0.1% of people can reliably tell synthetic video from the real thing. Security awareness training barely moves that needle — people get fatigued by warnings and phishing simulations and fall back on habit anyway. The post-incident quote is almost always some version of the same sentence: "It sounded exactly like him."
Regulators are starting to respond. Several jurisdictions are now drafting or passing laws that specifically criminalize malicious deepfake creation, treat deepfake use as an aggravating factor in fraud cases, and require labeling of synthetic media in political advertising. But laws don't close the underlying gap — people are still wired to trust what they see and hear, and that's exactly the weakness this entire category of attack is built to exploit.
The Attacks Businesses Are Actually Seeing
Business email compromise has grown a voice and a face. It no longer stops at a spoofed email from "the CEO." The modern version is layered: first an email from a nearly identical domain — one swapped letter is enough to slip past a distracted employee — then a voice message asking them to check that email or approve a document, then, if needed, a video call where the person on screen looks exactly like the executive or partner they know. Each step reinforces the last. In a remote-work environment where employees rarely see leadership in person, a video call reads as close to undeniable proof of identity — which is precisely what attackers are counting on.
The FBI's IC3 unit put 2025 losses from business email compromise above $3 billion, and that's before accounting for the growing share of these scams that now include a voice or video component instead of just text.
Vendors, partners, and supply chains are targets too — compromising one trusted party often opens doors elsewhere. Common patterns include fake calls impersonating a bank or telecom employee, requesting information that sounds routine — transaction confirmations, account details, a one-time code — even though legitimate staff never actually ask for codes. There's also deepfake video used to defeat remote identity verification (KYC) at banks: a person shows their face on camera, follows prompts like "turn your head" or "blink," and the video feed gets swapped before it ever reaches the verification system, letting attackers open accounts or access financial services under someone else's identity.
Fake job candidates are a newer and stranger version of the same idea — an attacker builds a synthetic persona, gets through a video interview, and once granted system access for onboarding or a test assignment, has a foothold inside the company's infrastructure. Amazon has said it blocked over 1,800 such candidates tied to North Korean operations in about a year and a half. Gartner has predicted that by 2028, roughly one in four job applicants globally could be fraudulent in some way.
Video conferencing itself has become a favorite hunting ground. The North Korean-linked group Lazarus ran a large campaign against crypto and fintech companies: hijack someone's Telegram account, then use it to invite their contacts to a Zoom call. The link led to a fake page streaming a deepfake video of the real account owner. Seconds into the "meeting," a fake error message appeared with instructions to "fix" the audio — a classic ClickFix trick. Victims who followed the instructions ended up pasting a malicious command into their own terminal, unknowingly launching a PowerShell script that took over their machine. The entire process, from clicking the link to full system compromise, took under five minutes. Researchers found more than 100 victims across 20 countries, 45% of them company executives. CertiK estimated the crypto industry lost over $600 million in a single month largely tied to this kind of Lazarus activity.
Reputational and extortion schemes are their own category, and they hit differently — because seeing a fake, compromising video of yourself triggers a genuine emotional shock that overrides rational analysis, even when the person knows, intellectually, that deepfakes exist. In mid-2025, scammers targeted WPP's CEO Mark Read: they built a fake WhatsApp account using his public photos, set up a Microsoft Teams meeting, cloned his voice, and stitched together video from YouTube footage. They invited an agency leader within the group and tried to talk them into setting up a new company to funnel money and extract personal data. It didn't work — staff noticed inconsistencies in time — but the attempt shows how far this has already progressed. Separate research found that nearly two-thirds of targeted attacks on senior executives now happen in retail, financial services, and insurance specifically, with deepfake impersonation now a factor in roughly 15% of these cases. Resemble AI's 2025 threat report estimated reputation-focused deepfakes generated 156.3 billion media impressions that year, with disclosed financial losses alone topping $1.28 billion — and that's likely an undercount, since only about 20% of incidents come with public financial figures attached.
Corporate espionage and stock manipulation round out the picture. A cloned executive voice asking an employee to send over a contract, a client list, or a report doesn't raise much suspicion when quick voice requests over messaging apps are already normal workplace behavior. iProov found 41% of organizations have already dealt with a deepfake attack targeting leadership; Gartner separately found 37% of security leaders had seen deepfake incidents specifically during video calls. On the market-manipulation side, shareholders of Ostin Technology Group filed a $950 million lawsuit in 2025, alleging that fabricated videos and stock manipulation wiped out 94% of the company's value in a single day.
The common thread across all of these: a real deepfake attack rarely relies on just one channel. It's email, then voice, then video, then time pressure, stacked in sequence. The moment an employee stops and verifies through an independent channel, the whole thing tends to fall apart.
How Detection Actually Works, and Where It Breaks Down
Detection tools work by hunting for artifacts that synthesis leaves behind. On audio, that means spectral irregularities, unnaturally smooth signal, and the absence of the background noise real microphones always pick up — though phone and VoIP compression tends to mask exactly those clues, which is why audio analysis works better on recorded calls reviewed afterward than in real time. On video, detectors look at inconsistencies in micro-expressions, blink rate, corneal reflections, and lighting. One promising technique, remote photoplethysmography, tracks the tiny skin-color shifts caused by a real pulse — something synthetic faces simply don't have. But at low resolution or in a small video window, that signal disappears too.
And detection is getting harder, not easier, for a few concrete reasons: generation technology is improving faster than detection technology; a detector trained on one type of fake often fails completely on a different generation method; aggressive video compression on messaging and conferencing platforms erases the fine-grained artifacts detectors rely on; live attacks give detectors far less time and computing budget to work with than offline analysis of a recorded file; and there's no single universal fingerprint that identifies "a deepfake" — different generation tools leave different traces, and those traces shift as the tools evolve.
Detection is genuinely useful for reviewing suspicious material after the fact. It is not, on its own, a real-time defense.
What Actually Helps
The good news is that the fix here isn't primarily technical — it's procedural, and most of it is cheap to put in place.
Review every process that currently gets approved by voice or video alone, and eliminate any high-stakes action that doesn't require a second, independent channel. Require a second-channel confirmation for anything that matters — payments, changed banking details, sensitive data transfers — no exceptions, regardless of how urgent the request sounds. Add continuous verification during video meetings and watch for anomalies in devices, location, and audio lag. Train people on a simple rule: a familiar voice is not verification, full stop — and back that up with an actual procedure to follow, not just a warning to "be careful." Log unusual calls and video sessions and assign someone to actually review them. Turn off virtual cameras for sensitive meetings where possible, and rely on verified, authenticated video feeds instead. Check devices and IP addresses on high-stakes calls. And record and retain sessions that matter, feeding those logs into whatever monitoring system your security team already uses.
None of this is expensive. What it does is create a process barrier that most deepfake attacks simply can't get past, no matter how convincing the voice or the face is.
The Bottom Line
Deepfakes have crossed over from novelty to genuine business risk. Voice and video are no longer reliable proof that you're talking to the person you think you are, and the everyday channels companies rely on — phone calls, messaging apps, video meetings — are exactly the channels this fraud is built to exploit. Real-time generation and the rise of deepfake-as-a-service have made these attacks fast, convincing, and cheap enough that they no longer require a skilled attacker.
Technology alone won't fix this. If someone can convincingly speak in your CEO's voice and appear on screen with their face, the only thing standing between that and a real loss is a simple verification habit and a healthy dose of skepticism, applied consistently, every time.