For a long time, one of the best practices for phishing prevention has been to pick up the phone and call up the person apparently sending a message. Unfortunately, in some cases, phone calls are now being exploited.

Now, AI enables scammers to mimic the voices of the people they impersonate through voice cloning. As a result, it is more important than ever to verify who you are talking to before sharing any sensitive information.

How Does AI Voice Cloning Work?

Let’s say that we were going to wage a cyberattack on Generic Business Co. If President and CEO Jill Smith of Generic Business Co. had spoken enough on video, we could take her voice and use software to make a copy. Then, thanks to text-to-speech, we would have the power to say whatever we wanted in Jill’s voice.

Internet personality and entertainer Daniel Thrasher shared a video that very effectively highlights how simple it is to do so.

While Daniel’s video focused on the dangers of interpersonal scams, the utility to business-focused cybercriminals is clear. As the comedian used examples like “forgetting the access code to the garage” being a scammer’s ruse, it is just as easy to imagine someone sending an employee a copy of your voice that instructs them to transfer funds, or impersonating a vendor to request payment card information. 

How to Stay Secure

Sometimes, the best response to a high-tech threat is the most old-fashioned option. In this case, it makes the most sense to adopt a challenge-response protocol whenever any requests are made. 

This protocol is effective because it actively reinforces legitimacy by double-checking that the person on the other end is who they claim to be before any sensitive information is shared. Basically, any instruction to transfer funds or change a password over the phone must be confirmed via a secondary method… multi-factor authentication for your communications.

Spotting a Scammy Call 

Deepfake technology and AI have made it tough to spot these kinds of scams, but it isn’t impossible. There are still signs that can help signal there’s trouble afoot, such as:

In addition, some of the standard phishing prevention rules apply… namely, extreme urgency. If someone is pushing for you to break protocol over the phone, hang up and reach out in some other way to confirm.

Scams are getting harder and harder to foil. We can help put you in the best position to succeed. Give us a call at 408-927-8700 to learn more.