It is Friday afternoon, just before the weekend. An employee in the finance department gets a phone call. On the line is the voice of the director: hurried, a little tense, but unmistakably his voice. There is an acquisition in progress that has not closed yet, it is confidential, and a payment has to go out today to a new supplier. "Keep this between us for now, I am about to step into a meeting." The employee hesitates, but the voice is right, the urgency feels real, and the boss is asking personally. The payment goes through. Only on Monday does it become clear that the director never called.
A deepfake is AI-generated or AI-manipulated audio, video, or imagery that makes someone appear to say or do something that never actually happened. In fraud, this rarely means a polished Hollywood video. It usually means a cloned voice on the phone. That technique is called voice cloning, and when it is combined with phone-based scams we call it "vishing." It is the AI version of CEO fraud: an attacker pretends to be a director or executive and pressures your people into making a payment or sharing sensitive data.
The trick is old, the technology is new, and that combination is exactly what makes it dangerous. This article walks calmly and concretely through how deepfake fraud works, how to recognize it, and which simple agreements your business can put in place right now to stop it.
How does deepfake fraud work?
The core of CEO fraud has been known for years under the term business email compromise (BEC): someone poses as the boss over email and asks for an urgent payment. What AI adds is that the attacker can now also imitate the voice, and sometimes the face. That removes the control people instinctively trust the most: "I recognized his voice, so it was him."
Cloning a voice takes surprisingly little. A few seconds of audio are often enough. That material is everywhere: an interview on YouTube, a podcast, a video on LinkedIn, a recorded voicemail, a clip from a webinar. Directors and business owners are often the most visible people in a company, so their audio is the easiest to find. With that sample, the attacker trains a model that can speak any text in that voice in real time.
The attack itself always turns on two levers: urgency and secrecy. The supposed director is in a hurry, it cannot wait until Monday, and for some reason it is confidential: an acquisition, a fine, a sensitive deal. That combination is not an accident. Haste switches off your critical thinking, and secrecy makes sure you do not consult anyone else who might see through the scam.
The numbers show this is no longer a fringe problem. Reports covering early 2025 describe a roughly 1,600 percent rise in deepfake vishing compared with late 2024. The FBI logged more than 22,000 complaints about AI-related fraud in 2025, with losses of over 893 million dollars. That figure is almost certainly an undercount: an estimated fewer than 5 percent of voice-clone victims ever report the crime. Deloitte projects that losses from AI-enabled fraud could reach around 40 billion dollars a year by 2027. Strong company data security now depends not only on technology but on human processes too. You can read more in our guide to data security in your business.
How do you recognize it?
The first instinct is usually: "I will just listen carefully for whether the voice sounds fake." That is exactly the wrong strategy. The technology improves every month, and you cannot let your company's safety depend on whether a stressed employee notices a slightly off vowel. A good defense is not about detecting the fake. It is about recognizing the pattern of the attack.
The attacker always needs the same ingredients. He wants you to act fast, outside the normal procedure, without a second pair of eyes. If you learn to spot those signals, it does not matter how convincing the voice or video is. The red flags below are the real alarm bells.
| Red flag | What you do |
|---|---|
| A payment that must happen urgently, "today" | Slow down on purpose. Genuine urgency survives a five-minute verification. |
| Secrecy: "do not tell anyone about this" | Treat secrecy as the alarm signal itself and deliberately bring in a colleague. |
| New or changed bank details | Call the known contact back and confirm the account through a second channel. |
| Pressure, irritation, or threats when you hesitate | A real manager values a check. Pressure to skip it is suspicious. |
| A phone or video call demanding immediate action | Hang up and call back yourself on the known number in your company system. |
The pattern is always the same: pressure plus secrecy plus a request that deviates from the normal way of working. One red flag is already enough reason to stop and verify. Two or more means: almost certainly fraud. The good news is that your employees do not need to be technical experts for this. They only need to recognize the pattern and know that they are always allowed to slow down.
How do you protect your business?
The best protection does not cost expensive software. It is a handful of clear agreements that everyone knows and feels confident applying. The principle is verification through a channel the attacker does not control. Below are the protocols that make the difference, from simple to stronger.
Start with the call-back rule. For any unusual payment request, the employee calls back to a known, verified number from the company directory. Never to a number the caller provides, because that may be part of the scam. This single rule pulls the ground out from under most attacks: the attacker has the voice, not the real phone line.
Next, agree on a code word for payment approvals. The arrangement is simple: anyone requesting an urgent payment states the code word. If the word is wrong, nothing goes out, no matter how convincing the voice sounds. A cloned voice cannot know a code word that exists only in your heads.
For amounts above a threshold, introduce multi-person approval plus a mandatory check through a second channel (out-of-band). Concretely: a payment above, say, 5,000 euros requires two approvers, and the confirmation runs not only over the phone but also through a message in your own system or a personal call-back. One channel can be faked. Two independent channels at the same time almost never can.
Finally, training is the glue that holds it all together. Teach your people that urgency plus secrecy is always the real alarm signal, not the voice itself. Make clear that slowing down to verify is not only allowed but expected, and that no one will ever be blamed for a check that turned out to be unnecessary. A culture where "I just wanted to confirm it" is a compliment is your strongest defense. These agreements fit neatly with the broader requirements of the NIS2 directive for cybersecurity in SMBs, which obliges organizations to have their processes demonstrably in order.
Save 4 hours per week on manually checking suspicious payment requests
Many of these checks can also be built into your payment process itself, so that a suspicious request is stopped automatically before a person under pressure presses the wrong button. By embedding verification steps in your business automation, the safe route becomes the easy route as well.
What does the law say?
Legislation helps, but you should not expect miracles from it when it comes to fraud prevention. The EU AI Act introduces transparency obligations: in certain cases, providers and users of AI must mark that content has been artificially generated or manipulated, for example with machine-readable labels. It also adds new prohibitions on certain manipulative forms of synthetic content. The exact timing shifts with the adjustments from the 2026 Digital Omnibus.
Honestly, that changes little at the front end of an attack. A criminal impersonating your director is not going to politely label his deepfake. The transparency rules are mainly aimed at legitimate uses and at the wider information environment, not as a lock on the fraudster's door. The legal context is worth knowing, and you will find the overview in our pillar on AI legislation in the Netherlands and the EU AI Act and in the update on the delay through the Digital Omnibus. But for stopping CEO fraud, your own processes and agreements matter by far the most. The law also helps determine who is liable when things go wrong, as we discuss in AI risks and liability.
Learn more about AI consulting?
View serviceStart today
You do not need to buy a new security system to stand stronger against this by tomorrow. Pick one rule, for example the call-back rule, and make it the norm for every urgent request today. Add a code word this week and agree which amount automatically requires two approvers. Tell your team why: not to sow distrust, but to give everyone room to verify calmly without feeling awkward about it.
Deepfake fraud wins against businesses that run on speed and hierarchy, and loses against businesses that verify calmly. With a few simple agreements you tilt that advantage back to your side. Want help setting up a verification process that fits your organization? Our AI consultants are happy to think it through with you, from a risk assessment to concrete working agreements that your team will actually use.