Business email compromise grew up. It learned to talk, and it learned to look you in the eye on a video call. The controls that worked against a typo-ridden phishing note do not work against a face.
For two decades, the fraud aimed at your finance team had a tell. The grammar was off. The reply-to address was almost right but not quite. The urgency felt rehearsed. We trained people to slow down, read carefully, and pick up the phone. That last instruction was the load-bearing wall of the whole defense, and attackers have just walked through it.
The synthetic voice on the line now matches your CFO's cadence, his clipped way of saying "go ahead," the slight rasp he gets on long days. The face on the conference bridge nods at the right moments. By the time the wire clears, the only authentic thing in the transaction was the money leaving your account. Large enterprises now lose an average of roughly $680,000 per deepfake attack. One executive-impersonation case in Hong Kong moved about $25.6 million across multiple transfers before anyone in the room realized that every "colleague" on the video call was a fabrication.
This is not a fringe scenario being hyped at vendor conferences. Deepfake use inside business email compromise rose from under 5 percent of cases in 2023 to roughly 40 percent by the first quarter of 2026. Deepfake-enabled fraud attempts climbed more than 1,300 percent year over year. CEO-impersonation schemes now target an estimated 400 companies a day. The FBI ranks this among the fastest-growing, highest-value fraud categories aimed at US enterprises in 2026, and analysts project that AI-driven scam losses could reach $40 billion by 2027.
The proof channel became the attack channel
Here is the uncomfortable part. The advice was never wrong on its own terms. "If an email asks you to move money, verify it on a call" was sound guidance when voices could not be cloned from a thirty-second earnings-call clip. The problem is structural: we designated certain channels as proof of identity, and attackers went straight for the channels we trusted most.
A phone call once carried implicit authority because faking a voice was hard. A video call carried more, because seeing someone seemed like the end of the argument. Both assumptions are now obsolete, precisely because we taught everyone to treat them as definitive. The richer the signal, the more conviction it carries. Voice and video are not safer than email anymore; in a deepfake world they are arguably more dangerous, because they short-circuit the skepticism a written request still invites.
The channel we taught our people to trust as identity verification is the one now being faked against them. Security awareness did not fail; it succeeded at defending the wrong perimeter.
Spam filters and email gateways remain useful, but they are fighting the previous war. The malicious instruction may never arrive by email at all. It arrives as a call from a number that looks internal, or a video meeting with a face that belongs to your leadership team. No attachment, no link, no payload to catch. The exploit is human trust, delivered through a medium we explicitly endorsed.
Why "verify by calling" stopped being verification
Verification only works when the verifying channel is independent of the channel an attacker can control. A callback to a number the fraudster supplied is not verification; it is a courtesy call to the criminal. A live voice confirming the request is not verification if that voice can be synthesized. The test of a real control is simple: could an attacker who has already compromised the request also satisfy the verification step? If yes, it is theater.
Visual 1 — Verification methods against synthetic-media fraud
Verification method | Deepfake resistance | Why |
|---|---|---|
Confirming via email reply | Very low | Account or thread may already be compromised; no identity check at all. |
Trusting an inbound phone call | Low | Voice is cloneable from short public audio; caller ID is spoofable. |
Trusting a live video call | Low | Real-time face and voice synthesis now defeat the "I saw them" instinct. |
Callback to a pre-verified number | High | Attacker cannot redirect a number stored independently of the request. |
Callback plus a shared code word | Very high | Requires a secret the synthetic voice does not possess; defeats real-time fakes. |
How to read it: Resistance rises only when the verifying step uses information or a channel the attacker cannot reach by compromising the original request. A code word held by both parties is cheap, low-tech, and remarkably hard to fake.
The controls that hold up share a trait: they bind authorization to something outside the conversation the attacker is running. A callback to a number on file. A pre-agreed passphrase a cloned voice cannot produce. Dual authorization across separate channels above a threshold. None of these are exotic. They are payment-controls hygiene that finance functions quietly relaxed when the threat looked like bad grammar.
What this means for leaders
Stop treating this as a security-awareness problem and start treating it as a process-design problem. You cannot train your way out of a threat engineered to defeat human perception. The instinct to add more deepfake-spotting training is understandable and largely futile, because the fakes are improving faster than people can be coached to detect them. The durable fix lives in your payment workflow, not in your phishing simulations.
Rewrite your authorization rules so that no high-value transfer can be approved through a single live channel. Mandate callbacks to numbers held in your own directory, not numbers supplied in the request. Issue code words to executives and their finance counterparts. Require a second approver reached independently for anything above a defined threshold. Make the secure path the only path, so that an urgent late-Friday request cannot bypass it without a visible exception.
Assume your executives' voices and faces are already public training data. Earnings calls, conference keynotes, podcast appearances, and webinars are a generous corpus for any model. Brief your leadership that their own recorded media is the raw material for the next attack, and that the appropriate response is not to disappear from public life but to ensure their authority can never be exercised through voice or video alone.
The wire that nearly drained that Hong Kong office was not stopped by technology. It was questioned because something felt wrong to a junior employee. We should not be relying on a hunch. The signal we once treated as final proof is now the cheapest thing in the world to forge, and the only defenses that survive are the boring procedural ones we let slide when the threat still looked like a clumsy email.
A BusinessInfomatics original. Synthesized from 2026 deepfake-fraud and business email compromise reporting, including FBI fraud categorization and security-industry incident data.



