Ashish Dsa is the CTO and co-founder of Arbor, a voice AI company that turns frontline conversations into actionable intelligence.
The same class of technology I use to help front-line workers do their jobs better is being weaponized against anyone with a phone.
Your phone rings on a Tuesday afternoon. It’s your CFO, sounding rushed, calling from an off-site. She needs you to wire $80,000 to a vendor before end of business. You know her voice. You’ve heard it on a hundred calls this year. The request is unusual, but the voice is right. You make the transfer. Three hours later, your real CFO walks past your desk and asks how lunch was.
Where did that money actually go? The person on the phone wasn’t her. The voice wasn’t real. Somewhere in a chat room you’ve never visited, a model trained on three seconds of audio from her last LinkedIn talk just earned its keep many times over.
Three seconds. Not three minutes. Three seconds.
That is roughly how much clean audio modern cloning models need to copy someone’s voice, according to Starling Bank’s public Safe Phrases campaign.
I build voice AI for a living. The same class of technology I use to help front-line workers do their jobs better is being weaponized against anyone with a phone, and the gap between what the industry can build and what most people understand has become dangerous.
So where does the voice come from? This is the part most people don’t think about. The audio doesn’t need to come from a hack. It’s already public. A LinkedIn keynote, a podcast appearance, a quarterly earnings call, a voicemail greeting: Anyone who speaks publicly as part of their job is leaving a training dataset online for fraudsters. A 30-minute conference panel on YouTube is more than enough to build a clone that fools the speaker’s own colleagues. Research from Queen Mary University of London found that the average listener can no longer reliably tell a cloned voice from a real one.
And the model itself runs in a browser tab for free. A few years ago, building one took a research lab and a graduate degree. The cost of producing a convincing clone has collapsed and is still falling.
What makes the scam work is more than the voice. The voice is the front door; once the target hears something familiar, the rest of the playbook is decades old. The scammer adds urgency (“The CFO needs this resolved now”), authority (“The CFO outranks you”), isolation (“The deal is confidential; don’t loop in the team”) and an irreversible payment rail. The cloned voice exists to short-circuit the moment of doubt that traditional fraud has always run into, the only thing between the scammer and your money. The voice removes it.
Why This Is No Longer A Niche Threat
In February 2025, fraudsters cloned the voice of Italian Defense Minister Guido Crosetto and called wealthy business leaders asking for emergency ransom payments to free supposedly kidnapped journalists. Reuters reported that Massimo Moratti, the former owner of Inter Milan, sent close to 1 million euros before realizing the call was fake.
In January 2026, an entrepreneur from the Swiss canton of Schwyz transferred several million Swiss francs to a bank account in Asia after fraudsters used a voice deepfake to impersonate a trusted business partner across a series of calls over two weeks. Swiss public broadcaster SRF reported the case is still under investigation.
Voice attacks are increasingly combined with video deepfakes. In a 2024 incident, a finance employee at the engineering firm Arup transferred $25.6 million after joining what looked like a routine video call where every face and voice on screen was AI-generated.
These are individual cases. The aggregate is worse. In 2025, the U.S. Federal Trade Commission counted over 1 million imposter scams with losses up nearly 20% to $3.5 billion, and the FBI attributed $893 million specifically to AI-driven fraud including voice cloning.
The Defense Is Not Technical
The detection problem will not be solved by detection technology in any useful time frame. The cost of generating a clone is falling faster than the cost of catching one. What works is procedural and human.
You need a verification protocol that does not rely on voice. For families, a Starling Bank-style safe phrase works. For businesses, the rule should be that any payment instruction received by phone is confirmed on a separate, known channel. The FBI’s December 2024 alert on generative AI fraud recommends both.
You need a culture where verification is professional, not rude. The most expensive scams succeed because the target felt embarrassed to question what sounded like the CEO. If a real CEO is annoyed that an employee called back to confirm a wire transfer, that company has a deeper problem than fraud.
You also need to narrow the training surface and watch the payment rail. Generic voicemail greetings and tighter privacy on accounts containing extended audio buy you something, though for public figures whose voice cannot be hidden, this layer is broken. The NYC Department of Consumer and Worker Protection flags the payment side as a near-universal pattern: wire, crypto, gift cards and prepaid cards keep appearing because they cannot be reversed. If a familiar voice is steering you toward any of those, it is almost certainly not who it claims to be.
Here is what this looks like in practice. Your CFO calls on a Tuesday afternoon asking for that $80,000 transfer. Instead of acting, you say you need to confirm with finance and will call right back. You hang up, dial her direct number from your saved contacts (not the number that just rang you), and if she does not answer, you message her on your company’s internal app or walk to her office. If the request was real, you have lost five minutes, and any CFO worth working for will thank you for the discipline. If it was a clone, you just saved $80,000 and a very ugly Monday-morning meeting.
That five minutes is the whole defense. The voice was never the real attack. The urgency, the authority, the secrecy and the irreversible payment rail were. Defend against those, and the cloned voice loses most of its power.
Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
