Hard2bit
← Back to the cybersecurity blog

Deepfake CEO fraud: why voice cloning is the new business email compromise

By Adrián González · CEO · Published: 17 July 2026 · Updated: 17 July 2026
Deepfake CEO fraud

A finance employee takes a video call. On the other side is the chief financial officer, with his face and his voice, joined by several colleagues the employee also recognises. They ask for an urgent, confidential transfer. He makes it. Fifteen transfers in all, worth the equivalent of 25.6 million dollars. The catch: none of the people on that call was real. Every one of them was an AI-generated deepfake.

This is not a hypothetical script. It happened to the engineering consultancy Arup, which publicly confirmed the fraud in May 2024, and it has become the reference case for a threat that in 2026 is no longer exceptional: impersonating executives with synthetic voice and video. It is, in essence, the same old CEO fraud, but with a layer of credibility that breaks the defences we assumed were sound.

Why voice cloning is the new CEO fraud

CEO fraud, or business email compromise (BEC), has worked for years: an attacker poses as a senior figure and orders an urgent payment. What has changed is not the scam but its wrapping. It used to arrive by email, with typos and haste an alert employee could catch. Now it arrives by phone or video call, with the boss's voice and face, and that audiovisual layer switches off suspicion exactly when it is most needed.

The raw material is within anyone's reach. Every public appearance by an executive — an investor presentation, an interview, a podcast, a corporate video — is free training data. A voice can be cloned convincingly from very few seconds of audio, and the tools to do it have become cheap and widespread. The consequence is that the voice, which for decades we have used as proof of identity, no longer is one.

Anatomy of the deception, at a conceptual level

It is worth understanding how the trap is built without turning it into a manual. These frauds rest on three levers acting at once.

Public raw material

The attacker gathers audio and video of the executive to be impersonated from open sources, and uses it to train a model that reproduces their voice and, in the most elaborate cases, their image. No access to any company system is needed: all the necessary material is usually already published.

A story of urgency and secrecy

The technique is not technological but psychological, and it is the same old social engineering. A believable pretext is manufactured — a confidential acquisition, a payment that cannot wait, an instruction that "comes from the top" — and combined with time pressure and a request to tell no one. Urgency and secrecy exist to stop the victim from verifying.

The channel that lends credibility

The cloned voice or synthetic video is the final stamp of authenticity. In the Arup case, the employee had been suspicious of a first email, but set his doubts aside after the video call, because the people he saw looked and sounded like his colleagues. That is the characteristic trail: an unusual request "confirmed" through a channel that appears maximally trustworthy, when in fact it is the most manipulated.

The facts, with their source

These are the verifiable facts behind the analysis, each with its origin:

  • The Arup fraud involved fifteen transfers worth around 25.6 million dollars (200 million Hong Kong dollars) after a video call with fake participants, according to CNN and Fortune.
  • In May 2025 the FBI warned of a campaign impersonating senior officials through text and AI-generated voice messages to win victims' trust, according to its IC3 public announcement.
  • The same alert was covered by outlets such as CNBC and Cybersecurity Dive, which stress that a voice can be cloned from very few seconds of audio.
  • Industry analysts describe voice cloning as the natural successor to classic BEC, with average per-incident losses well above those of traditional phishing, according to CybelAngel.

One note of honesty: many "percentage growth" figures for deepfakes come from vendor reports with their own methodology and should be treated with caution. The hard facts behind this analysis — the Arup case and the FBI alert — are documented by independent sources and do not depend on any commercial estimate.

Who is in the firing line

Not every profile carries the same risk. The attacker seeks the combination of access to money and credibility of the instruction, and tunes the attack towards wherever that combination pays best.

  • Finance and treasury. Whoever executes payments is the direct target, because a single convincing order can move funds at once.
  • Executives with a public profile. The more audio and video there is of a person, the easier they are to clone; leaders who speak at events or in the media are the best raw material.
  • Suppliers and their accounts. The fraud does not always impersonate the boss: sometimes it mimics a trusted supplier to slip a change of bank account into a legitimate invoice.
  • Moments of exception. Quarter-end, confidential acquisitions, management on holiday or any situation that justifies haste and discretion are the windows the attacker prefers.

Why traditional defences fail

The trouble is that almost all our defences assume that seeing and hearing someone amounts to verifying their identity. On that premise we have built entire processes: approving a payment because "the director asked me on the phone", trusting a video call because "I saw his face". Deepfakes attack precisely that premise, and they do it with no malware, no suspicious links and nothing a technical filter can block.

Nor is it wise to rely on people "spotting" the deepfake. The quality of the synthesis improves faster than the human ability to tell it apart, and asking an employee to decide in seconds whether a face is real is a fragile defence. What does work is stripping value from the impersonation itself: if the process does not depend on recognising a voice or a face, fooling the senses is no longer enough to move the money.

Defence in practice

The measures are ordered by effectiveness. The key is to design processes that do not break even when the voice and the face are perfect.

  • Verify through a second channel, always. No payment order or change of bank details should be executed on a call or video call alone. A call back to a number known in advance, or confirmation through a separate, independent channel, dismantles the deception.
  • Harden the payment process with dual authorisation. Requiring two approvals for transfers above a threshold, and for any change to a supplier's account, means a single deceived employee cannot move funds alone.
  • Agree a verification word or question. A code shared in advance between management and finance, requested whenever an urgent and unusual instruction arrives, is a simple barrier an outside attacker cannot know.
  • Reduce the raw material and the identity surface. You cannot withdraw all of an executive's public audio, but it is worth being aware of how much there is and reinforcing accounts with phishing-resistant authentication and passkeys, so that a cloned voice does not come paired with stolen credentials.
  • Train the workforce with real cases. Effective cybersecurity training does not teach people to "hunt" deepfakes, but to apply the verification procedure without fear of inconveniencing a supposed executive. The same approach we take against other social engineering traps such as ClickFix.

What to do if it has already happened

If the transfer has gone through, the first hours are decisive. Contacting the bank immediately to try to stop or reverse the payment, preserving the evidence — call logs, emails, destination accounts — reporting to the authorities and activating the incident response plan is the difference between a contained loss and an irreversible one. It is also worth checking whether the deception came paired with compromised credentials, because CEO fraud is sometimes the visible tip of a wider intrusion.

The close: trust can no longer rest on the senses

Deepfake CEO fraud forces an uncomfortable shift in mindset: to stop treating voice and face as proof of identity and start treating them as what they now are, data that can be forged. The good news is that the defence does not depend on expensive technology but on sensible processes: verify through another channel, split the authorisation and train people so that verifying feels like part of the job rather than a discourtesy. This is where expert eyes on social engineering and on artificial intelligence security help redesign the processes before the phone rings, not after.

Frequently asked questions

What is deepfake CEO fraud?

It is an evolution of business email compromise (BEC) in which the attacker impersonates a senior figure using AI-generated voice or video. Instead of a plain email, the victim receives a call or video call with the executive's face and voice, which lends a credibility that switches off suspicion and makes it easier for an urgent, confidential payment to go through.

Is the 25.6 million dollar case real?

Yes. It happened to the engineering consultancy Arup, which publicly confirmed the fraud in May 2024. A finance employee made fifteen transfers worth the equivalent of 25.6 million dollars after a video call in which the chief financial officer and other participants were deepfakes. It is documented by independent outlets such as CNN and Fortune, and the Hong Kong police investigation remained open with no arrests and no recovery of the funds.

How much audio does an attacker need to clone a voice?

Very little. According to alerts covered by outlets such as CNBC and Cybersecurity Dive following the FBI's warning, current technology can clone a voice convincingly from just a few seconds of audio. And that audio is usually available from public sources: interviews, investor presentations, podcasts or corporate videos of the executives themselves.

Can a deepfake be spotted by sight or sound?

Less and less, and it is unwise to rely on it. The quality of synthetic voice and video improves faster than the human ability to tell it apart, so asking an employee to decide in seconds whether a face is real is a fragile defence. It is far more effective to design processes that do not depend on recognising a voice or a face to authorise a payment.

How do I protect my organisation from deepfake CEO fraud?

With processes, not just technology. Always verify any payment order or change of bank details through a second, independent channel; require dual authorisation for transfers above a threshold; agree a verification word between management and finance; and train the workforce to apply that procedure without fear of inconveniencing a supposed executive. The goal is that fooling the senses is not enough to move the money.

What do I do if an employee has already fallen for it?

Act within the first hours. Contact the bank immediately to try to stop or reverse the transfer, preserve the evidence (call logs, emails, destination accounts), report to the authorities and activate the incident response plan. Also check whether the fraud came paired with compromised access or credentials, because it is sometimes the visible part of a larger intrusion.

Why does traditional phishing no longer explain this threat?

Because classic phishing relies on email and on signals an alert employee can catch: typos, odd addresses, suspicious links. Deepfake CEO fraud removes those clues by moving the deception to voice and video, channels we associate with maximum trust. There is no malware or link a technical filter can block, so the defence shifts to the process and the people.

Are banks and SMEs as exposed as large enterprises?

The vector is the same for any organisation that moves money on internal instructions, and SMEs can be even more vulnerable because they often have fewer dual-authorisation controls and more informal processes. Size does not protect: what protects is having verification and payment procedures that hold even when the voice and face of the person giving the order look perfect.