Deepfake business fraud is no longer theoretical. In early 2024, a finance employee at Arup...

This wasn't a lo-fi scam. It was a sophisticated, multi-participant deepfake video call — faces and voices cloned from real people, in real time, convincing enough to fool a finance professional who had worked with these colleagues. The employee did nothing wrong. He followed what looked like a legitimate internal process. The controls simply weren't designed for a world where someone can synthesise your CFO's face and voice from publicly available media.

The scale of the threat

Deepfake fraud losses are rising sharply across UK businesses. Incidents range from £10,000 to over £1 million per event. Voice-only attacks are far more common than video — and require only seconds of publicly available audio to execute.

How the attack actually works

Modern AI voice cloning requires approximately three seconds of source audio. That's less than a single LinkedIn video clip, a company earnings call snippet, a podcast interview, or a television news appearance. Tools available to ordinary attackers — not state actors, not sophisticated criminal gangs — can produce a real-time voice clone from that material. The cloned voice will replicate accent, cadence, tone, and speech patterns with striking accuracy.

The attacker doesn't need to physically impersonate anyone. They dial the finance team, speak in the cloned voice, and deliver a script designed to create urgency and suppress the instinct to verify. The conversation might last two minutes. That's often all it takes.

The CEO voice fraud chain

How a deepfake voice attack plays out
Attacker clones voice from public audioLinkedIn videos, interviews, company media — only seconds needed
Calls finance team impersonating CEO or CFO"Urgent transfer — confidential — don't mention to anyone"
Funds transferred to attacker accountAverage business loss: £100k–£1M per incident

Why existing controls fail

The standard fraud controls — caller ID verification, knowing the voice, contextual plausibility — are exactly what this attack is designed to defeat. The caller ID may show an internal number (spoofed). The voice is the CEO's (cloned). The context is plausible (the attacker researched it). The request comes with authority and urgency that bypasses the instinct to pause and verify.

The social engineering element compounds the technical attack. Instructions like "this is confidential — don't mention it to anyone until it's done" or "we need this completed before the market opens" are specifically designed to isolate the target from their usual support network and accelerate the decision past the point where verification would naturally occur.

"The attacker researched the target, cloned the voice, and scripted the context. The employee followed a process that looked entirely legitimate."

Beyond voice — the broader deepfake threat

Voice cloning is the most common attack vector because it's the cheapest and easiest to execute. But the Arup case demonstrates where the threat is heading. Video deepfakes capable of real-time synthesis are now available to well-resourced attackers. AI-generated written impersonation — emails and messages that perfectly replicate someone's writing style — is trivial to produce. The common thread in all of these is the exploitation of trusted identity. You believe you're talking to someone you know. The attack works because that belief is reasonable.

Professional on a phone call at a desk

Deepfake voice attacks work because they exploit trust — and trust is built on familiarity, not verification.

Detect, Assess, Defend

Defending against deepfake business fraud — Detect, Assess, Defend
Detect
Verify all unusual payment requests
Any out-of-pattern request is a red flag
Callback verification to known numbers
Use a pre-verified number — not one provided on the call
Staff reporting of suspicious calls
No blame culture for raising concerns
Assess
Who has transfer authority?
Map who can authorise payments and at what level
Out-of-band verification in place?
Can you verify a request through a separate channel?
Public audio and video footprint?
How much cloneable executive audio is publicly available?
Defend
Dual authorisation for all transfers
No single person can approve a payment
Code words for voice verification
Pre-agreed word the attacker cannot know
No transfer on voice-only request
Process requires written confirmation via verified channel
Staff deepfake awareness training
Know what these attacks look and sound like
Key principle: trust the process, not the voice. Deepfake attacks defeat familiarity. They cannot defeat a process that requires multi-channel, multi-person verification before funds move.

How BBS helps with this

  • Staff Awareness Training — We deliver practical training on voice fraud recognition, the social engineering patterns attackers use, and the verification procedures that stop a cloned voice from becoming a successful transfer.
  • Process Controls Design — We design and document callback verification and dual-authorisation procedures for financial transfers, removing single points of failure from your payment process.
  • AI Security Gap Assessment — We assess your business's deepfake exposure — including your executives' public audio and video footprint — and identify which roles and processes carry the highest fraud risk.
  • AI Acceptable Use Policy — We establish incident reporting procedures so every deepfake attempt — successful or not — is logged, investigated, and used to improve your defences.