In early 2024, an employee at the engineering firm Arup joined a video call with what looked and sounded like the company's CFO and several colleagues, then executed transfers totaling roughly 25 million US dollars. Every face on that call except the victim's was synthetic. The case matters not because the technology was exotic but because the fraud was ordinary: a payment authorization process that treated seeing and hearing someone as verification. Deepfake fraud is not primarily a detection problem. It is a process problem, and processes are something engineering and finance teams can actually fix.
Voice cloning now needs seconds of audio, and every executive with a podcast, an earnings call, or a conference keynote has published hours of training data. Real-time face swaps run on consumer GPUs. Assume the artifact is convincing. Then design controls that do not care.
Anatomy of a synthetic-media heist
The playbook is classic business email compromise with a new front end:
- ▸Reconnaissance: attackers harvest voice and video from public sources, map the org chart from LinkedIn, and learn payment cadences from breached mailboxes.
- ▸Pretext: an acquisition, a confidential legal matter, an urgent vendor change — anything that justifies secrecy and speed while suppressing the victim's normal habit of checking with colleagues.
- ▸The channel upgrade: where BEC relied on spoofed email, the ask now arrives by voice note, phone call, or live video — channels employees are trained to trust more, not less.
- ▸The cash-out: mule accounts and fast-settling rails, which is why response time and payment reversibility matter as much as prevention.
Why detection loses the arms race
Deepfake detectors exist and some are good in the lab. In production they degrade fast: compression on conferencing platforms destroys the pixel-level artifacts detectors key on, generators are trained explicitly against known detectors, and real-time media leaves no file to analyze after the fact. Detection output is a probability score, and no controller should approve or block a seven-figure transfer on a 0.73. Treat detection as a weak signal that raises suspicion — never as a control that grants trust.
Move trust out of the channel
The durable fix is to make the communication channel irrelevant to the authorization decision.
- ▸Out-of-band callback: verify any payment instruction or credential change through a different channel, using contact details from the system of record — never details supplied in the request itself.
- ▸Dual authorization with independence: two approvers who confirm through separate channels, so one convincing call cannot complete a transfer.
- ▸Strong workflow authentication: move approvals out of voice and chat entirely, into a system that requires FIDO2 or passkey authentication. A cloned voice cannot press a hardware key.
- ▸Content provenance where you publish: C2PA Content Credentials will not stop an attacker cloning your CEO, but signing your official media makes the statement that a video is not yours verifiable instead of merely asserted.
- ▸Payment friction by design: threshold-based settlement delays and new-payee cooling-off periods convert a perfect deception into a recoverable incident.
A callback protocol that survives a convincing voice
1. Any request to move money, change bank details, or share credentials triggers verification — no exceptions for seniority, urgency, or secrecy. 2. The verifier initiates contact via a directory number or approved app, never a number, link, or meeting invite taken from the request. 3. Requests claiming confidentiality get more scrutiny, not less; a demand for secrecy is treated as an indicator of fraud. 4. Verification refusals and failures are logged and publicly praised. The analyst who made the CFO wait ten minutes followed policy perfectly. 5. Rehearse it: include a synthetic-voice scenario in tabletop exercises so the first convincing fake your team hears is a drill.
Train for procedure, not for spotting glitches
Awareness training that teaches staff to look for unnatural blinking or mismatched lighting is training against 2021's technology. Worse, it plants a dangerous inference: this looks real, therefore it is real. Modern training should say the opposite — you probably cannot tell, and you do not need to. The control is the process, and the process holds regardless of how convincing the request is. Pair that with a no-blame escalation culture, because the failure mode in nearly every reported case is an employee who felt something was off and proceeded anyway under social pressure.
There is a quiet upside to doing this well. The same verification discipline that stops deepfake fraud also stops classical BEC, insider-assisted fraud, and plain human error in payment flows — which remain, by volume, the larger losses. Customers and auditors increasingly ask how payment instructions are verified, and a documented out-of-band protocol with hardware-backed approvals is an answer that closes deals. Synthetic media will keep improving on a curve you cannot control. Your authorization process is entirely on a curve you can.
