Voice-cloning scams: AI strikes again

We are all used to those phishing scams where an email or text from the CEO demands an urgent release of funds with a believable reason. Most organisations will have processes and checks to prevent such fraud from working. But what if the CEO called you? What if you were speaking to them? Welcome to the world of AI voice-cloning scams.

In this new world of voice cloning, it only takes a brief sample of your voice to seed a fake conversation. And we’re not talking about the robotic text-to-speech recordings of old, but convincing cloned audio that can copy intonation and emotion based on textual prompts.

This emotion factor is important. Imagine receiving a call from a close relative who sounds like they are in trouble. Virtual kidnap scams are already using voice cloning to create the fear and immediacy required to part a victim from their money. 

Before we delve into the dodgy side of voice cloning, don’t forget the technology can be used for many legitimate purposes. Examples include giving speech back to someone who may have lost their voice due to health reasons.

Jump to:

How do AI scammers clone your voice?

Voice cloning is remarkably simple, at least from the user’s perspective. All a scammer needs is an audio recording of the person to be cloned, which can be as brief as a few seconds, to seed the cloning process itself. According to a recent report from McAfee, 53% of adults confirmed they shared their voice data “online or in recorded notes at least once a week”.

How? It could be videos on YouTube, clips on social media, a podcast. If the audio is public, it can be copied and cloned. Of course, an audio seed alone is useless unless you have software to feed it into. 

And it’s effective. Earlier this year, we reported on how a journalist broke bank security with an AI voice.

Free AI voice-cloning software

Another analysis, this time from Recorded Future, found that scammers have many options regarding the technology they can use. There are voice-cloning-as-a-service (VCaaS) services and third-party tools for sale via Telegram channels and dark web crime forums.

There is some good news, here. Many of these VCaaS services, the researchers found, have low-quality output. Indeed, “several threat actors” have been banned in the forums and groups for providing poor service at a high cost.

There are free AI voice-cloning tools that allow for custom cloning of uploaded samples. However, the premium services offer the best quality cloning, including different languages, but at a high cost. This is why a healthy trade exists on criminal forums in compromised premium service accounts.

How do AI voice-cloning scams work?

Cybercriminals will use AI voice-cloning technology to give an otherwise “traditional” phishing attack added believability.

Fraudulent transfer scams have increasingly started using voice cloning of high-level executives, often in conjunction with caller-ID spoofing, to convince a targeted manager to authorise large cash transfers on an urgent business pretext.

Family emergency scams now employ voice cloning to convince a relative, often grandparents, to send money after a car accident or a theft while on holiday.

Most alarming, however, are the reports of ‘virtual kidnap’ scams using AI voice cloning. These work by using cloned audio of the supposed victim crying and begging for help coupled with violent threats from the “kidnapper” to add urgency and fear into the equation.

McAfee researchers found that 45% of people surveyed would respond to a voice message that sounded like it was from a loved one.

How to protect yourself from AI voice cloning scams

Because of advances in generative AI, the best voice-cloning tools are at the stage where it is virtually impossible to distinguish between reality and fake. In which case, how can you defend against these scams?

Although the precise mitigation will depend upon the type of scam being perpetrated, one protection measure cuts across both business and personal genres: a verification protocol.

In the business sphere, this process involves multiple individuals required to verify all fund transfer requests, no matter how high up the executive chain they originate. Consider it part of a multi-factor authentication chain, and ensure it is regularly updated.

When it comes to personal protocols, establish a safe word with loved ones and close family members. This should never be shared on social media and always be employed when requesting help.

Other mitigations are common-sense based, including telling the person calling that you will call them back and then hanging up.

Also, ask yourself why someone in an emergency is asking for funds through cryptocurrency, gift cards, or an untraceable money transfer service rather than a bank transfer!

AI voice cloning: three things to remember

  • Scammers only need a few seconds of good audio to clone your voice using the latest AI tools. Think about how exposed your voice may be, particularly if you are an attractive target to scammers.
  • Voice cloning won’t be used in isolation: attackers will employ detailed background research (spear phishing tactics), caller ID spoofing and more.
  • Establish mitigations, including verification protocols, for business and personal use.
Avatar photo
Davey Winder

With four decades of experience, Davey is one of the UK's most respected cybersecurity writers and a contributing editor to PC Pro magazine. He is also a senior contributor at Forbes. You can find him at TechFinitive covering all things cybersecurity.