AI now lets bad actors fake faces, voices, video calls, and writing styles convincingly enough to move money, harvest credentials, and start "relationships." Most attacks use the same playbook. The defense is a small set of habits.
Two years ago, faking a voice took specialist software and a long sample. Today an open tool clones a voice from three seconds of audio. Faking a face on a live video call is similarly cheap. The fraud reports have caught up.
An employee at a multinational firm joined a video conference with the "CFO" and other "colleagues." Every face was a deepfake; the employee was the only real person there. They authorized 15 transfers totaling about HK$200M (~US$25M) before the firm realized none of those people had actually been on the call.
Coverage: CNN · South China Morning Post.
The FBI's Internet Crime Complaint Center (IC3) has issued repeated alerts about voice-cloning scams: a parent receives a call that sounds exactly like their child or grandchild, in distress, asking for bail / accident / hospital money. The voice is real-cloned from a few seconds of social-media audio.
FBI public alerts: PSA 2024 · FBI San Francisco.
The good news: a small set of habits — the same ones IT teams drill into staff for phishing — defend against most of it. You don't have to spot the fake to be safe. You just have to slow down.
The tells differ by flavor. The cross-cutting defenses (covered below) are the same.
Generated photos, fake profile pics, doctored photographs.
Image generators can produce a person who has never existed, or doctor a real person into a scene they were never in. The tells are getting subtler — but still cluster in five categories of failure.
Flavor-specific habit: reverse-image-search any photo you're about to act on. If you can't find it elsewhere on the web, that itself is signal. Then check the five categories of tell ↓.
Cloned from three seconds of audio.
This is the one to take seriously, because it preys on the people you love most. Almost always the script is the same: distress + urgency + money. "Mom — I crashed the car. Don't tell Dad. I need bail money."
Flavor-specific habit: ask a real-time question only the real person would know right now. ("What was the last thing we ate together?" "What's our cat's name?") AI doesn't have the context. A real person does instantly.
Live deepfake faces on Zoom, Teams, FaceTime.
This is what got the Hong Kong firm. The caller looks and sounds like a person you know — sometimes multiple people you know — in a normal-looking conference window. Then they ask for an unusual transfer or an urgent approval.
Flavor-specific habit: ask them to do something hard to fake live. Wave a hand sideways across the face quickly. Turn fully sideways. Hold a finger close to the lens. Live deepfake models still glitch on sudden occlusion and unusual angles — the face will smear or distort momentarily.
AI-polished phishing, written-style impersonation, romance scams.
Two things changed in the last two years. The broken-English phishing email is gone — AI fixes the spelling and grammar in seconds, so "the email reads weird" is no longer a reliable filter. And AI can now mimic a specific person's writing style from a sample.
Flavor-specific habit: filter on request shape, not language quality. Does it ask for money / credentials / unusual action / change of payment details? Did it arrive on the channel you'd expect? Polished writing is no longer proof.
Eight AI-generated examples, one tell each. From the Northwestern five-category taxonomy (Kamali, Black, Lin, Groh et al. 2024). Tap a card to study it; tap "reveal" for the hotspot circle and explanation.
Sources: Kamali, Black, Lin, Groh et al. (2024); Hany Farid's lab at UC Berkeley on lighting/shadow forensics. The example images here are AI-generated for teaching; the same tells apply to images you encounter in the wild.
The same playbook IT teams use against phishing — calibrated for the AI-fraud era. None of these requires you to spot the fake. They work even when the fake is perfect.
Pick a word you'd never use casually. Share it with your kids, partner, parents, finance team. The rule: any urgent request involving money or unusual action requires the code word. If the call sounds exactly like your daughter but she can't say the word — it isn't her.
AI fakes the call coming in. It can't intercept your outbound call. Same principle for email: don't reply to the suspicious email; open a new one to the address you already have. Off-channel verification is the single best defense.
Real emergencies survive a 60-second pause. Scams die in that minute. Anyone — family, boss, vendor, "tech support," "the IRS" — pressuring you to act now without verification is, by default, suspect. The smartest move under pressure is the slowest one.
Most of the big losses (Hong Kong $25M, Arup $35M) happened because there was no policy-level requirement for callback verification on unusual transfers. Add the rule: any change in account details, any large transfer, any unusual approval — requires a callback on a known number. Ten minutes of friction prevents seven-figure losses.