Practical guides to protect yourself, your family, and your business from AI-driven scams, deepfakes, and emerging cyber threats.
Deborah Del Mastro picked up the phone to a man who said he had kidnapped her daughter and wanted $20,000. Then she heard her daughter's voice, pleading with her, unmistakable. She wired $5,000 before she understood what had happened. Her daughter had never been touched. The voice on the line was an AI clone, assembled from audio pulled off the internet.
On June 2, 2026, the FBI warned Americans about exactly this: scams that use cloned voices of family members to manufacture an emergency and pull money out of people before they can stop to think. The technique is cheap, the payoff is large, and that combination is why this has stopped being a rare horror story. It is becoming a standard tool of fraud, and the same trick now aimed at parents is being turned on finance teams.
The mechanics are simpler than most people assume. Voice cloning software needs only a short sample of someone's speech, in some cases a few seconds, to produce a convincing imitation. That sample is easy to find: a birthday video on Facebook, a clip on TikTok, a voicemail greeting, a podcast appearance. The attacker feeds the audio into a model, generates new speech in the target's voice, and places a call built to overwhelm judgment. The story is always urgent and always frightening, a kidnapping, an arrest, a car crash, paired with a demand to pay right now through channels that are hard to reverse: wire transfer, Venmo, gift cards, or cryptocurrency.
It works because it attacks reflex rather than reason. A familiar voice in distress moves a parent before any verification instinct can engage, and the caller's whole job is to keep that panic running so the target never pauses to check. Consumer protection experts point to a few tells: small pauses or odd fluctuations in the voice, pressure to act this second, and any request to move money through methods that cannot be traced or recalled.
The same capability that fakes a kidnapped child fakes a chief executive. In the corporate version, attackers clone a manager's voice and call the finance department to authorize an urgent payment, a voice-driven take on what security teams call business email compromise (BEC, fraud that impersonates an executive to trigger a transfer). It is not theoretical. In a 2023 red-team exercise, Mandiant, Google's incident-response arm, trained a voice model on a single natural sample, called an employee while posing as a member of the security team, and used the cloned voice to talk its way into planting a payload on a company machine. The FBI has separately warned that criminals are cloning the voices of senior US officials to build rapport and pry loose account access. If someone on your team picks up a call tomorrow from a voice they recognize, asking for a transfer or a password reset, the recognition itself now proves nothing. The deeper shift is that the human voice has quietly stopped being a form of identification. For a century it was something you could trust down a phone line. That assumption has become a vulnerability, and attackers have learned to pair it with the oldest lever in fraud: authority plus a deadline.
The voice clone scam works because it turns love and loyalty into levers, and because the raw material, a few seconds of your voice, is already public for most of us. The defense is not sharper ears. People cannot reliably hear the difference anymore, and pretending otherwise is how the money leaves the account. The defense is a habit: verify through a second channel before you act, every time, whether the caller claims to be your child or your CEO. Bring one question to your next family dinner and your next security review alike. If a voice you trust called in a panic tomorrow and asked for money, what would make you stop and check first?


