Phone calls, executive fraud, and deepfakes
How to stop a convincing person who rushes a payment or data transfer.
The employee stops risky conversations and verifies requests through an independent channel.
Threat
AI and automation make fraudulent conversations more believable, personal, and cheap to produce.
What to know
- An attacker may know real names, projects, job titles, and suppliers.
- CEO or finance fraud usually relies on urgency, secrecy, and bypassing the normal process.
- Voice or video is no longer enough proof when the request is unusual.
- A safe process protects the employee too: nobody has to prove courage by breaking procedure.
Actions
- Confirm payments, data exports, or access grants through a second, previously known channel.
- Use the phrase: "I will check this according to the procedure and call back."
- Do not accept isolation tactics such as "do not tell anyone".
- If a mistake has already happened, report immediately. The first minutes decide whether a payment can be stopped.
Manager note
If management bypasses approval procedures, employees will do the same in a crisis.