We use cookies on this website.

By clicking "Accept," you agree to the storage of cookies on your device to improve your browsing experience, analyze site usage, and contribute to our marketing efforts. See our privacy policy for more information.

Cybersecurity

CEO Fraud Using Voice Deepfakes: How It Really Works and How Your Teams Can Prevent It

CEO fraud has evolved: it now takes just a few dozen euros to clone a CEO’s voice and trigger an urgent wire transfer. For an SME, the best defense lies less in technology than in a simple verification procedure, applied without exception.

CEO Fraud Using Voice Deepfakes: How It Really Works and How Your Teams Can Prevent It

In summary: AI-powered voice cloning has become inexpensive, bringing “CEO fraud” back into the spotlight and putting small and medium-sized businesses in the crosshairs. The good news: a properly implemented verification process can mitigate most of the risk without requiring a significant investment.

What Happened

The threat is no longer just theoretical. On April 27, 2026, the Banque de France and the ACPR issued a warning about fake videos impersonating their own executives—including Governor François Villeroy de Galhau—to promote fraudulent investments. The authorities’ message is clear: no official at the Banque de France recommends financial products.

What has changed is the cost. A voice cloning subscription now costs between 5 and 50 euros per month, and spoofing a phone number costs just a few cents through VoIP services. An SME with 20 to 100 employees has therefore become a profitable target, just like a large corporation. According to a Yousign report published in 2026, a deepfake fraud attempt occurs every five minutes in France. A Regula study, cited by the DGSI in its January 2026 report on economic interference, indicates that 49% of companies worldwide say they have already been the target of a fraud attempt involving an audio or video deepfake.

The most widely discussed case remains that of an employee who was tricked during a completely rigged videoconference: with his executives’ faces and voices cloned, he authorized wire transfers totaling the equivalent of several tens of millions of euros. The case involved a large company, but the same mechanism works on every scale.

Does this apply to me?

The issue isn't the size of your company, but your payment process. Any company that pays invoices via wire transfer can be targeted. The vulnerable link is the person who can initiate a payment: accounting, finance, or executive support.

There are a few red flags that almost always crop up. A sense of urgency (“This has to go out today”). A request for confidentiality (“Don’t tell anyone about this just yet”). A last-minute change to the IBAN. An unusual communication channel, such as a phone call or video call when your manager usually communicates via email. A contact who puts pressure on you and cuts you off when you ask questions.

To see where you stand, test your own process. Ask an employee what they would do if, at 5 p.m. on a Friday, they received a call from the “executive” requesting an urgent and discreet wire transfer. Their answer will tell you whether your procedure holds up, or whether it relies on trust in a voice on the phone.

What to Do Now

1. Require independent double verification. No sensitive transfer is authorized without validation through a second channel specified in advance: a callback to the requester’s registered internal number, or dual signatures. This rule deprives the attack of its main weapon: voice cloning.

2. Implement a process for verifying changes to bank account information. Establish a formal written procedure: any new IBAN or change to a supplier’s account information must be verified by contacting a known representative directly—never based solely on the information provided in the message.

3. Train your teams and set up your Microsoft environment. A short awareness session and an internal “verbal password” are enough to instill the right habits. On the technical side, enable multi-factor authentication on Microsoft 365, monitor automatic email forwarding rules, and keep an eye out for unusual logins. These basic measures also help limit email spoofing, which often accompanies these scams. To learn more about targeted attacks, see our guide on spear-phishing: understanding, detecting, and protecting against it.

Not sure about your exposure?

Get an update from an IT Systems expert

A quick assessment of your exposure and the steps you should take. No obligation.

Request an exchange

In a nutshell

The threat is real, but the solution is inexpensive. A double-checking policy and a shared sense of vigilance can thwart most attempts, even when the voice sounds perfectly credible. Well-prepared teams remain your best defense—far more so than any tool.

Frequently asked questions

Can you tell if a voice has been cloned over the phone? It’s getting harder and harder to tell just by listening. It’s best not to rely on the voice alone and to call the person back using a number you know before taking any action.

Do deepfakes target only large corporations? No. Falling costs make small and medium-sized businesses profitable targets, often because their payment procedures are less secure.

— Samir Amara, CEO — IT Systèmes

Our latest articles

See more
software

"I'm afraid to install software"

In 1996, I took my first steps in computing on an Excel spreadsheet where I filed cheat codes for my favorite video games. 🕹️Le the beginning of a passion for office tools (to each his own 😅 ). There were 3,000 machines connected to the internet! 😶 But what happened next?
June 15, 2026
fishing
Cybersecurity

Phishing 2026: Definition, Examples, and Protection for Small and Medium-Sized Businesses (Comprehensive Guide)

Spear phishing, BEC, voice deepfakes: why training alone isn’t enough, the true cost of an incident (€275,000), and the security measures that will work in 2026
June 26, 2026
backup-vs-retention

Comparing backup VS retention

Backup VS retention: here's the match everyone's been waiting for!!!! 🥊 (okai not at all but I needed a catchy title..🤫)
June 15, 2026