The dangers of voice cloning and how to combat it - The Conversation
Criminals are increasingly using AI-powered voice cloning to impersonate public figures and individuals to conduct financial fraud and scams
- Incident date
- Oct 2024
- Target
- Steven Miles
The rapid advancement of artificial intelligence has introduced significant security risks, most notably through the misuse of voice cloning technology. By capturing brief audio samples from platforms like YouTube or TikTok, cybercriminals can create highly realistic digital replicas of a person's voice to orchestrate sophisticated fraud.
What happened
In a recent incident in Australia, scammers utilized a voice clone of Queensland Premier Steven Miles to deceive victims into investing in Bitcoin. This technique involves analyzing a target's speech patterns, accent, and breathing to generate convincing audio from text input. Once the voice is successfully cloned, attackers often pair the audio with spoofed Caller ID to establish false trust. The goal is typically to create a sense of urgency, pressuring victims to transfer money via cryptocurrency, wire transfers, or gift cards.
Voice cloning scams have become a global concern, with cases ranging from a $A51 million heist involving a company director in the United Arab Emirates to kidnapping-themed extortion attempts in the United States. Research indicates that the threat is widespread; in the United Kingdom, 28% of adults encountered voice cloning scams in the previous year, while nearly half of the population remains unaware that such technology exists. In Australia, the impact is severe, with nearly 240,000 reports of such scams in 2022 resulting in losses totaling $A568 million.
To combat these threats, experts recommend a multidisciplinary approach. Organizations are encouraged to implement biometric security featuring liveness detection and multi-factor authentication. On a broader scale, governments are working to establish new regulations and duty-of-care obligations for banks, telcos, and digital platforms to better detect and disrupt these deceptive communications. Public awareness remains a critical defense, as keeping calls brief and verifying identities through secondary channels can help mitigate the risks posed by this evolving technology.