Deepfake voice scams: the family playbook
Sixty seconds of audio is enough. Your nephew's podcast guest spot, your dad's Instagram reel, your own voicemail greeting — that is the training set. Here is how the attack actually runs, who it targets, and the small set of habits that make a family or a finance team mostly immune to it.
The classic "grandma scam" worked for decades on a simple script: a panicked young voice on the phone, a story about an arrest or an accident in another city, a request for money by gift card or wire, urgency that does not allow time to think. The defence was always the same — call back on the number you know. The attack just upgraded.
In 2026, the panicked young voice is the actual voice of your actual grandson, cloned from a sixty-second clip of him on a friend's podcast. That is the only thing that changed. The rest of the playbook — the urgency, the story, the wire request — is identical. Which means the defence is mostly identical, with two specific upgrades.
How the attacker sources the audio
You probably underestimate how much of you is online. Sources we have seen in incidents over the past year:
- LinkedIn videos. The "thought leadership" minute-long talking head is a clean, well-lit, high-bitrate sample. Ideal training data.
- Podcast guest spots. Long-form, conversational, multiple emotions. Even better.
- Instagram reels and TikTok. Lower quality but plentiful, and modern voice models are forgiving.
- Voicemail greetings. Often not even password-protected. A direct phone call is enough to harvest one.
- YouTube wedding speeches, conference Q&As, school plays uploaded by proud parents.
Sixty seconds of clean audio is the practical floor. Three minutes is comfortable. Most adults with any public-facing job clear that bar without trying.
The typical scripts
Family-side, the four that recur:
- "I've been in a car accident, I need money for the hospital / lawyer / bail. Do not tell mum, she'll panic."
- "I'm travelling, I lost my wallet, the embassy needs a wire today or I sleep at the airport."
- "It's me, my phone's dead, this is my friend's number, can you send the rent to this account, I'll pay you back tomorrow."
- "This is your grandson, I got arrested for something I didn't do, the lawyer needs a retainer, please don't tell anyone."
Business-side, the script is "I'm the CFO, I need an urgent wire, do not loop in finance until it's done." Same pattern: emotion, isolation, urgency, money.
The family protocol that actually works
It is small. That is the point.
- 1Pick a safe phrase. One sentence the family agrees on. Not a password — a phrase. "Tell me what we ate at Easter in 2019" or "what was the dog's name in 2018" works because the answer is specific, not Googleable, and someone who has been pretending to be your grandson for forty seconds will fail it.
- 2The rule: any phone call that asks for money, wire details, gift cards, or "please don't tell anyone" gets the safe phrase, no exceptions. If the caller pushes back ("there isn't time, just send it"), that is the attack confirming itself.
- 3Always call back on a number you already had. Not the number that called. Not a number the caller gave you. The one in your phone's contacts from before today.
- 4Tell the family. The protocol only works if everyone — including the people you think would never fall for it — knows the phrase and the rule. The most-targeted demographic is grandparents, but the highest-value targets are mid-career adults with money and time pressure.
- 5Practise it once. A single "okay, what's the safe phrase?" round at a family dinner is enough. The point is to make the question feel normal, not awkward, when it arrives in a panic.
The business-level controls
For finance teams the equivalent of the safe phrase is a written, practised callback policy.
- Any payment above a stated threshold requires callback verification to a number from the personnel directory, not from the requesting message or call.
- Dual control: two different people, on two different channels, both approve before funds move. "I called him and he confirmed" is one channel; the second is a click in the finance system after a separate notification.
- A written policy. On paper. On the wall above the AP clerk's desk if you have to. Verbal policies do not survive a confident voice on the phone telling someone to skip them.
- Drills, twice a year. The drill is harmless and the muscle memory it builds is not.
Why "spot the deepfake" is not on the list
Because you cannot, reliably, in real time, on a phone-quality line, while emotional. The artefacts that researchers can sometimes hear in clean studio audio do not survive a cellular call to a worried parent. Defence has to be procedural, not perceptual. The ear is not the right sensor.
A note on the mood
It is tempting to read all this and feel besieged. We are not, in our daily lives, mostly. The protocol above takes ninety seconds to agree on, costs nothing, and removes the entire category of attack from your household. The combination of "we have a phrase" plus "we always call back on the known number" is enough. The attackers are not magicians; they are running a script that depends on your not having one.
A short audit of your own audio footprint
You do not have to delete anything. Just know what is out there. Search your name on YouTube, on the major podcast directories, on LinkedIn, on TikTok and Instagram. Anything where you speak in continuous sentences for more than a minute is a usable training sample. The point is not paranoia; it is calibration. Once you have seen the size of your own audio footprint, the safe-phrase rule stops feeling theatrical and starts feeling proportionate. For most adults under sixty with any professional or social media presence, the answer is "more than enough." That is fine. The defence does not depend on the audio not existing. It depends on the call having to do something the audio cannot do.
Pick a phrase this weekend. Tell the family at dinner. Move on with your life.
Run PlanetProxy for seven days, on us.
Same purple tile cards you see on this page, plus the green lock and a 50 ms hop to wherever you want to be.
Start the trial →More from the dispatch
SecurityPP · DispatchHow to read a no-logs audit (without the marketing gloss)Security · 8 minHow to read a no-logs audit (without the marketing gloss)
Every VPN claims "no logs". A small fraction back the claim with an audit. An even smaller fraction publish the audit. Here's how to actually read one.
SecurityPP · DispatchThe kill switch: the small detail that decides whether a VPN actually protects youSecurity · 6 minThe kill switch: the small detail that decides whether a VPN actually protects you
A VPN is only as good as the moment its tunnel drops. Here is what the kill switch is, why most implementations are weak, and how to verify yours actually works.
- SecurityPP · DispatchPost-quantum cryptography: why "harvest now, decrypt later" is the threat that mattersSecurity · 8 min
Post-quantum cryptography: why "harvest now, decrypt later" is the threat that matters
A large quantum computer is probably still years away. The recordings of your traffic from this afternoon are not. Here is what HNDL actually means, what NIST finalised in 2024, and what "post-quantum ready" looks like for a VPN that is not just selling a sticker.