The call came in at 9:47 AM. A voice claiming to be the company's CFO ordered an urgent wire transfer. The employee recognized the cadence, the accent, the familiar pauses. They complied. Twenty-five million dollars vanished.
That was the Arup Hong Kong case from February 2024 [3]. By the numbers, it was an outlier in scale but not in kind. Deepfake fraud rose 1,300% in 2024, according to Pindrop's 2025 Voice Intelligence Report, going from roughly one incident per month to seven per day [2]. The technology to clone a voice now requires 30 seconds of audio and a subscription to ElevenLabs, a platform noted in industry reporting as frequently used in voice cloning attacks [1].
So the question is straightforward: can you tell the difference?
What Detection Tools Actually Measure
Voice detection systems do not listen like a human does. They analyze signal properties that bypass conscious perception entirely.
Spectral analysis examines the frequency distribution of audio across time. Real human speech produces characteristic patterns in how energy concentrates across frequency bands. AI-generated speech, even from sophisticated tools, tends to produce spectral artifacts, particularly in how it handles the transitions between phonemes.
Phoneme timing is another target. Human speech has irregular rhythm built from motor control: lungs, vocal cords, tongue, jaw. AI models approximate this rhythm but often flatten the micro-variations that experienced listeners never consciously notice. Speaker verification systems compare incoming audio against a stored voice print, looking for anomalies in pitch contour, formant structure, and timing patterns [1].
Neural anti-spoofing represents the current frontier. Rather than looking for specific artifacts, these systems are trained on large datasets of both real and synthetic audio. They learn to distinguish the statistical distributions of generated versus human speech. Pindrop's Pulse Inspect claims 99% accuracy with this approach, though that figure comes from the company itself [1].
The Accuracy Numbers, Unpacked
According to testing cited by EyeSift, Pindrop achieved 88.4% accuracy on raw cloned audio [1]. The open-source alternative Resemblyzer scored 82.1% in the same benchmark [1].
Those numbers deserve context. They refer to studio-quality audio at 48kHz. Move to real-world conditions, specifically compressed phone audio at 8kHz, and accuracy drops to a range of 60-80% [1]. The compression removes much of the spectral detail that detection systems rely on.
Pindrop analyzed over 1.2 billion customer calls in 2024 and reported that contact center fraud hit its highest level in six years [2]. The exposure for contact centers in 2025 is projected at $44.5 billion [2]. That is not a theoretical risk.
The 99% accuracy claim from Pindrop Pulse Inspect warrants skepticism until independent validation. The 88.4% figure from the EyeSift benchmark is the more reliable reference point, and it drops further under field conditions.
The Fraud Landscape in 2026
ElevenLabs requires approximately 30 seconds of audio to generate a workable voice clone [1]. That audio can come from a podcast appearance, a LinkedIn video, a TikTok clip. The target does not need to cooperate.
Voice fraud increased 350% from 2022 to 2025 [1]. The geographic and sector breakdown tells a specific story. Synthetic voice attacks at insurance companies increased 475%; at banks, 149% [2]. Retail fraud rose 107% in 2024 [2].
A Deloitte survey found that 25% of executives encountered a deepfake voice incident in 2024, reported via Incode [3]. Projected losses from GenAI-enabled fraud are estimated at $40 billion annually by 2027 [3].
The Arup case remains the most publicized. A finance employee received what appeared to be a video call from the CFO requesting emergency funds. The request was reasonable on its face. The voice was convincing. The employee acted. The money was gone before anyone realized the call was fabricated [3].
What Individuals and Organizations Can Do
For individuals, the practical steps are limited but not nonexistent.
Verify through a secondary channel. If a voice call requests something significant, hang up and call back through a known number. Do not use callback numbers provided in the same communication.
Be suspicious of urgency. Deepfake fraud relies on panic. A CFO calling with an emergency wire transfer at 10 AM is a pattern that should prompt verification regardless of how authentic the voice sounds.
Understand what is shareable. Thirty seconds of audio is enough. Think about what you post publicly. LinkedIn videos, podcast appearances, YouTube videos are all potential source material.
For organizations, the risks are structural.
Contact centers face the highest exposure. Retail fraud rose 107% in 2024, meaning every customer-facing call is a potential vector [2].
Verification protocols matter. Multi-factor confirmation for large transfers, callback procedures for sensitive requests, and explicit escalation paths for urgent financial requests reduce the window for exploitation.
Detection tools exist for enterprise use. Pindrop, Reality Defender, and similar platforms offer real-time analysis for call centers and meeting platforms. These are not consumer products and they are not cheap, but they close the gap between 60-80% accuracy and the 88%+ that the EyeSift benchmark shows is achievable in controlled conditions.
The Limits of Detection
No tool is reliable enough to be the only line of defense. Even the best detection systems produce false negatives, and sophisticated attackers know how to mix authentic audio with synthetic samples to fool classifiers.
The 60-80% accuracy range on compressed phone calls means that roughly one in four or one in five deepfake calls will pass undetected by automated tools in field conditions [1]. A fraudster running 100 calls will succeed in 20 to 40 of them.
This is not an argument against using detection tools. It is an argument for layering them with human protocols, verification procedures, and organizational policies that do not assume any single system is sufficient.
The arms race is asymmetric. Attackers need one successful clone. Defenders need to catch every attempt. Detection tools improve the defender's odds, but the math favors the attacker as long as the technology improves faster than the countermeasures.