This content originally appeared on HackerNoon and was authored by Modulate
In 2024, there were 105,000 reported deepfake incidents (one every 5 minutes) using the voices of CEOs and top corporate executives to fool employees into handing over millions, along with highly sensitive data and business assets.
That same year, 92% of businesses reported losses tied to deepfake-related incidents, totaling $12.5 Billion.
From the end of 2024 through the first quarter of 2025, deepfake-enabled vishing attacks surged by 1600%. Year-over-year, we can account for a 680% rise in deepfake activity.
By 2027, business losses due to deepfake activity are expected to hit $40 Billion, reaching a total increase of 6,566% (between the years 2023 and 2027).
While there is no doubt that these attacks will continue, there is doubt over whether or not deepfake detection systems are capable of handling that surge.
What a voice deepfake actually looks like in production
Though some companies are designed for synthetic voice dubbing for filmmaking, and others for voice cloning for use in content creation (video games, podcasts, and audiobooks), those with malicious intent are using them to create fraudulent audio.
The process can often look like this:
- Fraudsters will either use LLMs or manually gain access to recordings of a target speaker, usually from social media, speaking events, or podcasts.
- They clean the audio using background removal, equalization, and noise-gating, and sometimes a speech-to-speech model, all of which often make recordings that are even cleaner than typical/ real conversational audio would be.
- Then, the voice cloning tool converts the audio into spectrograms and feeds it into neural networks, generating “voice embeddings” or digital fingerprints that act as a vocal identity.
- The attacker might also use a script to produce responses that mimics their target’s tone, speaking cadence, and typical inflections.
We can see how this one attack process plays out in various real-life scenarios.
Voice-cloning CEO’s
Say, for example, an attacker voice-cloned a CEO to authorize a major wire transfer with their bank. All the fraudster would have to do is scrape YouTube for things like podcast appearances, conference speeches, or news interviews to get a three-second clip of clean audio.
That short clip grants them around 85% similarity with their target.
They’d train the model, potentially prepare a script, and may also compromise an email to align their story with other communications.
After that, all they’d have to do is call their bank or treasury to request a high-revenue transfer to the attacker’s controlled account.
In some cases, they might involve a level of urgency to override processes, claiming they’ll take responsibility for whatever happens as fallout.
NexusFlow’s CEO faced this scenario, costing the company $2.3 Million in deepfake fraud.
Why traditional authentication failed
Video and voice calls have been used as an extra verification step for decades, and that was okay before the advent of video deepfakes. Now, we see cases like that of Arup, which lost $25 Million when an attacker used a video deepfake of a CFO to confirm a suspicious email.
These authentication steps largely rely on the human on the other end to identify the fraud. But when the cadence, accents, and even verbal tics match the real executive, it’s incredibly difficult to tell the difference, even if you personally know the victim. \n In fact, most people are able to correctly identify the deepfakes from the real human audio and video less than 25% of the time.
Audio-native detection flags what people can’t
An audio‑native layer isn’t asking “does this sound like the CEO?”, it’s asking “does this sound like a synthetic model?”
Since many fraud detectors are trained on hundreds of generative models, they’re able to identify patterns in both human and synthetic speech.
Voice-native detection models, like Modulate’s Deepfake Detection API specifically, are trained to look for specific indicators of fraudulent speech, meaning they can flag the following straight from the original audio:
- Synthetic‑voice fingerprints: model-specific artifacts that don’t naturally appear in human speech (spectral regularities, over-smooth formants, unnatural phase coherence).
- Mismatch vs enrolled “real” voice: micro-features of a human’s voice that cloned audio can not match, such as micro‑prosody (micro‑timing, breath patterns), channel characteristics (office mic vs VoIP vs mobile), and long‑term spectral stats. This method relies on enrolling executives’ voices as baselines for comparison.
- Contextual risk: models can create a synthetic-likelihood score to warn of high-risk events, typically combining factors like the unusual time of the day for the call, an atypical device or number, “first-time” high-value wires, or new destination accounts.
With the proper mechanisms in place, the system could use that score to trigger a secondary authentication factor (multi-signer approval, password, callback, etc.).
Synthetic caller impersonating a policyholder
Just like in the previous example, the general process for cloning the target audio remains the same.
This time, though, the attacker breached the company’s data first, obtaining details such as a social security number, address, and even prior recorded calls with the customer. Because this is the entry for the attack, they’re easily able to get through the authentication processes.
This is most commonly seen among insurance companies. So far, they’ve experienced a 475% increase in synthetic voice attacks.
What makes this fraud more common is the ability to use a generic TTS voice to portray a calm, confident customer.
Attackers are typically after claim payouts, policy loans, and cash-value withdrawals.
Traditional authorization fails because it relies on knowledge-based authentication (KBA)
But as far as the company knows, the fraudster is the customer because they’ve already obtained all of the customers’ PII.
What audio‑native detection catches
Audio-native fraud detection tools run continuously and silently on every call, allowing them to detect cloned or TTS voices in <200 ms.
It can flag:
- Over‑regular pitch contours
- Lack of natural micro‑variability
- Model‑specific noise floors and harmonics
- Replayed audio (e.g., pre‑recorded phrases) via abrupt boundary transitions and compression artifacts
- Multiple high‑risk calls from the same number/IP
- Burst of “first‑time” high‑value claims or bank‑detail changes
- Geographic mismatch vs policyholder’s history
By cross-referencing the synthetic likelihood and behavioral risk, the system can trigger a stronger form of authentication and tag the call for fraud investigation.
Real‑time voice conversion during a support call
This is where we start to see the voice cloning process deviate, because instead of using pre-recorded audio, attackers run the conversion in real-time.
They do this by using a streaming voice-conversion tool, like ElevenLabs, that transforms their own live speech into that of another person’s with a <200 ms latency. Attackers can either make it sound like a specific person or create a generic native speaking voice.
They can call any bank, retailer, SaaS vendor… and completely take over accounts, even changing passwords, addresses, accounts, etc.
Since they’re deepfaking the voice live, they’re able to adjust to the conversation at hand, which makes it much harder for detection software to catch.
Humans can’t tell the difference, and neither can voice biometrics
Voice biometrics assume that the imposter is another human rather than an adversarial, model-generated voice.
Even device checks are weak because attackers can easily spoof numbers.
Humans can’t tell the difference because the live human on the other end is able to adapt to the questions and flow of the conversation.
Audio-native detection looks for things human and app-layer checks can’t
Even with a real-time voice clone, there are typically subtle inconsistencies between articulation and formant movement, and the breathing patterns of a real caller vs AI. Background noise on the clone (or lack thereof) can also trigger fraud warnings. Even the consistency of response timing (e.g. responses consistently occur after a two-second delay) and inconsistent jitter patterns may raise flags.
The detection system sees them as statistical anomalies in the spectrogram and phase domain.
All of these anomalies can trigger on-screen alerts in real-time or additional verification steps, or reroute the call to a special fraud line.
Everything points to audio-native architecture
In our recent examination of the leading models on Hugging Face’s Speech Deepfake Leaderboard, the most comprehensive public benchmark for audio deepfake detection, we recognize that Modulate’s Velma-2 tops the leaderboard by a good margin because of its voice-native architecture.
The gap between Velma-2 and the next model, Resemble Detect, isn’t small. \n

Modulate tops the leaderboard with an Average accuracy of 98.9% (or 1.1% failure rate). Meaning out of 100 audio files, only 1.1% of files are falsely flagged as deepfakes.
This is the closest any model has ever come to complete and perfect accuracy.
Resemble AI (resemble-detect-3b) follows with an Average of 2.570 (97.9% average accuracy). Hiya anchors the pack with an Average of 2.113 (97.4% average accuracy).
A difference of 1.466% Average EER between Modulate and Resemble seems like a minute difference to anyone outside the ASR industry. However, the difference is rather large, amounting to 60% more deepfakes caught (or 150,000 fewer false positives per 10 million calls).
Modulate accomplishes this even as one of the smallest deepfake detection models, thanks to its naturally efficient architecture.
Voice-native architecture or nothing
Voice-native detection models, or audio-native ensemble learning models (ELM) models, ingest raw audio to determine fraud likelihood.
By ingesting the raw audio, these audio-native models can create and analyze:
- Spectrograms: time-frequency maps that reveal unnatural spectral envelopes, missing noise floors, and harmonic smoothness. Most deep-fake models are limited to this analysis.
- MFCCs (Mel‑Frequency Cepstral Coefficients): detect overly consistent MFCC patterns and compact representations of vocal-tract characteristics.
- Prosodic features: stress patterns, jitter, shimmer, breath timing, and pitch contours.
- Micro‑temporal anomalies: sub‑phoneme irregularities, phase coherence issues, glottal pulse artifacts, and unnatural formant transitions.
Ensemble architectures run all of the above simultaneously to create a unified prediction, more accurately flagging different attack types, languages, and audio conditions.
Voice-native detection could reduce false positives by 150,000 per year
For every false positive, you risk:
- SLA breaches
- Compliance exposure
- Wasted agent and investigation time
- Customer friction
- Churn risk
Voice-native detection systems are less likely to misclassify legitimate, messy, real-world audio as fake by analyzing the audio signals directly (spectrograms, MFCCs, prosody, micro‑timing).
This could reduce the negative impacts of false positives by as much as ~150,000 false positives per year. Or, rather, the false positive rate could drop to a mere 0.3–0.5%.
Cost of detection vs. cost of fraud
The FBI’s IC3 report for 2025 shows losses related to audio and video deepfakes to be $893 million in the U.S. alone. The largest reported loss so far is the Arup case, costing the Hong Kong-based multinational engineering firm $25.6M.
Fin-tech companies are often hit particularly hard, with losses averaging $630,000 per attack. Financial services see average losses of $603,000, and banking services see losses of $570,000 per attack.

Preventing even .05% of the losses seen in the average attack could pay for your entire fraud detection program. Those costs scale linearly, unlike fraud losses, which are catastrophic no matter the scale of your business.
To run Modulate’s deepfake detection for 10,000 hours each month (at $.25 per hour) would come to $2,500 per month. This is a rounding error for any large contact center or enterprise taking calls at scale.
What organizations need to do now to invest in fraud detection
Investing in deepfake and fraud detection systems isn’t as simple as finding the best tool with the highest accuracy rate.
You need to know what your organization can support and how well you can adopt any system you choose. For that, you need to audit and test your deepfake resilience.
Audit your current voice authentication for deepfake resilience
Voice biometrics and knowledge-based authentication are still heavily relied on in authentication practices.
But, as we’re already seeing, these don’t stand up against modern AI-based attacks. You can reveal whether or not this is true of your own systems by asking the following:
- Can your IVR or agent‑assist stack be fooled by a cloned voice?
- Do your authentication flows rely on linguistic signals instead of acoustic ones?
- Are you evaluating models against current‑generation synthesis, not 2022‑era TTS?
Test your any detection system you choose against state-of-the-art synthesis (not last year’s deepfakes)
The quality of deepfakes used in fraud doubles every year.
That’s why you should question the speed of adaptability for any solution you choose, but that solution should also be tested regularly, not just upon initial inspection or adoption. Performance three months from now could show quite a difference.
Don’t simply test against publicly available datasets, either. Create your own representative datasets with your pre-existing operational conditions. Include as much variety as you can source from your own audio files (accents, several speakers, background noise, mic issues, etc.).
Document all false positives and negatives within your own tests, testing both against known deepfakes and known authentic content. You can use this data to calculate true error rates.
Measure resource consumption by processing the actual number of calls you take in a day.
Ensure adoptability by having actual team members use the tool. Evaluate how they understand the outputs and whether or not they respond appropriately to fraud detection scores. Do scores trigger appropriate secondary authentication layers? Or, do you have to redesign workflows?
The answers will help you determine both the effectiveness of any tool you select and whether or not your existing systems can handle it.
Deploy audio-native detection as a layer, not a replacement
Audio-native detection is your first line of defense, using the raw audio to create several fraud likelihood scores.
You’ll have answers well before transcription, biometrics, or agent interaction ever comes into play and before funds are ever moved.
The fraud likelihood scores should then trigger one to three of the following:
- Out-of-band verification, such as email confirmation codes, a verified call back, or pushed approvals through a verified app.
- Dynamic-challenge response, such as “tell me the last 4 digits of the vendor we paid yesterday” or “tell me the last deposit we made in your account.”
- Device-binding identity that ties customers to a trusted device or cryptographic key.
- Transaction-level risk scoring that authenticates the action with signals such as whether or not it’s an unusual amount, a different beneficiary, or there’s a geo-location mismatch.
This layered approach helps to reduce your operational load, lower customer friction, and increase fraud-catch rates.
Ultimately, that is the goal of any fraud detection tool, but audio-native detection tools like Modulate’s Deepfake Detection API are the only systems getting companies close to complete protection.
\n \n \n \n \n \n \n \n
\
This content originally appeared on HackerNoon and was authored by Modulate
Modulate | Sciencx (2026-05-24T18:13:18+00:00) Can Voice Deepfake Detection Keep Up With the 1600% Surge in Fraud Attacks?. Retrieved from https://www.scien.cx/2026/05/24/can-voice-deepfake-detection-keep-up-with-the-1600-surge-in-fraud-attacks/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.