A voice on the phone is no longer enough to prove someone is who they say they are. As artificial intelligence tools become cheaper and easier to access, scammers are using voice cloning to imitate anyone, even trusted organisations, in attempts to pressure Australians into sending money or sharing sensitive information.
AI-generated audio can be used to create convincing emergency calls or fake payment requests, exploiting fear and urgency. For Australian consumers and businesses already dealing with high scam activity, the practical lesson is clear: verify the request through a separate, trusted channel before acting.
How voice-cloning scams work
Scammers typically begin by collecting short voice samples from online sources, such as social media clips, podcasts, webinars, voicemail recordings, or public videos. Those samples can then be used to generate speech that sounds like a real person.
In a family emergency scam, the caller may appear to be a child, parent, or partner claiming to be in danger and needing money immediately. In a workplace setting, the same technique could be used to imitate a business owner, finance manager, supplier, or senior executive.
The Australian Competition and Consumer Commission’s Scamwatch guidance on artificial intelligence scams warns that scammers use AI to make scams more convincing, personalised, and harder to detect. Scamwatch says criminals can create fake videos, clone voices, and send tailored messages based on information found online. It also warns that scammers may move across several channels (e.g., social media, email, and phone) while maintaining the same false identity.
Why Australian businesses are exposed
A fake voice call may not arrive in isolation. It could follow a compromised email thread, a spoofed SMS, or a fraudulent invoice that appears to match a real supplier relationship. Scamwatch’s business scams advice identifies business email compromise, phishing, and business impersonation as common risks. These include fake invoices, altered payment details, and urgent requests that appear to come from owners or senior staff.
The National Anti-Scam Centre’s latest Targeting Scams report shows Australians reported combined scam losses of $2.18 billion in 2025 across Scamwatch, ReportCyber, IDCARE, the Australian Financial Crimes Exchange, and the Australian Securities and Investments Commission. While reported losses remain below the 2022 peak, the figure highlights how much money is still being taken through increasingly sophisticated fraud.
Warning signs are becoming behavioural, not technical
Voice cloning adds another layer of difficulty because it targets a common human shortcut: trust in a familiar voice. Traditional scam advice often told people to listen for awkward pauses, robotic tones, or strange phrasing. That is becoming less reliable as AI-generated audio improves. The stronger warning signs are behavioural rather than technical: secrecy, panic, pressure to act quickly, requests for unusual payment methods, or instructions not to contact anyone else.
How households can verify emergency calls
For Australian households, one useful safeguard is to agree on a private verification phrase with close family members. The phrase should not be something easily found on social media (i.e., as a pet’s name, a school, a birthday, or a suburb). If someone calls claiming to be in an emergency, the recipient can ask for the phrase, hang up, and call the person back using a known number. If the caller tries to prevent that step, that should be treated as a warning sign.
What businesses should change
For Australian businesses, the controls need to be procedural. Finance teams should require independent verification for changes to payment details, urgent transfers, or unusual supplier requests. Staff should be trained not to approve payments solely on the basis of a phone call, even if the voice appears to belong to a manager or client. Organisations should also review how much executive audio they publish online, including event recordings, podcasts, promotional videos, and public webinars.
The risk is especially relevant in sectors where payments move quickly or where trusted relationships are central to operations, including professional services, real estate, healthcare, education, construction, and small business supply chains. Voice cloning does not need to defeat every security control. It only needs to create enough pressure for one person to bypass a process.
The safest response is to slow down
Scamwatch’s advice is to slow down and check. Australians should call friends, family members, or organisations back using contact details they already trust, rather than replying to the number or message that contacted them. People who believe they have been scammed should contact their bank or card provider immediately, change passwords, seek identity support where needed, and report the scam.
AI voice cloning is likely to remain part of a broader shift in fraud, where scams are more personalised, more automated, and harder to judge at first glance. The answer is not to distrust every call. It is to stop treating voice recognition as proof. In the age of synthetic audio, the safest response is to trust the process, not the sound of the person speaking.