THOUGHTS

The Person on the Call Is Your Partner. (Except… It Isn't.)

July 8, 2026

A hand holds up a smartphone in a dim office at dusk. On the screen, a smiling middle-aged woman's face is lifelike on the left but breaks into a scatter of glowing blue pixel squares on the right, some drifting off the screen.

You get a video call, and it's your business partner. Her face, her voice, the way she laughs a bit at the end of sentences, the way she tilts her head and smiles. We've got a great opportunity, she says, and we need to move some money today.

If it was an e-mail, you'd question whether it was legit. But this isn't an email. This is your partner, live.

Right?

In early 2024, a finance employee at the Hong Kong office of the engineering firm Arup doubted an e-mail request for a financial transfer. But then he received a video call from his CFO and a number of colleagues confirming the request. So he made the requested transfers: fifteen of them, to five bank accounts. Unfortunately, all of the "people" on the video call were deepfakes, and the scammers made off with about $25.6 million. (Chan, 2024; Fortune, 2024).

And that was in 2024, a lifetime ago in AI terms.

You're not a giant engineering firm, but here's what should matter to you: the raw material for a deepfake of you or your partner is just… out there. Your voice on a podcast. A recorded webinar they delivered. Your video on your website. In one test, McAfee's researchers found that three seconds of audio was enough for a free tool to produce a voice clone at an estimated 85% match (McAfee, 2023). Three SECONDS.

In 2025, the FBI's Internet Crime Complaint Center logged $3.04 billion in losses from business email compromise across 24,768 reported incidents — up from $2.77 billion the year before — and it has explicitly warned that criminals are now using generative AI to make those impersonations more convincing (FBI IC3, 2026; FBI IC3, 2024a). There's basically no barrier to deepfakes now.

So here's the both/and. The AI behind today's deepfakes is astonishingly good and getting better every day. And two defenses that beat it are incredibly simple, and very human.

  1. Hang up and call the person back. Use a number you already had, not one they gave you on the call. and/or
  2. Use a code word the two of you agreed on in advance, in person if possible, that isn't stored in a computer.

The deepfake can copy a face and a voice. But it can't answer your partner's cell phone, and it can't know that when you're discussing money your code word is "red rover."

THE FANCIEST FRAUD LOSES TO THE SIMPLEST DEFENSE.

(This is, by the way, what the FBI recommends for verification (FBI IC3, 2024a).)

It seems scary, but the lesson isn't "fear the technology." It's the same one I keep coming back to: don't trust — verify. The tools are getting really good at pretending to be human. Our defense is to be more deliberately human right back.

Your homework: go set up financial code words with your family and your business partners. Agree on a callback plan. Do it this week, before the time comes to use it.

WORK WITH SEAN

Good ideas don’t implement themselves.

When something here resonates, let’s figure out how to put it to work.

BOOK A CALL

15 min · no pitch