HIGHAi
Verified
United States

FBI Warns of AI-Generated Deepfake Voice Attacks Targeting Corporate Executives

·Source: FBI IC3

Updated:

Executive Summary

FBI issues alert on rising deepfake voice attacks using AI-cloned executive voices to authorize fraudulent wire transfers. $68M stolen in Q1 2026.

Analysis

FBI warns of a surge in AI-generated deepfake voice attacks targeting corporate finance teams. Threat actors clone C-suite executive voices from earnings calls, conference presentations, and social media. The cloned voices are used in real-time phone calls to authorize urgent wire transfers. At least $68M has been stolen across 15 confirmed incidents in Q1 2026. FBI recommends implementing verbal code words for financial authorization.

Timeline

Discovered
Jan 15, 2026
Published
Mar 6, 2026
Source Attribution

Originally published by FBI IC3 on Mar 6, 2026. Verified by: FBI, CISA.

Related Threats

MEDIUMAi

Weekly Metasploit Update: Modules for SMB-to-Meterpreter, Peyara Remote Mouse RCE exploit, and more

It's Time to Upgrade Your SMB Session This week, Metasploit contributor Dean Welch has added an SMB to Meterpreter session upgrade module. It uses PsExec to facilitate the upgrade. Users can load the module with use windows/manage/smb_to_meterpreter and specify the session number they wish to upgrade. This functionality is also available with the command sessions -u <session_id> . This work is par

Rapid7
LOWAi

An AI just carried out a cyber attack without any human oversight for the first time

Anthony Cuthbertson reports: Security researchers have uncovered what they believe to be the first ever instance of an artificial intelligence agent executing a cyber attack from start to finish without human assistance. The AI-powered attack marks a major milestone for both artificial intelligence and cyber security, raising concerns that AI is lowering the barrier for cyber criminals. The fully

DataBreaches.net
MEDIUMAi

New "Bad Epoll" Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access take full control of a machine as root. It affects Linux desktops, servers, and Android, and a fix is out. Bad Epoll sits in the same small stretch of kernel code where Anthropic's most powerful AI model, Mythos, recently found a different bug. The AI caught one flaw and missed

CVE-2026-46242
The Hacker News