HIGHAi
Verified
United States

Scattered Spider Uses AI Voice Cloning to Bypass Voice-Based MFA

·Source: FS-ISAC

Updated:

Executive Summary

Scattered Spider adopts AI voice cloning to defeat voice verification MFA at financial institutions. Three banks confirm successful bypass.

Analysis

Scattered Spider has adopted AI voice cloning technology to defeat voice-based multi-factor authentication used by financial institutions. Attackers clone customer voices from social media and publicly available audio, then use the cloned voices to authenticate to banking systems via phone. Three major banks have confirmed successful MFA bypass incidents. Industry group recommends transitioning away from voice-based authentication.

Timeline

Discovered
Mar 10, 2026
Exploitation Detected
Mar 10, 2026
Published
Mar 16, 2026
Source Attribution

Originally published by FS-ISAC on Mar 16, 2026. Verified by: FS-ISAC, FBI.

Related Threats

MEDIUMAiNEW

Shifting Budget Dynamics for Identity Security and AI Agents

AI agent projects are proliferating throughout the enterprise, and those AI agent identities require management, security, and governance. New Omdia research shows the AI agent identity budget dynamics are very different than traditional IAM projects.

Dark Reading
LOWAi

Torq Purchases Jit to Provide AI-Powered Security Context

<img src="https://ismg-cdn.nyc3.cdn.digitaloceanspaces.com/articles/embargo-0519-9am-et-torq-purchases-jit-to-provide-ai-powered-security-context-image_small-2-a-31714.jpg" align=right hspace=4><b>Jit Context Graph Continuously Tracks Access Patterns, Entitlements, Asset History</b><br>Torq acquired security context graph startup Jit to give AI-driven SOC workflows deeper awareness of organization

Bank Info Security
MEDIUMAi

AI Raises the Bar on Vulnerability Awareness and Secure-by-Design Software

AI-powered vulnerability scanning leaves no excuse for unpatched bugs as the EU Cyber Resilience Act pushes firms toward secure-by-design software

Infosecurity Magazine