{"version":"1.0","type":"rich","provider_name":"Acast","provider_url":"https://acast.com","height":250,"width":700,"html":"<iframe src=\"https://embed.acast.com/$/69f3e0f28beeba531023e35c/6a4bcbf0d555352bfa5203c4?\" frameBorder=\"0\" width=\"700\" height=\"250\"></iframe>","title":"Week of July 6th 2026","thumbnail_width":200,"thumbnail_height":200,"thumbnail_url":"https://open-images.acast.com/shows/69f3e0f28beeba531023e35c/1783352266381-164d3956-a3f0-43e3-a3db-436b88d75c14.jpeg?height=200","description":"<p>For three weeks I told you the good news: AI is cheap, powerful, and it's your edge. This is the fine print. The same price collapse that lets your shop punch above its weight lets a stranger forge your vendor's invoice and clone your voice — for pocket change. The email that \"looks off\" doesn't look off anymore. The voice on the phone that sounds like you... might not be you. But the defense got just as cheap as the attack. This week: how the scam got a copywriter, why three seconds of your voice is now a weapon, the tool that catches the fakes your inbox lets through, and the ten-minute, zero-dollar rule that holds even when the email <em>and</em> the voice are both fake.</p><p><strong>In this episode:</strong></p><p><br></p><ul><li><strong>The scam got a copywriter</strong> — The FBI's latest crime report logged $20B+ in fraud last year, including a brand-new AI-fraud category worth ~$893M. Business email compromise alone: over $3B, averaging ~$123K per hit. Roughly 40% of those scam emails are already AI-written — no typos, right names, perfect tone. The \"look for bad grammar\" defense is dead.</li><li><strong>Three seconds of audio</strong> — A convincing clone of your voice now takes about three seconds of audio — your voicemail greeting is enough. ~62% of companies were hit with a deepfake social-engineering attempt last year, average loss north of $500K. It's <em>easier</em> to run against a 28-person shop than a bank.</li><li><strong>Everybody's a target; almost nobody has a plan</strong> — ~80% of companies have no written rule for a suspicious payment request. Small businesses are the favorite target and the least defended. The fix isn't sharper instincts (AI beat those) — it's a process dumb enough to survive a panicked Tuesday.</li><li><strong>Tool Spotlight — Guardz</strong> — An AI security layer that sits on your Google Workspace or Microsoft 365 and catches the clean, AI-written invoice scams your built-in spam filter waves through, plus dark-web password monitoring and quiet team phishing tests. Free Community tier; Pro ~$15/user/mo; 14-day trial, no card. <strong>Honest catch:</strong> it's MSP-first, and no email tool stops a phone call — the inbox is software's job, the phone is yours.</li><li><strong>The Operator's Move — \"Verify before you pay,\" said out loud</strong> — Ten minutes, zero dollars. One rule: any request to move money or change an account gets confirmed by calling the person on a number you already had — never the number in the message. Add a money code word. Then tell your team out loud they're <em>allowed</em> to slow you down. It's the one defense that doesn't care how good the fake is.</li></ul><h2>🔗 Show Notes &amp; Sources</h2><p><strong>The scam got a copywriter (AI-written BEC / FBI IC3)</strong></p><p><br></p><ul><li>FBI 2025 Internet Crime Report — $20B+ fraud; 22K+ AI-related complaints, $893M+ (via KnowBe4): <a href=\"https://blog.knowbe4.com/fbi-report-americans-lost-20-billion-to-fraud-2025\" rel=\"noopener noreferrer\" target=\"_blank\">https://blog.knowbe4.com/fbi-report-americans-lost-20-billion-to-fraud-2025</a></li><li>Business email compromise statistics 2026 — $3.05B / 24,768 cases / ~$123K avg; ~40% of BEC emails AI-generated (Hoxhunt): <a href=\"https://hoxhunt.com/blog/business-email-compromise-statistics\" rel=\"noopener noreferrer\" target=\"_blank\">https://hoxhunt.com/blog/business-email-compromise-statistics</a></li><li>AI is making BEC nearly impossible to spot (ZeroHedge): <a href=\"https://www.zerohedge.com/markets/ai-making-business-email-compromise-nearly-impossible-spot\" rel=\"noopener noreferrer\" target=\"_blank\">https://www.zerohedge.com/markets/ai-making-business-email-compromise-nearly-impossible-spot</a></li><li>Email security statistics 2026 — native filters miss the AI-written 7%; AI detection catches 48% more BEC (Medha Cloud): <a href=\"https://medhacloud.com/blog/email-security-statistics-2026\" rel=\"noopener noreferrer\" target=\"_blank\">https://medhacloud.com/blog/email-security-statistics-2026</a></li></ul><p><strong>Three seconds of audio (voice cloning / deepfakes)</strong></p><p><br></p><ul><li>Deepfake statistics 2026 — ~3 sec to clone a voice; 62% of companies hit; avg loss &gt;$500K (Keepnet): <a href=\"https://keepnetlabs.com/blog/deepfake-statistics-and-trends\" rel=\"noopener noreferrer\" target=\"_blank\">https://keepnetlabs.com/blog/deepfake-statistics-and-trends</a></li><li>Voice cloning is the new BEC — deepfake CEO fraud (CybelAngel): <a href=\"https://cybelangel.com/blog/deepfake-ceo-fraud-how-voice-cloning-targets-us-executives/\" rel=\"noopener noreferrer\" target=\"_blank\">https://cybelangel.com/blog/deepfake-ceo-fraud-how-voice-cloning-targets-us-executives/</a></li><li>Your next \"urgent call from the CEO\" might be synthetic (Shumaker, Loop &amp; Kendrick): <a href=\"https://www.shumaker.com/insight/why-your-next-urgent-call-from-the-ceo-might-be-synthetic-and-what-to-do-about-it/\" rel=\"noopener noreferrer\" target=\"_blank\">https://www.shumaker.com/insight/why-your-next-urgent-call-from-the-ceo-might-be-synthetic-and-what-to-do-about-it/</a></li></ul><p><br></p>","author_name":"Shaun Gehring"}