FBI Warns of Surge in Business Email Compromise Targeting CFOs with AI Voice Cloning
The FBI's IC3 issued a warning about a significant increase in BEC attacks targeting CFOs and finance teams at small businesses, using AI-generated voice cloning to impersonate executives in phone calls.
What Are AiTM Phishing Kits
Adversary-in-the-Middle (AiTM) phishing kits are a sophisticated evolution of traditional phishing attacks. Unlike basic phishing pages that simply steal a username and password, AiTM kits act as a real-time proxy between the victim and the legitimate website. When a victim enters their credentials on the fake page, the kit immediately forwards them to the real site, receives the MFA challenge, passes it back to the victim, and then captures the resulting session token. This allows attackers to bypass SMS-based and app-based TOTP MFA entirely — because they are not stealing the MFA code, they are stealing the authenticated session that results after MFA is completed. The victim successfully logs in and sees nothing unusual, while the attacker now has a valid session token they can use to access the account.
The AI Enhancement
The new generation of AiTM kits documented by Proofpoint and Microsoft in Q1 2026 adds AI capabilities that make them significantly more dangerous. First, AI-generated lure pages: the kits use large language models to generate convincing phishing email content and landing pages tailored to the specific target organization, including correct logos, color schemes, and even personalized content pulled from the target's website and LinkedIn profile. Second, real-time adaptation: the AI component monitors the victim's interaction with the phishing page and adapts the content in real time to address hesitation or suspicion. Third, automated targeting: the kits use AI to identify high-value targets within an organization — typically finance staff, executives, and IT administrators — and prioritize attacks against them.
Scale of the Problem
Proofpoint's Q1 2026 threat report documented over 40,000 businesses targeted by AiTM phishing campaigns in the first quarter of 2026, with a success rate (defined as at least one credential compromise per targeted organization) of approximately 12%. This means roughly 4,800 businesses had at least one account compromised through AiTM phishing in Q1 alone. The most commonly targeted services were Microsoft 365, Google Workspace, and Salesforce. Finance teams were the most frequently targeted employees, consistent with the attackers' goal of gaining access to accounts that can initiate wire transfers or access financial data.
The Only Reliable Defense: Phishing-Resistant MFA
The only MFA method that is resistant to AiTM attacks is FIDO2-based authentication — hardware security keys (like YubiKey) or passkeys stored on a device. FIDO2 authentication is cryptographically bound to the specific website domain, meaning it will not work on a phishing page even if the page looks identical to the real site. Microsoft 365 and Google Workspace both support FIDO2 authentication. For organizations that cannot immediately deploy FIDO2 for all users, prioritize it for administrator accounts, finance staff, and anyone with access to sensitive data. For all other accounts, implement Conditional Access policies that flag and block logins from new devices or unusual locations, which can catch AiTM session token theft before significant damage is done.
- Implement a verbal verification protocol for all wire transfers — call back on a known number, not one provided in the request
- Train finance staff to recognize BEC tactics including AI voice cloning
- Require dual approval for all wire transfers above a defined threshold
- Never process a wire transfer request received only via email without voice verification
- Report suspected BEC attempts to the FBI's IC3 at ic3.gov
Need Help With This Threat?
Our San Antonio security team can assess your exposure, apply patches, and protect your business before attackers strike.
Stay ahead of the next threat
Get weekly security alerts — breaches, patch updates, compliance news, and threat intel — delivered free to your inbox every week.