Cloned voices and deepfake faces now hit the wires, hires, and approvals that SMB and mid-market teams run on every day.
Six fraud patterns where AI social engineering is already converting into measurable loss for SMB and mid-market teams.
Hundreds of millions redirected per quarter on closing wires.
Single incidents have cleared $35M on a cloned voice call.
The most common BEC pattern, now arriving with synthetic audio.
Up 220% year over year, including state-sponsored operators.
Cloned claimants and fabricated callers entering payout paths.
Deepfake video calls used to push exceptions past normal review.
Every AI-assisted social engineering attack moves through the same stages. Diopter watches the attack progress and reaches a verdict before the ask lands.
The attacker establishes a believable role: a cloned exec, a title agent, a hiring manager, or a known vendor.
Time pressure compresses normal verification. The deal closes today. Payroll runs in an hour.
The channel narrows and witnesses are removed. Move to DM, private call, or off-domain email.
Stakes rise. Threats, secrecy clauses, or 'just between us' framing accelerate compliance.
The wire approval, MFA reset, credential, hire decision, or vendor change finally lands.
Diopter evaluates voice, video, and conversation signals across the call, scores the arc as it progresses, and reaches a verdict your team or workflow can act on, before the wire, the hire, or the approval goes through.
Voice, face, and conversation signal on every call, across Teams, Zoom, Meet, Webex, and your VoIP trunk.
The Manipulation Arc is scored live. Authority, urgency, isolation, escalation, and ask each move the number.
A verdict and a recommended action: clear, hold for review, or block. Routed to the team or workflow that owns the next step.
See the full verdict matrix below, or read how this compares to existing defenses.
The detail behind the verdict above: media reality crossed with conversation pressure produces a recommended action your team or workflow can act on.
Are the voice and video frames synthetic, or a real human?
Is the dialogue being shaped toward authority, urgency, isolation, and an irreversible ask?
| AI Detection | Arc Risk | What this looks like on a call | Verdict | Recommended action |
|---|---|---|---|---|
| Clean | Low | Real human on the line, request flow looks normal. No synthetic media, no pressure pattern. | Verified | Allow |
| Clean | High | Real human voice, but the conversation is being shaped toward an irreversible ask through urgency, authority framing, and off-policy timing. A social-engineering attempt by a real person, or a coached insider. | Potential Threat | Flag for review |
| Synthetic | Low | Synthetic voice or deepfake video detected, but the conversation isn't pushing toward a high-risk action. Often a benign AI agent, voice filter, or early-stage probe. | Suspected Threat | Hold for verification |
| Synthetic | High | Synthetic media plus the arc is closing on a wire, MFA reset, credential hand-off, or hire. Both axes confirm. | High-Risk Threat | Block |
Most of this category is built and priced for the Fortune 500. Here is how Diopter compares to the defenses an SMB, a mid-market IT team, or an MSP is actually evaluating.
| Capability | Awareness training | Single-frame deepfake | Identity / reputation | Live-call detection | Diopter Arc |
|---|---|---|---|---|---|
| Detects synthetic voice on a live call | |||||
| Detects deepfake video frames | |||||
| Verifies caller identity (reputation/biometric) | |||||
| Models the conversation arc (pressure → ask) | |||||
| Cross-channel correlation (video, voice, +) | |||||
| Forensic evidence chain for incident review |
Public deepfake incidents, mapped to the move where Diopter would have intervened.
2024 · Deepfake video conference
A finance employee joined a video call with a deepfaked CFO and 'colleagues' on camera, then authorized 15 transfers in sequence.
The arc would have surfaced a synthetic-room signal across multiple participants well before the first wire was approved.
Q1 2025 · Email + voice impersonation
Coordinated impersonation of title agents and closing attorneys redirected residential closing wires across 30+ states in a single quarter.
A verdict on the closing call attaches to the wire-instruction change before signature, breaking the redirect.
2024 · Cloned executive voicemail then call
A bank manager transferred $35M after a cloned voice call from a 'director' he had spoken with before, backed by spoofed email confirmation.
The arc accelerates toward an unscheduled wire while voice signal drifts off pattern, holding the transfer for review.
2024 · Deepfake video interviews
Operators use synthetic faces and AI-altered voices to pass remote interviews and infiltrate payrolls of US tech and finance teams.
The same backing actor surfaces across rounds of the loop, exposing the persona before an offer is extended.
Diopter meets your team on the calling tools and the management plane you already run.
Native on the platforms your team already uses.
'%20d='M1.597%204.925h5.969c.33%200%20.597.267.597.596v5.958a.596.596%200%2001-.597.596h-5.97A.596.596%200%20011%2011.479V5.521c0-.33.267-.596.597-.596z'/%3e%3cpath%20fill='%23ffffff'%20d='M6.152%207.193H4.959v3.243h-.76V7.193H3.01v-.63h3.141v.63z'/%3e%3cdefs%3e%3clinearGradient%20id='microsoft-teams-color-16__paint0_linear_2372_494'%20x1='2.244'%20x2='6.906'%20y1='4.46'%20y2='12.548'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%235A62C3'/%3e%3cstop%20offset='.5'%20stop-color='%234D55BD'/%3e%3cstop%20offset='1'%20stop-color='%233940AB'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e)
Inline at the carrier or on the agent endpoint.
'%3e%3cmetadata%20id='metadata10'%3e%3crdf:RDF%3e%3ccc:Work%20rdf:about=''%3e%3cdc:format%3eimage/svg+xml%3c/dc:format%3e%3cdc:type%20rdf:resource='http://purl.org/dc/dcmitype/StillImage'%20/%3e%3cdc:title%3e%3c/dc:title%3e%3c/cc:Work%3e%3c/rdf:RDF%3e%3c/metadata%3e%3cdefs%20id='defs8'%20/%3e%3csodipodi:namedview%20pagecolor='%23ffffff'%20bordercolor='%23666666'%20borderopacity='1'%20objecttolerance='10'%20gridtolerance='10'%20guidetolerance='10'%20inkscape:pageopacity='0'%20inkscape:pageshadow='2'%20inkscape:window-width='1844'%20inkscape:window-height='691'%20id='namedview6'%20showgrid='false'%20inkscape:zoom='2.925'%20inkscape:cx='60'%20inkscape:cy='30'%20inkscape:window-x='67'%20inkscape:window-y='27'%20inkscape:window-maximized='0'%20inkscape:current-layer='svg4'%20/%3e%3cpath%20d='M%2073.24223,25.534007%20H%2063.237672%20l%20-2.301662,4.357785%20c%20-0.306889,0.675148%20-0.828599,1.442367%20-0.828599,1.442367%20h%20-0.09207%20l%20-0.828595,-1.442367%20-2.301661,-4.388475%20h%20-9.97387%20l%207.85634,12.122011%20-7.825651,12.122011%20h%209.820425%20l%202.639239,-5.063624%20c%200.276199,-0.460326%200.613777,-1.380987%200.613777,-1.380987%20h%200.09207%20l%200.613777,1.380987%202.700617,5.063624%20h%209.820425%20L%2065.416578,37.625328%20Z%20m%20-33.849778,5.64671%20c%200.398955,-0.491025%204.050925,-4.940872%204.050925,-9.390727%200,-7.672161%20-6.291209,-11.9378815%20-13.963417,-11.9378815%20-9.636292,0%20-13.840661,5.8922195%20-13.840661,11.8765045%200,3.529192%201.56513,5.984283%203.744037,7.886984%20-1.258242,1.012723%20-5.708122,4.756739%20-5.708122,10.065875%200,6.567363%205.247789,12.79716%2015.283037,12.79716%2010.219379,0%2015.283036,-6.291169%2015.283036,-12.582345%200,-4.142964%20-2.086841,-6.812876%20-4.848835,-8.71557%20z%20M%2029.23445,18.721126%20c%202.700617,0%204.327125,1.503743%204.327125,3.805393%200,2.547153%20-1.104798,4.449855%20-1.442375,5.063624%20-3.621282,-1.56512%20-6.628787,-2.946107%20-6.628787,-5.64671%200,-1.779941%201.166175,-3.222307%203.744037,-3.222307%20z%20m%20-0.276199,24.888487%20c%20-2.761995,0%20-4.97159,-2.148207%20-4.97159,-4.78743%200,-2.240268%201.196864,-3.98952%202.178906,-5.032933%204.050926,1.841314%207.764273,3.222309%207.764273,5.58533%200,2.731293%20-1.902707,4.235033%20-4.971589,4.235033%20z%20M%20101.47595,31.180717%20c%200.39895,-0.521707%204.05093,-4.971562%204.05093,-9.390727%200,-7.672161%20-6.291214,-11.9378815%20-13.963417,-11.9378815%20-9.636295,0%20-13.840664,5.8922195%20-13.840664,11.8765045%200,3.529192%201.56513,5.984283%203.744037,7.886984%20-1.258242,0.982033%20-5.708122,4.72605%20-5.708122,10.035185%200,6.567363%205.24779,12.79716%2015.283039,12.79716%2010.219377,0%2015.283037,-6.291169%2015.283037,-12.582346%200,-4.112273%20-2.08684,-6.782185%20-4.84884,-8.684879%20z%20M%2091.317949,18.721126%20c%202.70062,0%204.327129,1.503743%204.327129,3.805393%200,2.547153%20-1.1048,4.449855%20-1.442376,5.063624%20-3.621284,-1.56512%20-6.628789,-2.946107%20-6.628789,-5.64671%200,-1.779941%201.166175,-3.222307%203.744036,-3.222307%20z%20m%20-0.276196,24.888487%20c%20-2.761997,0%20-4.971593,-2.148207%20-4.971593,-4.78743%200,-2.240268%201.196864,-3.98952%202.178907,-5.032933%204.050921,1.841314%207.733588,3.222309%207.733588,5.58533%200,2.731293%20-1.902714,4.235033%20-4.940902,4.235033%20z'%20id='path2'%20inkscape:connector-curvature='0'%20style='stroke-width:0.30688736'%20/%3e%3c/svg%3e)
Push the agent through the management plane you already use, including agent stacks via MCP.
Plus a Communication Filtering API for inline trunk coverage where the carrier sits outside the listed providers.
Diopter is built so an MSP can stand it up across a book of clients without enterprise-grade procurement on either side.
One operator view, every client.
Verdict thresholds and routing per tenant.
Packaged for MSP resale, not enterprise procurement.
Walkthrough · 30 min · NDA-safe
We'll replay a real deepfake incident through Diopter, frame by frame and signal by signal, and show what you would have caught and when.