As artificial intelligence technology advances, scammers are finding new ways to exploit it, including one unsettling tactic: cloning voices. This means that fraudsters can now imitate the voices of trusted contacts, like colleagues or supervisors, to trick people into sharing sensitive information. These calls sound alarmingly real, and people have already been fooled by them.
To help your business stay safe, we’re sharing a simple solution: use a “safe word” system to verify phone requests for sensitive information. Here's how it works and how your team can implement it safely.
What’s a “Safe Word,” and Why Should You Use One?
A “safe word” is a predetermined code that only trusted parties know, allowing you to verify the identity of a caller making an unusual or sensitive request. If a caller can’t provide the correct word or phrase, treat the call as suspicious and investigate further. This simple practice can be an effective safeguard against voice-cloning scams.
How to Implement a Safe Word System Without Giving Scammers a New Tool
1. Share the Concept Internally, Not the Details
Start by educating your team on why voice-cloning scams are a real risk and explain that a safe word can help confirm requests. However, avoid sending the actual safe word in general emails or public messages. Instead, introduce the concept in a secure, private setting, such as a team meeting or internal memo that’s not accessible externally.
2. Assign Safe Words Individually
For added security, give each team member a unique safe word or phrase, rather than using a single word across the organization. This way, if a scammer manages to guess or discover one person’s word, the rest of the team remains protected. You could also assign different words based on department or role, making it even harder for scammers to exploit.
3. Communicate Safe Words Securely
When sharing a safe word with a team member, do so in a secure, one-on-one setting. This could be an in-person conversation, a private message on a secure internal platform, or an encrypted chat. Make sure team members know not to write down the safe word in places where it could be easily seen or accessed.
4. Encourage Second-Chance Verification
While a safe word is a great first line of defense, remind your team that they should also verify sensitive requests through a second method whenever possible. For instance, if someone receives a phone request for a financial transaction, they can confirm it through a company messaging app or by checking directly with the person making the request.
5. Regularly Update Safe Words
For ongoing protection, make it a practice to update safe words periodically or after any security incident. This way, even if a word is somehow exposed, your system isn’t compromised for long.
Staying Ahead of the Scammers
With AI making it easier for bad actors to impersonate trusted voices, it’s crucial to stay vigilant. Implementing a safe word system may seem simple, but it can be a powerful defense against increasingly believable scams. By educating your team and keeping your safe word system secure, you’re putting a strong barrier between your business and the latest tricks in the scammer’s playbook.
Stay safe, stay savvy, (and not just a little paranoid!), and encourage your team to remain cautious. A little prevention goes a long way in protecting your business!
