Here is what you need to know and act on. AI has made convincing fraud cheap and scalable, the most common form against businesses is impersonating someone in authority to trigger an urgent payment or data release, and the single most effective defense costs nothing: a verification rule that no money moves and no sensitive data leaves on the basis of a voice, a video, or an email alone, no matter who it appears to come from. Everything else in this article supports that one habit.
Small businesses tend to assume they are too small to target. The opposite is true. Criminals using AI can run thousands of attacks at once for almost nothing, which means they no longer need to pick big targets. They cast a wide net, and the businesses with the weakest verification habits are the ones that pay. You do not have to be rich to be a victim. You only have to be unprepared.
AI fraud against small businesses is real, growing, and indifferent to your size. The defining defense is a verification rule: no payment and no sensitive data release happens on the strength of a call, video, or email alone, ever, regardless of who it appears to be from. Add a code word for urgent money requests, turn on multi-factor authentication everywhere, and train your team to expect these attacks. Most of it is free.
The threat in plain numbers
The numbers from 2026 fraud research are not subtle. Deepfakes now make up 11 percent of all global fraudulent activity, a share that was negligible three years ago. AI-generated phishing emails achieve click-through rates more than four times higher than human-crafted ones, because the AI writes cleaner, more personalised, more convincing lures at scale. And the headline cautionary tale, the engineering firm Arup losing 25.6 million dollars to a single deepfake video call where an employee was convinced they were talking to senior leadership, shows the ceiling on what one well-made fake can cost.
Experian's 2026 fraud forecast named agentic AI, deepfake job candidates, and AI-augmented break-ins as top threats for the year. This is not a fringe concern raised by security vendors trying to sell you something. It is the documented direction of fraud, and it is moving toward smaller targets precisely because AI made attacking them cheap.
Why small businesses are the soft target
Three things make small businesses the preferred target for AI-powered fraud, and all three are fixable.
The first is thin defenses. Fewer than one in five organisations has deployed any form of deepfake-specific detection, and small businesses are heavily represented in the unprotected majority. Where a large company has a security team, a fraud department, and layered verification, a small business often has a founder, a bookkeeper, and a lot of trust. That trust is the vulnerability the attack is designed to exploit.
The second is culture. Smaller teams are far more likely to take a the-boss-called-just-do-it approach than a verification-heavy enterprise process. In a five-person company, when the owner appears to call and ask for an urgent transfer, the instinct is to act, not to question. That instinct, normally a strength in a tight team, is exactly what the scam weaponises.
The third is the broader exposure. 88 percent of ransomware breaches now hit small and mid-sized businesses, and a growing share of those incidents start with an AI-augmented social engineering call rather than a malware-laden attachment. The attack has moved from the technical layer, where firewalls help, to the human layer, where only habits and verification help. Small businesses have under-invested in the human layer because, until recently, they did not have to. Now they do.
How the boss-impersonation scam works
The mechanics are worth understanding because understanding them is most of the defense. The classic version, sometimes called the deepfake boss scam or CEO fraud, runs in a predictable sequence.
First, the attacker gathers material. Your company website, LinkedIn, social media, podcast appearances, and conference talks give them photos, voice samples, names, reporting structures, and writing style. A few minutes of your voice from a webinar is enough to clone it. Public org charts tell them who reports to whom and therefore who can be pressured by whom.
Second, they manufacture urgency and authority. The bookkeeper gets a call, or increasingly a video call, that looks and sounds like the owner, saying there is an urgent confidential deal, a vendor that must be paid in the next hour, a wire that has to go out before a deadline, and absolute secrecy is required. The combination of a trusted face, an urgent deadline, and a request for secrecy is engineered to short-circuit the verification instinct.
Third, they extract the payment or the data before anyone steps back to verify. The whole attack is a race against the moment of doubt. Everything in it, the cloned voice, the manufactured urgency, the demand for secrecy that prevents the victim from checking with a colleague, exists to get the money moved before the victim thinks to pick up the phone and confirm through a known channel. Break that race, and the scam fails.
The four attacks hitting SMBs now
Four variants account for most AI-powered fraud against small businesses in 2026.
Voice cloning, where a few seconds of your voice from any public recording is used to make a phone call that sounds exactly like you, asking a staff member to move money or share credentials. This is the cheapest and most common attack.
Deepfake video calls, the Arup-style attack, where the fraudster appears on video as a known executive. More effort to produce, far more convincing, and used for the high-value targets where the payoff justifies the work.
AI-written phishing, where the language model produces flawless, personalised emails that reference real projects, real colleagues, and real context scraped from public sources, achieving the four-times-higher click rate. The misspelled, generic phishing email of the past is gone.
Deepfake job candidates, flagged by Experian as a rising 2026 threat, where fraudsters use AI-generated identities and even deepfake video in interviews to get hired, gain insider access, and then exfiltrate data or funds from inside. For a small business hiring remotely, this one is genuinely hard to spot without a verification process.
The verification habit that stops most of it
The single most powerful defense is free, low-tech, and stops the large majority of these attacks. It is a verification rule, written down and made non-negotiable: no money moves and no sensitive data leaves the business on the basis of a voice, a video, or an email alone, regardless of who it appears to come from, full stop.
In practice, this means any request to transfer money, change banking details, or release sensitive data must be confirmed through a second, independent channel before action. If the owner calls asking for an urgent wire, the bookkeeper calls the owner back on the known, saved number, or confirms in person, or messages on the established internal channel, before moving a cent. The attacker controls the channel they contacted you on. They do not control your verification channel. That gap is where the scam dies.
Add a code word for urgent financial requests, a simple shared secret that a real executive will know and a deepfake will not. When an unexpected urgent money request comes in, the staff member asks for the code word. It feels slightly silly and it works, because no amount of voice cloning or video deepfaking gives the attacker a word that was never said in public. Make using it mandatory for any out-of-pattern payment, and make clear that no real leader will ever be annoyed at being asked. The annoyance of a five-second check is nothing against the cost of a wire you cannot claw back.
The technical defenses worth setting up
Verification habits are the core, but a few technical controls raise the floor and are worth the modest effort.
Turn on multi-factor authentication everywhere, especially email, banking, and any system that touches money or customer data. Most account takeovers that enable these scams start with a compromised password, and multi-factor authentication stops the large majority of them. It is the highest-return security action a small business can take, and it is usually free.
Lock down your payment process with dual authorisation for transfers above a threshold you set, so no single person, and therefore no single deepfake-fooled person, can move significant money alone. Require two people to approve a wire over, say, a few thousand dollars. The attacker would have to fool two people through two independent channels, which is dramatically harder.
Establish a verification process for new hires and vendors, given the deepfake-candidate and vendor-impersonation threats. Confirm new vendor banking details through a known contact, not the details in the email requesting the change. Verify remote hires with steps that a deepfake cannot easily pass. These are not expensive; they are mostly a matter of deciding to do them and writing them down.
Training your team without scaring them
Your team is both the target and the defense, and how you train them determines which. The goal is not to make them paranoid. It is to make verification a normal, expected, blameless part of how money and data move.
Tell them plainly that these attacks exist, that they are convincing, and that falling for a well-made deepfake is not stupidity, it is the expected result of a sophisticated attack. The fear of looking foolish is what keeps victims from verifying and from reporting. Remove the shame and you remove the attacker's biggest ally. A team that knows the boss would rather be verified than obeyed is a team that is hard to scam.
Run one simple drill. Walk through the scenario out loud: the urgent call from the owner, the request for secrecy, the deadline. Agree as a team exactly what happens next, which is the callback on the known number and the code word. A team that has rehearsed the response once will execute it under pressure. A team that has never discussed it will freeze and comply. The drill takes fifteen minutes and is the difference between a near-miss and a loss.
Your one-page protection plan
Everything above condensed into what to actually do, in order. First, write the verification rule: no money or sensitive data moves on a voice, video, or email alone, confirmed through a second channel every time. Make it policy today.
Second, set a code word for urgent financial requests and tell everyone who handles money. Third, turn on multi-factor authentication on email, banking, and money-touching systems this week. Fourth, require dual authorisation for transfers above a threshold. Fifth, verify new vendor bank details and new remote hires through known, independent channels. Sixth, spend fifteen minutes running the scenario drill with your team so the response is rehearsed.
None of this requires buying a product or hiring a security firm. It requires deciding that your business will not be the soft target, and installing the habits that make the attack fail. The criminals are betting that you are too small to have prepared. The entire defense is proving that bet wrong. In an era where a convincing fake of your voice costs a scammer almost nothing, the businesses that survive are the ones that decided, in advance and in writing, that a familiar voice is not enough to move their money.
Sources
- Sumsub — Fraud Trends 2026: AI Scams, Deepfakes, and Emerging Threats
- Experian — New fraud forecast warns agentic AI, deepfake job candidates and cyber break-ins are top threats for 2026
- Bitdefender — The Deepfake Boss Scam: How to Verify Requests Before It's Too Late
- Rockfort Global — Deepfake Scams and AI Fraud: The New Cyber Threat to Businesses in 2026
- Vectra AI — AI scams in 2026: how they work and how to detect them
- FF News — Fraud Trends 2026: AI Scams, Deepfakes, and Emerging Threats
- Jazz Cyber Shield — Deepfake Phishing Attack 2026: How to Defend Your Business Now
- Brave New Coin — Fraud Trends 2026: AI Scams, Deepfakes, and Emerging Threats