Phone scams take sinister twist as victims' voices cloned

Criminals are deploying artificial intelligence to clone victims' voices and authorize fraudulent direct debits, marking a dangerous evolution in phone-based fraud that primarily targets older people, according to new evidence from National Trading Standards. The sophisticated operation combines traditional deception tactics with cutting-edge technology to bypass security measures, leaving victims unaware that money is being siphoned from their accounts.

The scale of the problem is significant, with new data revealing that UK adults receive an average of seven scam calls or texts monthly. More than one in five (21%) report receiving scam communications most days, while nearly one in ten (9%) face them daily. National Trading Standards has blocked nearly 21 million scam phone calls and shut down 2,000 numbers in just six months through its intervention efforts.

Background and Context

The scam operation represents a concerning fusion of established fraud techniques with emerging AI capabilities. It begins with what appears to be an innocent 'lifestyle survey' phone call, designed to harvest detailed personal, health, and financial information from targets. This data collection phase enables criminals to develop convincing AI-generated voice clones that can simulate consent for financial transactions.

Operation Derdap, the enforcement initiative launched in 2022, has been tracking these evolving tactics since identifying that UK consumers were being cold-called and coerced into providing financial details, followed by continuous unauthorized payments. The operation's name underscores the systematic nature of these criminal enterprises, which demonstrate increasingly sophisticated methods of bypassing traditional security measures.

Key Figures and Entities

Louise Baxter MBE, Head of the National Trading Standards Scams Team, describes the development as "a deeply disturbing combination of old and new: traditional phone scams supported by disturbing new techniques." According to Baxter, criminals are exploiting AI not merely to deceive individuals but to manipulate legitimate systems into processing fraudulent payments. "This is no longer just a nuisance—it's a coordinated, sophisticated operation targeting some of the most situationally vulnerable consumers in society," she warns.

John Herriman, Chief Executive at the Chartered Trading Standards Institute (CTSI), emphasizes how voice cloning elevates scam calls to "a sinister new level, making it even harder for legitimate businesses and consumers to distinguish real interactions from fraudulent ones." Herriman stresses that while trading standards teams work to disrupt these operations, public awareness and reporting remain essential components of the defense strategy.

Legal and Financial Mechanisms

The fraud process unfolds in methodical stages. Initially, criminals gather sufficient audio samples and personal information to create convincing voice clones. These synthetic voices are then used to authorize direct debit arrangements with legitimate businesses and financial providers, who are deceived into believing they have received genuine consent. The harvested personal data also facilitates circumventing banks' security protocols, enabling unauthorized payment setups.

A related operation targeted elderly homeowners with a four-stage insulation scam. First, victims received cold calls claiming they qualified for government-backed insulation checks—despite 90% being registered with the Telephone Preference Service, which should prevent such marketing calls. Deception followed through avatar software with pre-recorded scripts and British accents to disguise the Indian call center origins. Subsequently, agents conducted home inspections and charged inflated prices, before victims were recontacted and falsely told their insulation was unsafe, requiring expensive removal.

National Trading Standards disrupted this particular operation after identifying a US-based voice call provider as the source of 300 million loft insulation scam calls since February 2025. By analyzing data from trueCall monitoring systems, investigators traced 78 new numbers to a single Voice Over Internet Protocol (VoIP) provider, leading to contract termination and industry alerts.

International Implications and Policy Response

The emergence of AI-assisted voice cloning in fraud schemes represents a significant challenge for international regulatory frameworks. As rapidly evolving technology outpaces existing protective measures, criminals exploit jurisdictional boundaries and the global nature of telecommunications infrastructure to continue their operations despite enforcement actions in individual countries.

The cross-border dimension of these operations necessitates enhanced international cooperation between trading standards organizations, financial regulators, and telecommunications providers. The case of the US-based VoIP provider facilitating UK-targeted scams illustrates how easily criminal operations can migrate between jurisdictions and service providers when disrupted in one location.

Policy responses must address both technological vulnerabilities and the protection of vulnerable consumers. Experts emphasize the importance of public education, regular monitoring of financial statements, and improved verification processes for telephone-authorized transactions. The situation highlights the urgent need for updated regulatory frameworks that can effectively address AI-enabled fraud while maintaining accessibility for legitimate business operations.

Sources

This report draws on information and statistics released by National Trading Standards, including details about Operation Derdap and enforcement actions between 2022 and 2025. Additional context comes from statements by Louise Baxter MBE, Head of the National Trading Standards Scams Team, and John Herriman, Chief Executive of the Chartered Trading Standards Institute.