The U.S. Postal Inspection Service issued a fresh consumer warning on April 25, 2026, telling Americans to expect a wave of fraud built on cloned voices, AI-generated photographs and machine-written text messages designed to imitate someone they trust. That alert arrived nine days after Senator Maggie Hassan demanded internal safety records from four leading voice cloning vendors. Federal officials say the schemes are working because three seconds of audio is now enough to fake a relative’s voice with roughly 85 percent accuracy.
Chief Postal Inspector Gary Barksdale, in the agency’s consumer protection bulletin, said: “From fake emails and texts to cloned voice messages, calls, and deepfake videos, today’s scammers have many tools at their disposal.”
What the USPS warning actually says
Postal inspectors describe a pattern that now repeats across romance scams, tech support pitches, fraudulent investment offers and family emergency calls. A target receives an urgent message from a familiar voice or face. The “relative” claims to be in jail, in a car wreck, or stranded abroad. Money has to move within minutes, usually by wire, gift card or cryptocurrency.
The agency’s red flags fall into three buckets. First, thin social media profiles with few friends, recent creation dates, and comments that read slightly off. Second, pressure to switch platforms, often to Telegram, WhatsApp, or a personal email address that does not match a company domain. Third, small visual or audio glitches, including poor lip sync, jerky motion, mismatched lighting, or a voice that drifts in pitch under stress.
Barksdale’s office advises consumers to ignore any solicitation demanding a quick decision or asking for cash, money transfers, or gift cards. Suspected mail fraud goes to 1-877-876-2455 or uspis.gov/report.
How AI voice cloning got so cheap
The economics shifted in 2023 and have only worsened since. McAfee researchers tested more than a dozen freely available cloning tools and found that three seconds of source audio produced a clone with an 85 percent voice match. With slightly more training data, accuracy climbed past 95 percent.
That math has consequences. A TikTok clip, a voicemail greeting, or a wedding speech posted on Instagram supplies enough raw material. Once a clone is built, the cost of generating an emergency call drops to fractions of a cent.
McAfee’s survey of 7,000 adults found one in four had encountered a voice clone scam, either personally or through someone close to them. Of those who received a cloned message, 77 percent lost money. Among the people who paid, 36 percent were out between $500 and $3,000, and 7 percent surrendered between $5,000 and $15,000.
Federal pressure on voice cloning vendors
Senator Maggie Hassan (D-N.H.) sent letters on April 16, 2026, to ElevenLabs, LOVO, Speechify and VEED, demanding written answers within thirty days. The five-page letters, posted by the Joint Economic Committee, ask each company whether it monitors for scam-related use, verifies speaker consent, blocks attempts to imitate public figures and minors, watermarks generated audio, preserves provenance metadata, and refers bad actors to law enforcement.
The pressure is bipartisan in origin. The Federal Communications Commission’s February 2024 declaratory ruling already classified AI-generated voices in robocalls as “artificial” under the Telephone Consumer Protection Act, making them illegal without prior express consent. That order followed a fake Joe Biden robocall sent to New Hampshire primary voters telling them to skip the election.
ElevenLabs, the largest of the four companies Hassan wrote to, responded through a spokesperson that the firm operates “a comprehensive set of safeguards to prevent misuse of our technology,” including blocks on celebrity voices and a mix of automated and human reviews. The company’s published safety policy requires a recorded passphrase to authorize a clone and embeds an inaudible watermark in every generated audio file. Outside the U.S., wireless carriers have begun bundling fraud screening directly into mobile plans, including a recent rollout of Vodafone’s AI scam call protection for UK customers.
The $893 million number buried in the FBI report
The FBI’s Internet Crime Complaint Center recorded $20.87 billion in cybercrime losses in 2025, a 26 percent increase over 2024. Tucked inside that figure, in the agency’s first dedicated AI section, sits an $893 million subtotal across 22,364 AI-fraud complaints. Voice cloning specifically accounted for more than $5 million in distress scams.
That $5 million figure understates the real toll. The bureau notes distress scams are systematically underreported because victims feel embarrassed and because the average loss (often a few thousand dollars) sits below most local police thresholds. Industry analysts cited by the Senate’s Joint Economic Committee project that generative AI could enable up to $40 billion in U.S. fraud losses annually by 2027.
The safe word defense
The single defense AI cannot defeat is information that does not exist online. The National Cybersecurity Alliance’s safe-word guidance recommends a four-word nonsense phrase agreed in person and never written in a text, email, or social post. A scammer can clone a voice. The scammer cannot type a phrase the family invented at Thanksgiving dinner.
Compare three common verification options.
| Method | AI Resistance | Setup Cost |
|---|---|---|
| Caller ID match | Low. Spoofing is trivial. | None |
| Two-factor SMS code | Medium. Vulnerable to SIM swaps. | None |
| Family safe phrase | High. Requires private knowledge. | One conversation |
Choosing the phrase matters. Avoid pet names, street addresses, school mascots, or anything posted to a social profile. A nonsensical pairing like “blue toaster waffle” works because no scraper can find it. The same playbook now lands on small business owners, where the equivalent of a family safe word is a written wire-transfer escalation policy; practical guidance on tightening company digital security applies to phones as much as inboxes.
What to do if you have already sent money
Stop talking to the caller. Save every message, screenshot, and transaction record. Phone the bank or wallet provider to flag the transfer; many fraud teams can claw back wires within 24 hours of initiation.
File a report with the local police department, particularly if the loss exceeds the FBI’s IC3 minimum reporting threshold or if a threat was made. Mail fraud goes to U.S. Postal Inspectors at 877-876-2455 or uspis.gov/report. AI-specific complaints go to ic3.gov, which the bureau now tags separately for trend analysis.
Notify the impersonated person. Scammers often work a single voice across multiple targets, and a quick warning to extended family can stop the next call before it lands.
“From fake emails and texts to cloned voice messages, calls, and deepfake videos, today’s scammers have many tools at their disposal,” said Gary Barksdale, Chief Postal Inspector at the U.S. Postal Inspection Service.
Why the warning lands now
The April 25 USPS bulletin reached consumers in the same week the Senate Commerce Committee and the House Energy and Commerce Committee scheduled hearings on AI voice fraud. Hassan’s thirty-day clock on the four vendor letters runs out May 16, setting up the first public test of how voluntary safety policies hold up under federal scrutiny.
Until then, the practical defense is older than the technology that beat it. A code phrase. A second phone call to a known number. A pause before pressing send.
Leave a Comment