When DMARC enforcement was weak, the easiest path into an organization’s finances ran through email. A spoofed message from “[email protected]” landed in the inbox, the employee wired the money, and the attack was complete. Google and Microsoft hardened those entry points. DMARC with p=reject closed the spoofing window. Now, according to Google’s June 2026 Fraud and Scams Advisory, attackers have found a new path – and it does not go through email at all.
The Google June 2026 Advisory
Google’s latest fraud advisory, released this month, documents a significant surge in what its analysts describe as AI-powered multi-modal fraud. The defining characteristic of this attack category is the combination of multiple communication channels – email, voice calls, and video meetings – layered in sequence to build cumulative credibility before requesting a financial action.
The advisory specifically highlights government and executive impersonation campaigns that open with an email, then follow up with a voice call, and sometimes escalate to a video meeting where every face on screen is a deepfake generated in real time. These attacks are not experimental. They are the dominant form of business email compromise in Q2 2026.
The Direct Consequence of DMARC Success
The shift to voice and video is not coincidental. It is the direct consequence of DMARC enforcement becoming meaningful.
When the email spoofing channel was open, attackers used it. A message from a lookalike domain or a spoofed internal address required minimal infrastructure and, if the victim organization had no DMARC record at p=reject, faced no technical barrier to inbox delivery. The attacker needed only a convincing lure.
As Gmail, Microsoft, and Yahoo moved from warning to rejection for DMARC failures, and as enterprise email security platforms added enforcement layers, the spoofed email as a primary delivery mechanism became unreliable. Attackers adapted. They registered lookalike domains – executablefinance.com instead of examplefinance.com – to send emails that technically pass DMARC because they come from a domain the attacker controls. Then they added voice cloning to establish the second contact that makes the financial request feel authenticated.
How the Attack Chain Works
The modern deepfake BEC attack runs in three stages.
First, the attacker sends an email from a lookalike domain. The message is AI-written to closely match the target executive’s communication style, references real internal context harvested from public sources, and creates urgency around a wire transfer or vendor payment update. Because the domain is one the attacker registered and configured, it passes SPF, DKIM, and DMARC checks – the authentication stack covers the sending domain, not whether that domain belongs to who it claims to represent.
Second, within hours, the targeted employee receives a phone call. The caller’s voice sounds exactly like the CFO, the CEO, or the procurement head – because it is cloned from earnings call recordings, conference keynote speeches, or podcast appearances available online. A voice can be cloned from as little as three seconds of audio, and commodity tools on criminal markets can produce a clone for under $20.
Third, in some variants documented by Google and CybelAngel, the attackers escalate to a video call. The employee joins what appears to be an emergency meeting. Every face is a real-time deepfake. The “CFO” confirms the wire transfer request. The “legal counsel” explains the urgency. The employee approves a payment they believe to have been authorized by their organization’s leadership.
The Financial Scale
Industry data from 2026 makes the impact concrete. AI deepfakes now drive 40% of BEC attacks, compared to under 5% in 2023. The average per-incident loss from an AI-augmented BEC attack exceeds $4.1 million – more than three times the $1.3 million average for traditional phishing. AI-powered fraud overall surged 1,210% in 2025, with projected losses reaching $40 billion globally by 2027.
One criminal network documented in 2026 threat reports stole $25 million across multiple organizations by cloning executives’ voices to authorize fraudulent wire transfers. A finance employee at a multinational joined what appeared to be a Teams call with the CFO and three colleagues. Every participant was a deepfake. The employee approved a $4 million transfer.
What DMARC Does and What It Cannot Do
Understanding this attack chain matters because it clarifies what DMARC protects and where its scope ends.
DMARC protects the organizational domain. If a message claims to come from [email protected], DMARC with p=reject will reject it unless it was actually sent by an authorized mail server for yourcompany.com. That protection is real, important, and prevents the simplest form of domain spoofing at scale.
What DMARC cannot do is protect against a different domain. A message from [email protected] is not a DMARC failure – it is a DMARC pass on a domain the attacker registered. Lookalike domain attacks bypass DMARC by design. DMARC also has no authority over telephone calls, video conferencing software, or any communication channel that does not involve sending email from the protected domain.
The implication is not that DMARC has failed. The implication is that attackers have moved to channels where it cannot follow, and organizations need to understand that boundary clearly.
The Full Defense Stack
The response to AI-powered multi-modal BEC has to operate at multiple layers simultaneously.
The email layer remains where DMARC lives, and it remains essential. Enforcing p=reject, monitoring aggregate reports for unauthorized sending sources, and implementing BIMI to signal verified sender identity in the inbox are all necessary steps. A domain without DMARC enforcement is still a trivially exploitable spoofing target. Closing that door forces attackers to invest more heavily in the lookalike and voice layers, which is harder and more expensive for them.
Beyond email, organizations need real-time deepfake detection at the voice and video layer. Google’s own deployment of on-device AI detection for synthetic voices on Android – announced as part of its response to the surge in cloning fraud – signals that this capability is moving from security lab to consumer product. Enterprise equivalents are available now.
Verification protocols matter independently of detection technology. A finance employee who receives an urgent wire transfer request by email, confirmed by a phone call, should have a pre-established out-of-band verification process: a callback to a known number, a pre-agreed code word, a ticketing workflow that requires a second approver. These controls stop deepfake BEC at the human layer regardless of how convincing the synthetic voice or video is.
Domain monitoring – watching for newly registered lookalike domains that could be used in the email-first phase of the attack – provides early warning before the full attack chain is assembled. Takedown services can disrupt attacker infrastructure at the point of registration.
Google’s June 2026 advisory names the threat; the data names the cost. Email authentication is the essential foundation that forces attackers out of the easiest channel. Building on that foundation with verification protocols and detection tools is what stops them in the harder ones. Protect your domain with enforced DMARC and visible sender identity – sign up for free to Excello Mail and secure the email layer today.