I almost got fooled by an AI yesterday. The voice on the other end of the phone was supposed to be my wife.
I want to break from the regular cadence of these posts to talk about something that happened to me directly, because I think the version that almost happened to me is going to happen to a lot of people over the next year, and I want everyone reading this to know how to protect themselves and the people they love.
Here is what happened.
My phone rang. The caller ID said it was my wife Katie. I picked up. The voice on the other end sounded like her. Same cadence. Same warmth. Same little vocal tics I have been listening to for years. We were a few sentences into the conversation when something in the back of my mind started to register. Something was slightly off. Not the voice exactly. The voice was right. It was something in the rhythm of how the conversation was unfolding. The way she was steering the call toward a specific request. The way the request itself sat at the edge of plausibility. Close enough to real that I almost did not catch it. Far enough that my instincts started to flicker.
I asked one question.
Katie and I have an agreement. We have a word. A specific word, known only to us, that either of us can ask the other to say in any situation where there is doubt about who is actually on the other end of a communication. The word is not based on shared knowledge that someone could figure out from social media. It is not the name of our first pet or the street we grew up on or anything that could be reconstructed from public information. It is a word we picked together for exactly this purpose, and we are the only two people in the world who know it.
I asked the voice on the other end of the phone what the word was.
The voice did not know.
I hung up. I called Katie directly on a different line. She had not called me. She had not even had her phone in her hand at the time the call came in. The number that showed up on my caller ID had been spoofed. The voice that sounded like her had been generated. The conversation I had been about to fall into had been entirely manufactured.
Why is voice cloning able to fool people now?
Voice cloning has crossed the threshold from research demo to mass-deployable tool in the last 18 months. The cadence is right. The vocal tics are right. The personality on the other end of the call is good enough to fool people who have been listening to that voice for decades. The version of voice AI being deployed by scammers is now as sophisticated as the version being deployed by legitimate businesses.
I am writing this post not because what happened was unique to me, but because the technology that made it possible has now reached a level where it is going to happen to many of you, and the people you love, in the coming year. The same underlying technology, pointed in two opposite directions, with two opposite intentions, and with two opposite ethical frameworks behind it.
I want to be clear about what I am not saying.
I am not saying the technology is bad. I have spent years now writing and talking about how AI is going to compress the friction inside knowledge work and create real economic value for the operators who learn to use it. I still believe all of that. The same voice technology that fooled me on the phone yesterday is the technology that helps physicians document patient visits, helps drivers operate hands-free in their cars, and helps real estate agents complete transaction forms by speaking naturally. The technology itself is neutral. The question is always who is wielding it and what they are trying to do with it.
What I am saying is that the same technology in the wrong hands is now capable of impersonating the people closest to you well enough to defraud you in real time, and the protection against that impersonation cannot be technological. It has to be human. It has to be a shared secret. It has to be something that lives outside the data trail of your life and inside the trust between you and the people you care about most.
What is the secret-word protocol?
The secret-word protocol is a single pre-agreed word, known only to you and the person you trust, that either of you can ask the other to say whenever there is doubt about who is on the other end of a communication. It is arbitrary, not derivable from anything public, never written down in a place that can be accessed, and never spoken in front of anyone else. When something feels off on a call, you ask for the word. If the voice cannot produce it, the call is not who it appears to be.
That is why Katie and I have a word.
If you have ever had a conversation with anyone you love through any digital channel, you should have a word too. Pick it together. Make it something arbitrary, not derivable from anything public. Do not use it in conversation in front of anyone else. Do not write it down in a place that can be accessed. Do not text it back and forth. Memorize it. Use it only when one of you needs to verify that the voice or the face on the other end is actually the person it is supposed to be.
Then commit to the practice of using it whenever something feels even slightly off.
That practice is going to feel awkward at first. It is going to feel paranoid. It is going to feel like overkill. The first few times you ask your spouse or your parent or your adult child to say the word, it is going to feel like you are accusing them of being fake. Do it anyway. The awkwardness of asking is a fraction of the cost of being wrong. The pattern of always asking when in doubt will save people you love from financial loss, emotional manipulation, or worse, in a window of time that is going to expand a lot before it contracts.
When should you ask for the word?
Ask for the word in any conversation where the request being made of you carries financial, emotional, or operational consequences and the framing of the request is designed to bypass your normal verification instincts. Specifically: a call from a family member saying they are in trouble and need money urgently, a video call where someone you know asks you to share personal information you would not normally share in writing, a voice message from an executive at your company asking you to transfer funds or share credentials, a call from a child asking for help in a way that does not fit their normal pattern, or a call from a parent in distress when you know they should not be in distress.
If the person on the other end is who they say they are, they will respond to the question immediately and you will have spent half a second of friction to confirm something important. If the person on the other end is not who they say they are, the request will fall apart in real time and you will have protected yourself and the people you care about from a loss you would not have caught in any other way.
How does this apply to real estate transactions?
Real estate is one of the categories where this matters most. Real estate transactions involve large dollar amounts, multiple parties communicating across channels, and time pressure that scammers love to exploit. The wire fraud playbook in real estate has been built around exactly the kind of manufactured urgency that voice cloning is going to supercharge. A buyer gets a phone call from someone claiming to be their agent, with the agent's voice, asking for a last-minute change to the wiring instructions. A seller gets a call from someone claiming to be their lender, with that lender's voice, asking for confirmation of personal details before closing. A closing coordinator gets a call from someone claiming to be from the lender's office, with the lender's voice, asking for documents to be sent to a new email address.
All of these calls are now within the operational reach of any scammer with a few minutes of recorded audio from the target's social media, podcast appearances, voicemail greetings, or video content. Voice cloning has crossed the threshold from research demo to mass-deployable tool in the last 18 months. The fraud rates are about to climb in a way the industry has not yet planned for.
If you are an agent, broker, or lender reading this, the protocol is the same as the personal one. Establish out-of-band verification with every client. Pick a method of confirming identity that does not rely on the voice, the caller ID, or the email signature. Train your team to use it on every wire change, every document request that arrives in a non-standard way, and every conversation that involves money moving anywhere. Build the friction in by default. The cost of asking is nothing. The cost of not asking is going to be devastating for the agents, brokerages, and clients who get caught flat-footed when the wave hits.
The wave is going to hit. The only question is whether your family, your team, and your clients are ready for it when it does.
To everyone reading this, I am genuinely asking you to do this today. Not next week. Not when you get a chance. Today. Call the person you love most and pick a word together. Then commit to using it whenever something feels even a little bit off, on either end of any conversation. The protocol is simple. The protection is real. The cost of adopting it is approximately zero. The cost of not adopting it is going to climb every month as the technology gets better and the scammers get bolder.
Do not let the scammers win. The technology is going to keep getting better. Our defenses have to keep up. The defense is human. The defense is trust. The defense is a word, between you and the people you love, that nobody else in the world knows.
Have a word. Use it when you need it. Tell the people you love to have one with you.
That is the post. That is the entire ask.
Judd Hoffman is CEO and Co-Founder of Ethica AI, building AI-powered tools for real estate transaction workflows.
