5 September 2025
A report released by the Identity Theft Resource Centre earlier this year revealed there was a 148 per cent spike in impersonation scams between April 2024 and March 2025.
No, that wasn’t a typo, it really is that high.
Scammers are working extremely hard to find new and creative ways to get under your firm’s skin.
If your people are not up to speed on the tricks criminals are using this year, you are leaving the door wide open to the kind of sophisticated scams that keep partners awake at night.
What’s in the new playbook for scammers in 2025?
Technology developments have given fraudsters the dream toolkit.
While you and your colleagues might be using AI to tidy up a client briefing or even to see what your dog would look like giving a keynote speech, criminals are busy using the same technology to manipulate and deceive.
We are seeing websites that look completely professional, chatbots that chat like real people and emails that could pass for a colleague dashing off a quick note between meetings.
Phone calls have become even trickier. Scammers are cloning voices so convincingly that you could swear it was your managing partner on the line.
Some are even turning up on video calls wearing computer-generated faces that would fool anyone on a busy Monday morning.
This is no longer about spotting spelling mistakes or suspicious Gmail accounts. These attacks are designed to bypass instinct and exploit trust.
How can you protect your firm against AI impersonation scams?
The rise in impersonation scams is worrying, but your firm is not powerless. Frausters may have the tech, but you have the brains and the processes to combat them.
The most effective defence is to make sure your people know what to expect and feel confident enough to pause when something doesn’t look or sound right (and even when it does).
That starts with training. If your team understand the tricks scammers are using now, they are far more likely to spot the red flags.
Running practice scenarios also helps. It is one thing to read about a scam in theory. It is quite another to feel the pressure of what looks like a genuine client request and then learn how to handle it in the moment.
Controls around money are still very much necessary. If a single phone call or email is enough to move funds, we’re sure we don’t have to tell you that you’re playing a very risky game.
A second check or an independent sign-off is often a simple but effective way to slam the brakes on fraud.
Creating an environment where hesitation is encouraged can also be the difference between avoiding a scam and falling victim to it.
If a junior lawyer or accountant feels uneasy about a request but is worried about looking silly by raising it, the scammers win.
Your people need to know it is safe to stop, to question, and to ask for advice.
Stops scammers in their tracks
One of our most popular courses is our new three-module Cyber Security Awareness training course.
Tailored for professional services firms, this training helps you reduce risk, protect client data, and build a cyber-aware culture across your organisation.
We also offer a short refresher module for individuals who have already completed their certification and simply need a quick update. You can never be too careful.
AI itself is not the enemy. The way criminals use it is. Impersonation scams are growing fast because they are working. So get training!