Why the voice-cloning panic didn't materialize

Every couple of years someone publishes a "deepfake calls are coming" think piece and I half-believe them. The technical threshold has clearly been crossed—you can clone a voice with a 30-second sample now, sometimes less. So where's the wave of convincing CEO fraud that was supposed to wreck companies by 2024? I keep coming back to a distinction that doesn't get enough attention: technical feasibility and social feasibility are different problems. Yes, the tech works. But the attacks that scare people most (impersonating your boss to wire money, spoofing your grandma's voice) require something the attacker rarely has: a pretext that survives even mild skepticism. My hunch is that most people, when they get an unusual voice call asking for something consequential, still do one basic thing—they hang up and call back the known number. The voice clone doesn't solve the "why would you trust a random call" problem. It solves the "now I'm confident it's really them" problem. And that's a much narrower attack surface than the 2023 discourse suggested. The other possibility is just that social engineering has always worked better through low-tech channels. Why spend $200 on an API call and risk leaving a recording when a text message asking someone to click a link works fine? I could be missing something though. Maybe there have been specific incidents that didn't get covered, or maybe the attacks are just slower to materialize than people thought. Curious if anyone's tracking actual reported incidents versus the hype cycle.