Related
Criminals impersonate senior US officials in messaging scams
10 minute read
The FBI warns that cybercriminals continue to impersonate senior US state government, White House, and Cabinet-level officials, as well as members of Congress, to target victims, including officials’ family members and personal acquaintances, using text and AI-generated voice messages.
The malicious campaign dates back to 2023, with crooks opting for smishing (sending fraudulent text messages appearing to come from reputable sources) and vishing (making phone calls or leaving voice messages appearing to come from reputable sources).
In this campaign, cybercriminals contact their victims to discuss a topic they’re familiar with and quickly request to move the conversation to a secondary, encrypted mobile messaging application.
Once that happens, threat actors continue the discussion in some of the following ways: talking about current events or bilateral relations, noting the victim is being considered for a nomination to a company's board of directors, or even proposing to schedule a meeting with the president of the US (or other high-ranking officials).
As part of the scheme, crooks also ask victims to provide an authentication code that allows the actors to sync their device with the victim's contact list, give personally identifiable information and copies of sensitive personal documents, such as a passport, wire funds to overseas financial institutions, or introduce the actor to a known associate.
The FBI notes that in most cases, the initial contact happens via SMS before moving to encrypted mobile applications, such as Signal, Telegram, and WhatsApp.
“Threat actors are continuing to perform successful social engineering attacks using deepfakes, and various groups are gaining more and more experience with these tactics over time. This is because it's possible to use AI voice cloning apps to make highly convincing impersonations of people with as little as a 30-second sample of their voice, which is easily obtained for public officials and corporate executives,” said Tom Cross, head of threat research at GetReal Security.
The FBI recommends to always verify the identity of the person you’re interacting with via text or phone by researching the originating number, organization, and/or person purporting to contact you. You can then independently identify the correct phone number and call the person to verify their authenticity.
Check the email address, messaging contact information, including phone numbers, URLs, and see if you notice any slight inconsistencies or spelling mistakes, which are common for cybercriminals.
If you receive images or videos, examine them for subtle body distortions, unrealistic facial features, accessories, watermarks, unnatural movement, or voice call lag time. You should also pay close attention to the tone and word choice.
When in doubt, contact your relevant security officials or the FBI for help.
“Executives should consider verifying the identities of people they are interacting with over the phone, even if they think that they recognize their voices. It can also be useful to move conversations from phone messaging apps to corporate video conference platforms, where it is possible to record suspicious calls, and enable deepfake detection tools,” Cross adds.
As a rule of thumb, never provide sensitive information or an associate's contact information to people you don’t personally know. Do not click any links, download files, or share authentication codes when the source is not known. As always, don’t send any money or wire funds to people you do not know – and if the request comes over text or phone from someone you do know, contact them independently to verify.