The FBI has issued a critical alert regarding a sophisticated cyber campaign in which malicious actors are impersonating senior U.S. officials using AI-generated voice and text messages. According to an FBI alert, the campaign, active since April 2025, primarily targets current and former federal and state government officials and their contacts.
Attackers employ smishing (SMS phishing) and vishing (voice phishing) techniques, now augmented with AI-generated content, to deceive victims. By sending messages that appear to originate from trusted officials, they aim to establish rapport and subsequently direct targets to malicious platforms designed to harvest login credentials and personal information.
Once access is gained, attackers can exploit compromised accounts to further infiltrate networks, gather sensitive data, or impersonate contacts to solicit information or funds. The use of AI-generated voices and messages increases the plausibility of these scams, making them more challenging to detect.
"These AI-driven impersonations are going to be used in an attempt to 'gum up the works' wherever and whenever possible," said Col. Cedric Leighton, CNN Military Analyst; U.S. Air Force (Ret.); Chairman, Cedric Leighton Associates, LLC. "These attacks started surfacing last year in ever-increasing numbers. They made their debut overseas and then seemed to migrate to the U.S."
"One of the most interesting AI-driven impersonation attacks involved Italian Defense Minister Guido Crosetto. A staunch supporter of Ukraine, Crosetto has often been the subject of vicious attacks from senior Russian politicians, including former Russian President Dmitri Medvedev," Col. Leighton added.
"But in February things took an interesting turn, when several senior Italian business executives from well-known firms like tire manufacturer Pirelli, fashion houses Prada and Giorgio Armani, as well as the Italian billionaire Massimo Moratti, who used to own the Inter Milan soccer club, were all contacted via phone by someone claiming to be Crosetto. Each executive was asked to provide ransom money that would be used to secure the release of Italians who were imprisoned or kidnapped in Iran and Syria. Italian media reported that at least Moratti actually transferred money in response to this fake request. When Defense Minister Crosetto found out about this vishing attack, he informed Italian law enforcement and posted about the incident on social media."
To mitigate the risks associated with this campaign, practitioners should:
-
Verify communications: Independently confirm the identity of individuals contacting you via new or unexpected channels before responding or taking action.
-
Scrutinize messages: Examine the content of messages for inconsistencies, unusual language, or requests that deviate from standard protocols.
-
Educate staff: Conduct training sessions to raise awareness about smishing, vishing, and AI-generated impersonation tactics.
-
Implement Multi-Factor Authentication (MFA): Ensure that MFA is enabled across all accounts to add an additional layer of security.
-
Report suspicious activity: Encourage reporting of any suspicious communications to appropriate security teams and to the FBI's Internet Crime Complaint Center (IC3).
The FBI's IC3 released its 2024 Internet Crime Report earlier this month, announcing a record-breaking year in cybercrime. The report highlights a staggering $16.6 billion in reported losses, a 33% increase from 2023, underscoring the escalating threat landscape faced by individuals and organizations alike.
"Basic protections like MFA and annual awareness training are no longer enough to prevent this surge in AI-driven impersonation attacks. The threat surface is evolving faster than ever, and AI is fundamentally reshaping how risk is created, exploited, and managed," said David DellaPelle, CEO & Co-Founder of Dune Security.
"These new social engineering tactics don't rely on mass emails. They're polished, personalized, and often indistinguishable from legitimate messages. Traditional Security Awareness Training is unable to keep up with these AI supercharged deception techniques—and as a result, organizations are more vulnerable than ever."
Some additional thoughts from Col. Leighton:
- "While the FBI is focusing on the use of AI to impersonate high-level U.S. officials, senior business leaders are not immune. In another case involving Italian targets, a senior executive of exotic car maker Ferrari received a WhatsApp call last summer purporting to be from his CEO Benedetto Vigna. The person claiming to be Vigna told the Ferrari executive that he needed a substantial sum of money to be transferred because of a pending 'hot deal' in China. Because the caller was using a phone number not associated with Vigna and there were other aspects of the call that didn't seem quite right, the Ferrari executive asked the caller what book he had recommended to him the week before. When the caller claiming to be Vigna couldn't answer that question he hung up, and Ferrari escaped becoming a victim to the scam."
- "AI-driven attacks impersonating senior U.S. officials are taking center stage in the wake of the so-called 'Signal-gate' scandal, in which high-level Trump Administration officials shared obviously classified information via the encrypted, but unclassified Signal app. If a sophisticated foreign signals intelligence service was able to intercept any calls or texts within chat groups used by these officials, they could exploit the data they gathered not just for the raw intelligence information they contained, but also for the syntax and linguistic style used by the members of these chat groups. That would make any smishing or vishing attacks against any subordinate officials even more convincing—and that would increase the likelihood that such attacks would ultimately compromise information of intelligence value and, potentially, alter military attack plans or negotiating strategies."
- "Attacks of this nature are nothing short of a 'clear and present danger' to our military and intelligence operations, as well as to the conduct of our foreign policy. They are also a 'clear and present danger' for business executives at all levels. Authentication of the identities of the people we communicate with has now become an absolute imperative."
Related: Federal authorities are investigating a sophisticated impersonation scheme targeting White House Chief of Staff Susie Wiles. An unknown individual, suspected of using AI-generated voice technology, contacted prominent Republicans and business leaders, falsely claiming to be Wiles. The impersonator reportedly gained access to Wiles's personal phone contacts and made unusual requests, such as compiling lists of potential presidential pardon recipients and soliciting cash transfers. The FBI has stated that no foreign actor appears to be behind the effort, and cybersecurity remains a top priority.
"The fact that White House Chief of Staff Susie Wiles has also reportedly fallen victim to an AI-enabled impersonation scheme is particularly troubling. Apparently, her personal phone was hacked during the 2020 Presidential campaign, potentially by Iranian intelligence," Col. Leighton added. "That compromised her contact list, which provided contact information for some of the most important political officials in the US. Our political operatives need to get a better handle on securing their devices--and they need to do that now."
