Recent reports have highlighted that artificial intelligence-driven voice cloning continues to be used to impersonate high-ranking U.S. government officials. Tactics have become increasingly sophisticated, involving the use of encrypted messaging apps and deepfake technologies. Individuals and organizations are facing heightened risks of scams and data theft, prompting new guidance from authorities. The persistent nature of these schemes underlines growing concerns about the security of digital communications and the ability of technology to spread disinformation. Digital impersonation now presents a significant challenge to maintaining trust and verifying identities online.
Earlier communications from law enforcement described these scams as relatively recent, but updated information confirms they have been underway since 2023. Recent updates outlined that threat actors have not only impersonated sitting government officials but extended their reach to associates and family members of their targets. Newer warnings build on reports from 2024, which detailed a deepfake video incident involving a former State Department spokesperson, and a 2025 cable to diplomats alerting to impersonation attempts of Secretary of State Marco Rubio. These developments illustrate an increase both in the frequency and complexity of attacks compared to prior efforts, signaling a shift in how technology is leveraged for such campaigns.
How Are AI Voice Cloning and Encrypted Apps Used?
The FBI has observed malicious actors combine AI-powered voice cloning with encrypted messaging platforms such as Signal, WhatsApp, and Telegram to carry out their schemes. Attackers typically contact victims first through SMS, introduce themselves as officials, and then persuade the targets to move the conversation to a more secure platform. Officials have highlighted how this progression can disarm potential victims due to the realistic impersonation and familiar technological context.
“Actors make initial contact using SMS, then transition to encrypted apps and use advanced voice cloning to deceive targets,”
stated a representative of the FBI.
What Do Impersonators Try to Obtain from Victims?
Once communication shifts to encrypted channels, the impersonators engage in conversations designed to build credibility, sometimes referencing topics the victim is knowledgeable about. Proposals may include nominal invitations to meet with former President Trump or suggestions of placing the victim on a company board. These ploys typically culminate in requests for personal data, such as passport photos or access to device contact lists, or encouraging wire transfers, all posed as necessary for “vetting” or facilitating the next steps. The contact list is especially valuable, as it enables further impersonation using the victim’s network.
“Accessing a victim’s contact list allows additional rounds of deceit, targeting new individuals linked to the original victim,”
the FBI explained.
How Far Have These Campaigns Reached?
Evidence confirms these campaigns have reached into the highest levels of U.S. government, including those connected to the White House, Cabinet, and Congress. The tactics have proven effective not only with officials themselves, but also with their acquaintances and family. In some cases, public figures have had their identities faked in both text and audio, creating confusion and potential diplomatic friction. Law enforcement emphasizes the need for heightened awareness around unsolicited communications, particularly those requesting sensitive information or urging private conversations on encrypted platforms.
Heightened attention from agencies like the FBI and the State Department reflects the shift in adversarial methods, calling for more advanced detection and verification protocols. Individuals and organizations are advised to scrutinize communications for inconsistencies, to independently confirm identities, and to be cautious about sharing personal details, especially on platforms popular for secure or private discussions. As AI voice cloning tools become more widely available, these impersonation tactics are expected to persist, targeting both high-profile and everyday users. Understanding these methods is critical for strengthening collective cybersecurity and digital literacy in the face of such evolving threats.
