Scammers are hijacking the voices and identities of senior U.S. officials, using slick text messages and unnervingly realistic AI-generated voice memos to fool targets, according to the FBI’s Dallas field office. The con starts with a friendly text to build quick trust, then shifts to encrypted apps or links designed to steal login credentials. Investigators say the operation has been running for months and is frequently hitting family members and close contacts of government officials.
The warning, posted by FBI Dallas on Facebook, tracks with a recent federal advisory from the IC3. That update notes the campaign has been active since at least April 2025 and that scammers are leaning on both smishing (malicious SMS) and vishing (AI-generated voice messages) to steal credentials or coax targets into handing over contact details. The advisory lays out specific red flags to watch for and urges anyone who suspects contact to report it to IC3 or their local FBI field office.
How the Campaign Works
According to Reuters, the fraudsters usually kick things off with a short, timely message that sounds like it came from someone who knows you. From there, they push hard to move the chat to an encrypted app or a webpage that quietly harvests usernames and passwords. The FBI and cybersecurity teams say advances in voice-cloning tech mean just a few seconds of audio can be turned into a creepily convincing impersonation. Once the criminals crack an account, they tap into trusted contact lists to expand the scam or start asking associates for cash or sensitive documents.
Who’s Being Targeted and Why
The operation is zeroing in on current and former senior federal and state officials, along with people in their orbit, because one compromised account can open doors into broader networks. Similar attempts have popped up elsewhere: AP News detailed a July scheme in which scammers tried to pass themselves off as Secretary of State Marco Rubio, prompting the State Department to send warnings to embassies and consulates worldwide. Agencies caution that even clumsy or awkward messages can do real damage if recipients click a link or share authentication codes.
Tips to Spot and Stop the Scam
The playbook for self-defense is refreshingly low-tech. Instead of replying to an out-of-the-blue text, independently look up a verified phone number or email and call back through that channel. Do not tap links in unsolicited messages, no matter how official they look. The IC3 advisory also recommends turning on multi-factor authentication, never giving out two-factor codes, and setting up a shared secret word or phrase with family, colleagues, or staff to confirm identities on the fly. If you think you were targeted, officials ask that you file a report with IC3 or your local FBI field office and preserve screenshots and related messages to forward to [email protected].
Resources and What Agencies Recommend
Federal cyber guidance stresses training, phishing-resistant multifactor authentication, and rigorous link hygiene as the backbone of digital defense, according to CISA. Independent coverage has highlighted the escalating arms race between deepfake tools and the systems built to detect them, underscoring that technical safeguards still need human judgment alongside them (Ars Technica). Local security teams often boil it down to a simple rule: hang up, verify, and do not forward links from unfamiliar or unexpected messages.
As AI voice-cloning keeps getting sharper and cheaper, the FBI’s bottom line is straightforward: treat surprise messages, even from names and faces you recognize, with healthy skepticism. When something feels off, use a trusted phone number or official office channel to confirm who is really on the other end before you click, reply, or share a single code.
