FBI Warns Of Surging Use Of Vishing

Cybercriminals have been employing AI-generated voice messages to impersonate high-ranking US government officials in an ongoing effort to breach the online accounts of current and former officials, the FBI has warned.  

The FBI is issuing this announcement to warn and provide mitigation tips to the public about an ongoing malicious text and voice messaging campaign.  

“Since April 2025, malicious actors have impersonated senior US officials to target individuals, many of whom are current or former senior US federal or state government officials and their contacts. If you receive a message claiming to be from a senior US official, do not assume it is authentic,” the FBI advised.  

According to the agency, the campaign primarily targets current and former US federal or state government officials, as well as their associates. Once attackers gain access to a victim’s information, they can use it to impersonate additional officials or acquaintances, thereby expanding their reach.  

High-Profile AI Voice Scam Cases

AI-generated voice calls have been used in several high-profile attacks. In 2024, an executive at Ferrari thwarted a similar attack by questioning the impersonator about a book they had previously recommended.  

A British engineering firm, Arup, fell victim to scammers, paying out $25 million after fraudsters set up a false video call meeting to trick an employee.  Similarly, in 2019, a UK energy company suffered a loss of more than £200,000 due to AI-generated phone calls.  

How The Scam Works

 The FBI explained that these "smishing" (SMS phishing) or "vishing" (voice phishing) attacks rely on AI tools to generate realistic voices. "One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform," the FBI stated.  

Once a victim’s account is compromised, it can be exploited for further attacks, making the scam increasingly dangerous.  

Avoiding AI Scams 

The FBI highlighted that scammers use software to generate phone numbers that are not attributed to a specific device.   To stay protected, individuals should:  

  • Independently verify the identity of the caller through research.  
  • Check the caller’s correct number before responding.  
  • Scrutinise messages for inconsistencies before sharing any information.  

When assessing videos or images for AI manipulation, experts recommend looking for subtle imperfections, such as distorted hands or feet, blurred facial features, incorrect shadows, unnatural speech synchronisation, and other irregular movements.  

While these measures can help identify fraudulent content, the agency warned that AI-generated material has become so advanced that it is often difficult to detect.  

FBI's Safety Recommendations  

The FBI advised individuals to create a secret word or phrase to verify identity when communicating online. Additionally, people should:  

  • Avoid clicking on unfamiliar links or email attachments.  
  • Never send money, gift cards, or cryptocurrency to someone over the Internet or phone unless the recipient’s identity has been thoroughly verified.  

For further official guidance, visit the FBI’s Internet Crime Complaint Centre: HERE.

CNBC    |    SAN  |   ITPro  |   Reuters  |   CNN 

Image: Ideogram 

You Might Also Read: 

Deepfakes Are Making Business Email Compromise Worse:


If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Understanding Identity & Access Management
Japan Enacts Landmark Cyber Defence Legislation »

CyberSecurity Jobsite
Check Point

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Assure Technical

Assure Technical

Assure Technical offers a holistic approach to Technical Security. Our expertise and services span across the Physical, Cyber and Counter Surveillance domains.

Lares Consulting

Lares Consulting

Lares is a security consulting firm that helps companies secure electronic, physical, intellectual, and financial assets through a unique blend of assessment, testing and coaching.

CamCERT

CamCERT

CamCERT is the national Computer Emergency Response Team for Cambodia.

Materna Radar Cyber Security

Materna Radar Cyber Security

Radar Cyber Security is the only European supplier of Managed Detection & Response who provides its services based on inhouse developed technology.

Online Business Systems

Online Business Systems

Online Business Systems is an information technology and business consultancy. We design improved business processes enabled with robust and secure information systems.

Antiy Labs

Antiy Labs

Antiy Labs is a vender of antivirus engine and solution, providing the best-in-breed antivirus engine and next generation antivirus services for confronting PC malware and mobile malware.

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic (MyCSC)

MyCyberSecurity Clinic's main goal is toward establishing an international reference centre for excellence in the field of digital forensics and data recovery services.

Global Incubator Network Austria (GIN Austria)

Global Incubator Network Austria (GIN Austria)

GIN Austria is the connecting link between Austrian and international startups, investors, incubators and accelerators with a focus on selected hotspots in Asia.

Blackbird.AI

Blackbird.AI

Blackbird.AI provides an intelligence and early-warning system to help users detect disinformation and take action against threats.

International Association of Security Awareness Professionals (IASAP)

International Association of Security Awareness Professionals (IASAP)

IASAP provides a members-only virtual sharing platform where security awareness professionals engage in a lively, year-round exchange of information and ideas.

Cranfield University

Cranfield University

Cranfield Defence and Security are at the forefront of their fields, offering capabilities ranging from cyber security and digital warfare to robotics, forensic sciences and simulation and analytics.

HighGround

HighGround

HighGround offer a Cyber Security Solution for everybody, regardless of skillset, to feel empowered in their security experience in reaching Cyber Resilience.

ProjectDiscovery

ProjectDiscovery

ProjectDiscovery is an open-source, cybersecurity company that builds a range of software for security engineers and developers.

Oxford Information Labs (OXIL)

Oxford Information Labs (OXIL)

Oxford Information Labs brings together world-class software programmers and policy experts to provide a unique mix of expertise and hands on technical solutions.

Loccus AI

Loccus AI

Loccus are developers of AI solutions in the voice safety space. We build identity verification solutions, deepfake detection systems and fraud protection products for companies and end-users.

SKADI Cyber Defense

SKADI Cyber Defense

At SKADI Cyber Defense, we specialize in enterprise-grade cybersecurity solutions tailored for small to medium businesses.