According to a public alert issued by the FBI on May 15th, numerous cybercriminals are employing AI-generated voice and text messages to launch a calculated phishing campaign designed to extract sensitive information.
The FBI reports that since April, bad actors have been using deepfake technology, highly realistic audio and visual impersonations, to pose as high-ranking U.S. government officials. These deceptive tactics aim to create a sense of legitimacy and trust with victims before manipulating them into revealing confidential data.
Source: X (@FBI)
The bureau issued an official warning:
“If you receive a message claiming to be from a senior US official, do not assume it is authentic”.
What makes these attacks particularly dangerous is the potential for escalation. If a government official’s account is compromised, hackers can leverage trusted contact information to target other officials, colleagues, or associated individuals, further expanding their reach.
As part of the phishing schemes, hackers are reportedly sending malicious links to their targets, directing them to spoofed websites or platforms under their control. These sites are engineered to harvest sensitive information such as login credentials and other personal data.
The FBI emphasizes that contact information gathered through social engineering could be repurposed to impersonate trusted connections. This could allow hackers to elicit further information, or even trick victims into sending money under false pretenses.
Separate from the government-focused phishing operation, prominent figures in the cryptocurrency space have also found themselves victims of deepfake fraud. On May 13th, Polygon co-founder Sandeep Nailwal issued a warning via X, describing a frightening impersonation attempt.
Source: X (@sandeepnailwal)
Nailwal shared that multiple individuals had contacted him via Telegram, asking whether he was involved in a Zoom call with them and whether he had requested they install software. These calls were, in fact, part of a scam operation featuring a deepfake version of Nailwal and two other individuals.
“The audio is disabled and since your voice is not working, the scammer asks you to install some SDK. If you install, game over for you,” Nailwal explained.
According to Nailwal, the attackers had hijacked the Telegram account of Shreyansh, Polygon Ventures’ lead, to reach out to targets and coordinate the deepfake video calls. The scam created a convincing illusion of legitimacy, nearly fooling several individuals.
One of the more troubling aspects of this attack is the lack of response or recourse from Telegram, Nailwal noted. He highlighted the absence of a streamlined way to report such sophisticated impersonation scams on the platform.
In the comments of Nailwal’s post, at least one person confirmed they had been targeted by the same scam, while Web3 expert Dovey Wan also revealed she had been impersonated using deepfake technology.
Both the FBI and Nailwal stress the importance of vigilance and proactive security practices to combat these evolving threats. The FBI advises users to:
Meanwhile, Nailwal also strongly recommends avoiding software installation during online interactions initiated by others as well as keeping a dedicated device for accessing personal cryptocurrency wallets to minimize risk.
Subscribe to stay informed and receive latest updates on the latest happenings in the crypto world!
Content Strategist
Subscribe to stay informed and receive latest updates on the latest happenings in the crypto world!
