The FBI issued a warning Thursday about hackers using artificial intelligence to generate voices impersonating U.S. government officials in order to hack into the online accounts of former and current U.S. officials, according to CNN.
“The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts,” the FBI said in a public advisory. “One way the actors gain such access is by sending targeted individuals a malicious link under the guise of transitioning to a separate messaging platform.”
“Access to personal or official accounts operated by US officials could be used to target other government officials, or their associates and contacts, by using trusted contact information they obtain. Contact information acquired through social engineering schemes could also be used to impersonate contacts to elicit information or funds,” the FBI said.
Since April, unidentified hackers have been sending text and voice messages to various targets, including federal and state officials, in an attempt to establish rapport.
The FBI is advising to never share any sensitive information or any contact information with those a person has only talked to online or over the phone.
“If contacted by someone you know well via a new platform or phone number, verify the new contact information through a previously confirmed platform or trusted source,” the FBI warned. “Do not send money, gift cards, cryptocurrency, or other assets to people you do not know or have met only online or over the phone. If someone you know (or an associate of someone you know) requests that you send money or cryptocurrency, independently confirm contact information prior to taking action. Also, critically evaluate the context and plausibility of the request.”
The agency further advised to not click on any links present in an email address that is from an unknown source.
“Be careful what you download. Never open an email attachment, click on links in messages, or download applications at the request of or from someone you have not verified,” The FBI said. “Set up two-factor (or multi-factor) authentication on any account that allows it and never disable it. Actors may use social engineering techniques to convince you to disclose a two-factor authentication code, which allows the actor to compromise and take over accounts. Never provide a two-factor code to anyone over email, SMS/MMS text message or encrypted messaging application.”
