Impersonation of U.S. officials through fraudulent AI calls has become prevalent practice
In a concerning development, artificial intelligence (AI) is being used to impersonate senior U.S. government figures, including Secretary of State Marco Rubio and the White House chief of staff, posing a significant security concern for these officials.
In a notable incident in mid-2025, an unknown actor used AI-generated voice and text messages to impersonate Rubio, contacting foreign ministers, a U.S. governor, and a congressman via the encrypted app Signal. The voice cloning was highly sophisticated, requiring only about 15-20 seconds of audio—often publicly available—to create a nearly indistinguishable replica of Rubio’s voice.
This impersonation campaign is more than a prank or simple scam: it aims at manipulating officials to gain access to sensitive information or accounts, thereby posing a direct threat to national security and diplomatic integrity. The FBI had already issued warnings about similar text and voice impersonation campaigns targeting senior officials before this incident.
U.S. government agencies, including the State Department, have launched investigations and alerted foreign governments through diplomatic channels. Officials emphasize the importance of safeguarding information and continuously improving cybersecurity measures to prevent such incidents. Among the key steps being taken or recommended to counter these attempts are:
1. Tightening authentication and identity-proofing protocols for sensitive communications to ensure that the identity of interlocutors can be reliably verified beyond voice recognition alone. 2. Raising awareness among officials and their contacts about the potential for AI-enabled impersonation and social engineering tactics, such as moving conversations to encrypted platforms like Signal to avoid detection. 3. Developing and deploying advanced defenses that combine AI detection tools to identify deepfake audio and voice-clone-generated content before it causes harm. 4. Encouraging multi-factor verification mechanisms and cautious handling of unexpected requests for information or access that come via voice or text from purported officials.
The Rubio impersonation episode serves as a wake-up call highlighting the urgent need for enhanced identity verification and cybersecurity frameworks in an era of rapidly evolving AI voice cloning technology. U.S. authorities are actively working to determine the source, motive, and extent of such campaigns to better prevent and counter these sophisticated impersonation threats going forward.
Meanwhile, the AI-based impersonation schemes' ultimate goal, whether to steal information or money, remains unclear. However, cybersecurity experts consider AI-based impersonation as the "new normal" for cheap and easy scams targeting senior U.S. officials.
In response to this growing threat, government agencies are focusing on defense and catching attackers using deepfakes in action. Rachel Tobac, CEO of SocialProof Security, stated that creating a believable voice clone using AI tools now requires less than 15 seconds of someone's voice. One way to verify identity before taking action on a sensitive request is to use another method of communication.
The FBI and Department of Homeland Security have also urged government employees to use encrypted messaging platforms to prevent Chinese government-backed hackers from snooping on their texts. As AI-based voice cloning becomes a common method for impersonation social-engineering attempts, it is crucial for officials to stay vigilant and proactive in safeguarding their communications.
- The concerning development of AI-generated voice impersonations has extended to politics, as an unknown actor successfully cloned Secretary of State Marco Rubio's voice and text messages in 2025, targeting foreign ministers, a U.S. governor, and a congressman.
- In the realm of general-news and crime-and-justice, the FBI had issued warnings about voice and text impersonation campaigns before the Rubio incident, emphasizing the need for officials to improve cybersecurity measures and safeguard information to avoid manipulation and potential national security threats.
