It should probably go without saying, but if someone “from the government” calls you to chit chat, it’s a scam. However, some people are apparently unaware, prompting an FBI advisory warning about an increase in smishing campaigns.
Since April, cybercriminals have been targeting current and former senior US federal and state employees and their contacts with texts or AI-generated voice messages. They pretend to be senior US officials themselves and attempt to establish a rapport with the receiver.
The goal is to get the target to click on a malicious link that will give the scammers access to people’s personal accounts. One of the scammers’ known tricks involves a request to switch the conversation to a different messaging platform. If they gain access to one account using this trick, they’ll use the stolen information to target the next government official or their contacts.
The advisory adds that contact information obtained in this manner can “also be used to impersonate contacts to elicit information or funds.”
The FBI has shared a few tips to spot these fake messages.
-
Check the phone number and name of the person. Independently verify the person’s organization, try to find a phone number to contact, and confirm their authenticity.
-
Look for inconsistencies in the attacker’s email address, phone number, URLs, and spelling. Scammers use slight differences to deceive and gain trust.
-
Check if the images or videos they share are just minor modifications to publicly available media. Also, look for imperfections in them, such as distorted hands or feet, unrealistic facial features, indistinct or irregular faces, unrealistic accessories such as glasses or jewelry, inaccurate shadows, watermarks, voice call lag time, voice matching, and unnatural movements.
-
If the attacker is pretending to be a known contact, listen carefully to their tone and word choice. AI-generated voice can sound similar to the real voice, but if you pay attention, you might be able to distinguish the two.
Get Our Best Stories!
Stay Safe With the Latest Security News and Updates
By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.
Thanks for signing up!
Your subscription has been confirmed. Keep an eye on your inbox!
To protect yourself from potential fraud or data theft, the FBI recommends following these guidelines:
-
Do not share any sensitive information with someone you’ve just met online or over the phone.
-
Avoid transferring money, gift cards, cryptocurrency, or other assets unless you have independently verified the person’s identity.
-
Refrain from clicking on links in unsolicited messages or calls. That includes links for email attachments, apps, or other purchases.
-
Set up two-factor authentication for all your online accounts. Never share your 2FA code with anyone; doing so would help cybercriminals get access to your details.
-
Create a secret word or phrase for your family members to verify their identities in dire circumstances like these.
Of course, the easiest way to avoid all this is to not answer your phone if it’s an unknown caller. However, if you fall victim to this campaign, report the incident to your local FBI Field Office or the Internet Crime Complaint Center (IC3) at www.ic3.gov, the FBI adds.
Recommended by Our Editors
A similar cybercrime was reported by the FBI last week. Malicious actors are pretending to be US government officials in calls with Middle Eastern students in the US with valid visas.
As such, AI-enabled deepfake calls have been on the rise in the US. Per a survey, at least 31% of US mobile phone users received a voice deepfake last year. Follow the FCC’s guidelines to protect yourself from unwanted deepfake calls and other phone scams.
About Jibin Joseph
Contributor
