An imposter posing as US Secretary of State Marco Rubio has used artificial intelligence to mimic his voice and writing style, contacting foreign ministers, a US governor, and a member of Congress, according to a report by The Washington Post, citing an official document seen by the publication.
The campaign utilized both text messaging and the encrypted messaging app Signal, which gained widespread popularity during the Trump administration.
At least five individuals outside the State Department were targeted, including three foreign ministers, a US governor, and a member of Congress. Authorities suspect the goal of the operation was to gain access to sensitive information or accounts.
The impersonation efforts began in mid-June when the fake Rubio created a Signal account using the display name "Marco.Rubio@state.gov," although this is not his actual email address.
According to the State Department cable, the imposter left voicemails for two individuals and sent a text message inviting one to communicate on Signal. Additionally, other State Department personnel were impersonated via email.
US authorities are still unsure who is behind the operation but believe the objective is likely to manipulate high-ranking officials to gain access to crucial data. "We believe the actor’s aim is likely to gain access to information or accounts," reads the cable dated July 3, which was obtained by The Washington Post.
In response to the breach, the State Department has promised a thorough investigation but declined to provide The Washington Post with further details about the contents of the messages or the identities of the targeted officials.
Previous attempts to impersonate US government officials, senior figures
The incident follows several other high-profile impersonation attempts, including one in May involving White House Chief of Staff Susie Wiles, which prompted an FBI investigation.
Hany Farid, a professor specializing in digital forensics at the University of California, Berkeley, stated that such operations do not require sophisticated technology but are still effective due to lapses in data security. "This is precisely why you shouldn’t use Signal or other insecure channels for official government business," Farid noted.
The FBI has not commented on the Rubio impersonation but has previously warned about similar AI-driven campaigns targeting senior US officials to "elicit information or funds." The Bureau also stressed that messages claiming to be from senior officials should not be assumed authentic.
This growing trend of impersonation is not limited to the US. In June, Ukrainian authorities reported Russian intelligence agents impersonating security officials to recruit civilians for sabotage missions, while Canadian authorities warned about AI-driven scams targeting officials and civilians alike.
The State Department has urged diplomats to report any impersonation attempts to the Bureau of Diplomatic Security, and non-State Department officials are advised to contact the FBI’s Internet Crime Complaint Center.