Scammers now impersonating senior government officials and CEOs to swindle Canadians
Article content
OTTAWA — If your boss's name appears on your phone, don't assume that's who is calling you.
In a rare joint statement issued Monday, the Canadian Anti-Fraud Centre (CAFC) and the Canadian Centre for Cyber Security (CCCS), part of Canada's cyberdefence agency, said that scammers are now using artificial intelligence to impersonate senior government officials by phone or text.
Article content
Spoofing government officials' phone numbers or voices, they contact other public sector leaders or C-suite business leaders with fake urgent requests for money transfers or asking them to open a malicious link.
The goal is to steal money, sensitive information or install malware on organizations' computer networks, says the CCCS.
The scam is yet another way that fraudsters are harnessing AI to impersonate government officials and organizations to make their schemes more believable.
In one case, a Canadian individual received a fraudulent message purporting to come from a U.S. government official requesting a 'large transfer of money under the pretence of an urgent government-related matter,' said spokesperson Cyber Centre spokesperson Janny Bender Asselin.
Asselin declined to say who the recipient was, if they were a government or business executive or if the money was ever transferred to the scammer.
Article content
Neither CCCS nor CAFC responded to questions about which government officials or C-suite executives are either being impersonated or targeted by this new malicious cyber scam.
But the advisory is clear: if you receive a message or call from someone purporting to be a high-ranking government official or even your employer's CEO demanding you do something urgent and unusual, it could be a scam. Even if the voice sounds like them.
The warning says the latest scam appears linked to an ongoing campaign in the U.S. that was flagged by the Federal Bureau of Investigations (FBI) last month.
The FBI said that since Apri l, scammers have been impersonating 'senior US officials' and contacting other current or former top federal and state American government workers. They then purport to send a link to move the conversation to another messaging app, but the URL actually infects their device with malware.
Article content
'The malicious actors have sent text messages and AI-generated voice messages — techniques known as smishing and vishing, respectively — that claim to come from a senior US official in an effort to establish rapport before gaining access to personal accounts,' the FBI warned.
'If you receive a message claiming to be from a senior US official, do not assume it is authentic.'
For the head of the Canadian Cyber Threat Exchange, Jennifer Quaid, these types of scams have become so prevalent that she now suggests to private sector workers that they shouldn't always believe that it's their boss that's calling when the number appears on their phones.
'Never assume it's your boss,' she told National Post.
'I would give a CEO, a CFO and my 21-year-old daughter exactly the same advice: stop and think about it. Take a minute to think about what the request is, and then say, 'I will call you back' and reach out to that person using another known channel of communication,' she added.
Article content
'If your boss is serious about wanting you to transfer $20 million, I don't think they're going to object to your saying, 'I will call you right back'.'
Just in the first three months of 2025, the Anti-Fraud Centre says it has received nearly 13,000 reports of fraud generating over $165 million in losses for 9,092 victims. But as always, that is only the tip of the iceberg as the vast majority of victims don't report the crime to authorities.
Both the Cyber Centre and Quaid say AI has tremendously boosted criminals' ability to make their scams more believable. But Quaid also believes that threat actors not being constrained by legal AI guardrails has allowed them to harness AI faster and more effectively than businesses trying to defend themselves.
'They're not using it with rules. We have rules, and I want to be very clear, rules are a very good thing,' Quaid said of scammers. 'But they are operating in a criminal environment without rules, without regard to due process and without regard to privacy, and that's why they're able to do more with some of these tools than we are.'
Latest National Stories
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Winnipeg Free Press
2 hours ago
- Winnipeg Free Press
Warren Buffett announces $6 billion in donations to five foundations
NEW YORK (AP) — Famed investor Warren Buffett is donating $6 billion worth of his company's stock to five foundations, bringing the total he has given to them since 2006 to roughly $60 billion, based on their value when received. Buffett said late Friday that the shares of Berkshire Hathaway will be delivered on Monday. Berkshire Hathaway owns Geico, Dairy Queen and a range of other businesses, and Buffett is donating nearly 12.4 million of the Class B shares of its stock. Those shares have a lower and easier-to-digest price tag than the company's original Class A shares, and each of the B shares was worth $485.68 at their most recent close on Friday. The largest tranche is going to the Bill & Melinda Gates Foundation Trust, which will receive 9.4 million shares. The Susan Thompson Buffett Foundation will receive 943,384 shares, and the Sherwood Foundation, Howard G. Buffett Foundation and NoVo Foundation will each receive 660,366 shares. Buffett made waves a year ago when he said he plans to cut off donations to the Bill & Melinda Gates Foundation after his death and let his three children decide how to distribute the rest of his fortune. Monday Mornings The latest local business news and a lookahead to the coming week. Berkshire Hathaway's Class B stock has climbed 19.1% over the last 12 months, topping the broad U.S. stock market's return of 14.1%, including dividends. Buffett is famous on Wall Street for buying companies at good prices and being more conservative when prices look too high. The bargain-hunting approach has helped him amass a fortune worth about $145 billion, with basically all of it in Berkshire Hathaway's stock. 'Nothing extraordinary has occurred at Berkshire; a very long runway, simple and generally sound decisions, the American tailwind and compounding effects produced my current wealth,' Buffett said in a statement. 'My will provides that about 99 1/2% of my estate is destined for philanthropic usage.'
CTV News
3 hours ago
- CTV News
Local OPP detachment and CAFC fight ‘bank investigator' scams
Members of the Southern Georgian Bay OPP detachment are teaming up with the Canadian Anti-Fraud Centre (CAFC) to warn locals about the rise of 'bank investigator' scams. According to Southern Georgian Bay OPP and the CAFC, 'bank investigator' scams involve fraudsters impersonating financial institutions, law enforcement or credit reporting agencies, claiming that a potential victim's bank account has been compromised. Fraud experts say suspects sometimes show that they know a potential victim's personal information (name, date of birth, social insurance number, debit card number, etc.) to seem legitimate. Suspects are also known to be spoofing financial institutions, law enforcement, and credit reporting agencies or providing fraudulent call-back numbers that impersonate the institutions. Scam Variations Southern Georgian Bay OPP and the CAFC outline three variations of bank investigator scams. The first involves a potential victim receiving an automated phone call claiming to be their financial institution, law enforcement, credit card reporting agency, or, in some cases, Amazon, advising of fraudulent transactions in their account. Suspects are then known to request access to the victim's computer to 'investigate' and then show the falsely 'fraudulent' transactions. Fraud experts say the suspects then request the victim's help to continue 'investigating' the criminals who stole their money, where they will ask the victim to send a large amount of money as part of the 'investigation.' The second variation involves suspects already gaining access to a potential victim's debit card number and password but needing more information to get through multi-factor authentication. Suspects are then known to contact the victim, posing as their financial institution and advising the victim that they must provide a code via text or email to confirm their identity. The code provided by the victim gives suspects full access to their bank account. The third variation involves suspects advising a potential victim that they need their debit or credit card from their residence as part of an 'investigation.' Fraud experts say suspects will then go as far as going to a victim's residence to pick up the card. They may even ask the victim to cut the card in half without damaging the chip to appear more legitimate. Suspects are also known to threaten victims that they may be arrested if they do not comply. Protecting Yourself Southern Georgian Bay OPP and the CAFC say criminals use call-spoofing to mislead victims, and, therefore, unfamiliar phone numbers on call displays should not be assumed to be legitimate. When receiving a call from someone claiming to be a financial institution, fraud experts suggest telling the caller that you will call them back, before ending the call and calling the number on the back of the debit card in question. Fraud experts remind potential victims that credit bureaus will never call customers randomly unless it is a requested call back, and that financial institutions and law enforcement will never make threats over the phone. Multi-factor authentication codes should never be shared, especially in writing via text or email. Suspects are also known to often provide the first four-to-six digits of a debit or credit card to appear legitimate, but most financial institutions use the same four to six numbers for their debit and credit cards. Institutions will also never request for funds to be transferred to an external account for security reasons. Police and fraud experts also suggest never providing remote access to your computer and confirm that law enforcement will never go to a private residence to pick up a bank card. Anyone suspecting of fraud or cybercrime should report it to their local police and to the CAFC.
CTV News
4 hours ago
- CTV News
Mexican drug cartel used hacker to track FBI official, then killed potential informants, U.S. government audit says
A Mexican drug cartel hired a hacker to surveil the movements of a senior FBI official in Mexico City in 2018 or earlier, gathering information from the city's camera system that allowed the cartel to kill potential FBI informants, the Justice Department inspector general said in a new report. The hacker also was able to 'see calls made and received' by the FBI official and their geolocation data in a major breach of operational security that occurred as the FBI was working on the case of former Sinaloa cartel boss Joaquin 'El Chapo' Guzmán Loera, the inspector general said. The hacker tracked people coming in and out of the US Embassy in Mexico City before zeroing in on the FBI's assistant legal attache, a role that works closely with Mexican law enforcement, the report said, citing an FBI case agent at the time. The report did not identify the hacker. 'According to the case agent, the cartel used (information provided by the hacker) to intimidate and, in some instances, kill potential sources or cooperating witnesses,' says the inspector general report, which was a broader review of the FBI's approach to protecting sensitive information and avoiding surveillance. The stunning new details offer a rare look at how technology can be exploited in the high-stakes battle between US law enforcement and the violent Mexican cartels that control illicit drug trade. The Trump administration has made cracking down on cartels a national security priority, in part by declaring them as foreign terrorist groups. The FBI, DEA and US military have in recent years used advanced surveillance techniques to try to infiltrate Sinaloa and the Jalisco New Generation Cartel, the other big Mexican cartel that US officials say smuggles large volumes of deadly fentanyl into the US. CNN reported in April that the CIA was reviewing its authorities to use lethal force against the cartels. With El Chapo now behind bars, the cartels themselves are increasingly run by a younger generation of tech-savvy drug lords. 'We've identified people in the cartels that specialize in cryptocurrency movements,' a senior DEA official previously told CNN. 'The cartels run a multi-billion-dollar global enterprise and utilize sophisticated technology to enhance their business operations,' Derek Maltz, who until May served as the acting DEA administrator, told CNN. 'They utilize state-of-art sophisticated surveillance techniques to identify law enforcement activities and their adversaries.' The new inspector general report raises broader concerns about the threat of high-tech surveillance to US national security. 'Some within the FBI and partner agencies, such as the Central Intelligence Agency (CIA), have described this threat as 'existential,' the report said. There have been 'longstanding' risks posed by 'ubiquitous technical surveillance' — jargon for the widespread availability of data to adversaries — to the FBI's criminal and national security cases, the report said. But recent advances in commercial technology 'have made it easier than ever for less-sophisticated nations and criminal enterprises to identify and exploit vulnerabilities' related to such surveillance, according to the report. The FBI is working on a 'strategic plan' to address some of the inspector general's concerns about the bureau's approach to the threat, the report said. The bureau referred questions about the inspector general's report to the Justice Department. CNN has requested comment from the department.
