Joint Advisory: Cyber officials warn Canadians of malicious campaign to impersonate high-profile public figures
June 23, 2025
Canadian Centre for Cyber Security (CCCS)
Canadian Anti-Fraud Centre (CAFC)
Cyber security officials in the Government of Canada are warning Canadians about a spike in malicious cyber activity, where threat actors are using text and AI-generated voice messages impersonating senior officials and prominent public figures to steal money and information.
Canadian authorities have become aware of a malicious cyber campaign targeting business executives and senior public officials. A threat actor is sending malicious links or urgent financial requests using messaging accounts and voice calls that claim to be from senior government officials. In some cases, they are using AI to mimic the officials’ voices to make the calls more convincing.
The Canadian Centre for Cyber Security, a part of the Communications Security Establishment Canada, and its partners have been tracking and monitoring how AI is improving the personalization and persuasiveness of social engineering attacks worldwide for months. The FBI also alerted the public to this threat in April 2025. Canadian officials have recently become aware of similar tactics targeting Canadians in a related or linked campaign.
Warning signs
To protect yourself and others, we encourage you to be vigilant, be wary – and look out for suspicious warning signs, like:
- messages or calls from someone claiming to be a high-ranking government official, a prominent public figure, or someone you trust urging immediate action
- instructions to move to an alternate communications platform, including to download and install a messaging application for that purpose
- messages including suspicious links or asking for personal or financial information
- inconsistencies in voice, video, or message tone that seem out of character
How to protect yourself
Here are some steps you can take today to safeguard yourself:
- do not trust display names: phone numbers in voice calls and text messages can be spoofed, display names in messaging apps can be forged
- verify independently: contact the person or organization through alternate, previously confirmed channels
- do not click on suspicious links: especially in unsolicited messages
- be skeptical of urgent requests: especially those involving money or sensitive data
- watch for deepfakes: in video, look for unnatural movements, mismatched audio, or inconsistent lighting, and in audio, listen for unnatural and flat tone, unexpected background noises, or choppy sentences
- consult with someone you trust whenever in doubt
More information is available in the following FBI report: Internet Crime Complaint Center (IC3) | Senior US Officials Impersonated in Malicious Messaging Campaign
Report suspicious activity
If you suspect you been the target of cybercrime, you should report it to your local law enforcement, the Canadian Anti-Fraud Centre and to the Canadian Centre for Cyber Security.
Learn more and stay safe (additional advice and guidance)
- Protect yourself from scams and fraud
- Protect your information from scams impersonating government and law enforcement agencies
- Don't take the bait: Recognize and avoid phishing attacks
- Social engineering
- What is voice phishing (vishing)?
- How to identify misinformation, disinformation, and malinformation
- Recognize artificial intelligence (AI): 9 ways to spot AI content online
- Generative artificial intelligence (AI) (ITSAP.00.041)
- Date modified: