U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Report Fraud, Waste, Abuse 

Fraud Alert: Impersonation of Senior U.S. Officials – Malicious Messaging Campaign

Notice Contents
Fraud Alert PDF

OFFICE OF INVESTIGATIONS FRAUD ALERT 2026-01

Impersonation of Senior U.S. Officials – Malicious Messaging Campaign

The U.S. Department of State (Department) Office of Inspector General (OIG) has identified a fraud scheme targeting OIG and Department personnel. Fraudulent actors impersonating senior U.S. officials, including the Inspector General, who is responsible for conducting oversight and investigations involving Department programs and personnel, have communicated with Department personnel in an effort to obtain access to information, including personally identifiable information (PII), authentication codes, and sensitive documents. This activity aligns with FBI Alert Number I-121925-PSA and involves malicious messaging campaigns using SMS and encrypted messaging applications.

How the Scheme Works:

  • Initial Contact: Department personnel receive unsolicited text messages from an unfamiliar number. The actor claims to be the Inspector General, Senior Official Performing the Duties of the Inspector General, or other senior U.S. government official. The text messages, which may use poor grammar and unusual phrasing, claim to be official communications but are sent to personal devices.
  • Engagement Tactics: To build trust with the recipient, the actor may reference in the text messages current events or policy topics relevant to Department programs and operations. 
  • Escalation: Actors may request, with increasing urgency, that victims move their conversation to encrypted applications (including Signal, Telegram, and WhatsApp). 
  • Fraudulent Requests: Actors may request victims provide authentication codes, share PII or sensitive documents, wire funds, or introduce other actors to the victims. 

What You Should Do: 

  • Do NOT respond to suspicious messages or click links. 
  • Verify identities through official channels and preserve suspicious messages. 
  • Report issues immediately to OIG Computer Incident Response Team (CIRT) and OIG Hotline (stateoig.gov/hotline). 
  • File a complaint with the FBI Internet Crime Complaint Center (IC3): https://www.ic3.gov

Protect Yourself:

  • Enable multifactor authentication on all accounts. 
  • Never share authentication codes or PII via text or encrypted applications.
  • Avoid downloading applications or clicking links from unknown sources. 
  • Regularly review privacy settings on social media.

Why This Matters: 

Impersonation schemes can lead to identity theft, financial loss, and compromise of government systems. Every report strengthens our ability to protect personnel and the Department.

###

Return to top