AI voice scams hit top US officials including Marco Rubio and White House chief of staff
Two senior US government figures—Secretary of State Marco Rubio and White House Chief of Staff Susie Wiles—were impersonated using AI voice cloning in recent weeks. Attackers faked Rubio’s voice to call foreign ministers, a governor, and a senator, setting up a fake Signal account with Rubio’s official email as the display name.
The tactic is turning into a “new normal” for cheap, quick government scams, according to cybersecurity experts. It now takes less than 15 seconds of voice recording to create convincing AI clones, down from needing over a minute just six months ago. 
Rachel Tobac, head of SocialProof Security, said:
“It’s now easy and quick to clone someone’s voice using AI tools, which now require less than 15 seconds of someone’s voice to create a believable voice clone.”
“Just six months ago, I needed a clear one-to-two-minute sample of someone’s voice without background noise or music to create a believable voice clone — not so anymore.”
“Voice-cloning is the new normal (in terms of) impersonation social-engineering attempts.”
Rubio confirmed the attacks and warned more will come:
“It won’t be the last time you see me or others, for that matter. Maybe some of you will be impersonated.”
“Within days of becoming Secretary of State, I had foreign ministers calling the State Department asking if I had just texted them.”
The impersonator left voice messages on Signal and even tried to get victims to text back, per a government cable obtained by CNN. The FBI is investigating alongside State Department security. Rubio reported the incident to both agencies last week.
Former President Joe Biden’s voice was AI-robocalled last year, trying to sway voters in a primary. McAfee CTO Steve Grobman says the risks are escalating:
“What’s most concerning is that with AI-powered clones, seeing – or hearing – is no longer believing, and even trained professionals can be fooled, especially when a familiar voice makes an urgent request.”
The FBI warned in May that “malicious actors” were impersonating senior US officials to breach contacts’ accounts. The goal—whether theft or espionage—is unclear. Early probes into Wiles’ impersonation suggest a criminal, not a state actor. Iran-linked hackers were also under scrutiny for prior phone breaches.
Hackers linked to China have reportedly breached major US telecoms to spy on officials. The FBI and DHS have urged encrypted messaging to block such snooping.
No easy fix exists to stop fake accounts and voice clones. Agencies now warn officials to verify sensitive requests across multiple channels.
SocialProof Security’s Tobac recommends:
“One way to do that is to use another method of communication to verify identity before taking action on a sensitive request.”
