Skip to main content
Emerging Threats

FBI Warns: Exclusive Alert on Dangerous Fake Video Scams

FBI Warns: Exclusive Alert on Dangerous Fake Video Scams

“What would you do if a stranger texted you a video of your child and said they’d been kidnapped?” That question arrives not as hypothetical but as a tactical lever in a new breed of crime — one the FBI now warns is using artificial intelligence to manufacture believable photos and videos and terrorize ordinary people into paying ransoms.

The Bureau’s advisory describes a pattern that is chilling in its simplicity: criminals contact victims by text, claim they have abducted a loved one, and demand immediate payment. To convince the target, they send an image or video that appears authentic. On closer inspection — or when compared with known photographs — these media often contain telltale flaws: missing tattoos or scars, incorrect body proportions, or other subtle inconsistencies. Attackers sometimes use timed messages or ephemeral delivery so recipients can’t scrutinize the evidence before being pressured to act, increasing the chance of a panicked payment rather than verification or reporting.

This advisory is not an isolated bulletin. It sits in a broader pattern of digital impersonation and fraud that researchers and incident responders have been tracking: fake reporting pages, cloned government sites, and malicious ads that harvest credentials. These operations don’t just steal money or data; they erode trust in institutions and suppress reporting, which in turn blinds law enforcement to the true scale of the problem .

Why this matters now

Three converging trends explain the danger. First, generative AI has made it markedly easier and cheaper to create convincing synthetic images and videos. Second, messaging platforms and social media provide instant, private channels to reach victims directly. Third, the emotional leverage of a supposed kidnapping short-circuits many of the usual skepticism filters people apply to scams. The result: deception that looks and sounds real and is delivered at the moment it can do the most harm.

How the scams operate in practice

  • Initial contact by text message or direct message claiming a loved one is held and will be harmed unless a ransom is paid.
  • Delivery of a purported photo or video of the captive that, on surface inspection, is convincing. In many cases, forensic comparison with confirmed photos reveals discrepancies — absent tattoos, mismatched scars, or distorted body proportions.
  • Pressure tactics: messages are timed to expire, threads are closed off, or instructions require immediate wire transfers or cryptocurrency payments.
  • Sometimes attackers combine the fake media with social-engineering tactics — pretending to be a law enforcement officer or hostage negotiator — to add apparent legitimacy.

What technologists say

Security practitioners emphasize that no single tool eliminates the threat. Practical mitigation strategies include domain monitoring to detect impersonation, faster takedown workflows for fraudulent pages and ads, and the development of provenance standards — metadata or robust watermarking for synthetic media — that would help platforms and users determine whether a piece of content is AI-generated .

“Adversaries often weaponize trust,” one cybersecurity expert noted in recent analysis of impersonation campaigns; attackers impersonating trusted services can harvest credentials, steal identities, and stage follow-on scams with a high return on a relatively low investment .

Policy and platform perspectives

Policymakers face hard tradeoffs. Measures like mandatory disclosure for synthetic media, stricter identity verification for political and financial ads, and enhanced cross-border cooperation for takedowns could blunt the effectiveness of these scams — but they must be balanced against free-speech concerns and the risk of stifling legitimate innovation. Industry coalitions are piloting faster takedown processes and advertiser vetting; researchers are testing cryptographic signing for official audio and video to provide verifiable authenticity lines of defense .

What users and institutions should do

  • Pause and verify. If you receive a threatening message claiming a loved one is kidnapped, resist immediate payment demands. Contact the supposed victim through a known, trusted channel (call their phone, reach out on a platform where you regularly communicate) and contact local law enforcement.
  • Examine media carefully. Look for inconsistencies with known photos (tattoos, scars, proportions). Save messages and media — screenshots, timestamps, and delivery details — and report them through verified channels.
  • Use verified reporting routes. Government and law-enforcement sites will use official domains; save bookmarks for those portals rather than following links in unsolicited messages, and confirm HTTPS and certificates when in doubt .
  • Financial vigilance. Banks and payment platforms should flag unusual transfers and require extra verification for high-risk transactions; customers should be wary of urgent wiring or cryptocurrency demands, which are favored by scammers because they’re hard to reverse.

Adversaries’ calculus

From the criminal point of view, these scams are attractive because they exploit emotion and technology simultaneously. The cost of producing convincing fake media is falling, distribution channels are abundant, and the human reaction to a perceived threat can be immediate and profitable. That asymmetry — low cost for attackers, high cost for victims and responders — amplifies the urgency for multi-layered defenses.

Where gaps remain

Technical fixes exist in prototype form — watermarking and provenance, cryptographic signing, improved content verification tools — but they depend on broad adoption and cooperation across platforms and borders. Legal and procedural remedies are slower; civil suits and prosecutions can deter some perpetrators, but cross-border fragmentation and the speed of the scams mean damage often occurs before a legal remedy can take hold. And perhaps most importantly, public awareness campaigns remain underfunded given the scale of the threat: if people don’t know the risk, they can’t deploy the simplest, most effective defenses — skepticism, verification, and reporting.

Reporting and recovery

Victims should capture as much evidence as possible and report incidents to law enforcement through verified channels. Organizations, including banks and consumer-protection groups, should reinforce messaging about how to report safely and what steps to take if targeted. Platforms and registrars should accelerate processes for removing fraudulent domains and ads, and researchers should continue developing technical provenance that can be widely verified .

What to watch next

Expect attackers to iterate rapidly. If timed-message delivery or deepfake-quality images yield payoffs, those techniques will spread and be localized into different languages and platforms. The countermeasures most likely to blunt the trend are coordinated: faster takedowns, stronger platform verification, technical provenance for synthetic media, and sustained public education efforts that teach people to pause and verify before responding to high-pressure demands.

In short, the weapon is new, but the playbook is old: exploit fear, create pressure, demand immediate payment. The arms race that follows will require technical innovation, policy attention, and everyday vigilance. How many more victims must be frightened into paying before our defenses catch up?

Source: https://www.schneier.com/blog/archives/2025/12/fbi-warns-of-fake-video-scams.html