The Federal Bureau of Investigation (FBI) warns that criminals are impersonating U.S. officials in phishing attacks targeting businesses and individuals who request city and county planning and zoning permits.

In a public service announcement published on Monday, the bureau said that the criminals behind this campaign are identifying potential victims using publicly available information, which also makes their malicious messages seem legitimate and helps them trick suspicious targets.

"Individuals and businesses with active applications for land-use permits are being targeted by criminals impersonating city and county planning and zoning board officials, fraudulently requesting fees associated with these permits," the FBI warned.

"Victims receive unsolicited emails citing their permit information, zoning application numbers, and/or property addresses. Victims are instructed to pay invoices for fees related to their permits and directed to make payments via wire transfer, peer-to-peer payment, or cryptocurrency."

The FBI says there are several common indicators that can help detect such schemes, including messages sent from non-governmental domains (such as @usa.com), attachments that ask recipients to request more details via email, and various tactics to push for quicker payments to avoid permit delays.

Scammers may also time their phishing messages to match the timing of official communications with details about zoning permits.

The law enforcement agency advised businesses and individuals to carefully check whether messages they receive from U.S. officials are legitimate by verifying the domain and email address and calling the city or county government to confirm outstanding fees.

Those who were targeted or fell victim to this scam should file a complaint with the FBI's Internet Crime Complaint Center (IC3) and share the email address, date of email, and/or phone number used by the scammers, the date of the project's scheduled hearing, the amount listed in the fraudulent invoice, as well as any other financial information provided by the criminals.

Four years ago, the FBI also warned of widespread attacks in which scammers impersonated government or law enforcement officials by spoofing authentic phone numbers to extort money from potential victims or steal their personally identifiable information.

In April 2025, the bureau said that criminals were also impersonating FBI IC3 employees, while offering to "help" fraud victims recover money lost to other scammers.

One month later, the FBI also warned of cybercriminals using AI-generated audio deepfakes to target U.S. officials in voice phishing attacks.