Italian government authorities have issued a formal warning regarding a sophisticated WhatsApp phishing campaign impersonating Alfredo Mantovano, the Undersecretary of State to the Council of Ministers. The scam uses deceptive messaging to solicit financial assistance or sensitive information, prompting Palazzo Chigi to clarify that these communications are entirely fraudulent.
According to an official notice published by the Italian government, this incident follows a recurring pattern of cybercrime where threat actors exploit the names of prominent public officials to build false credibility. The Cabinet Office confirmed that Alfredo Mantovano has no involvement in such requests and urged citizens to remain vigilant against unsolicited digital communications claiming to represent government offices.
How the WhatsApp Scam Operates
The fraudulent messages typically follow a well-documented trajectory used by cybercriminals to manipulate victims into urgent action. By leveraging the authority associated with high-ranking officials, the attackers aim to bypass the typical skepticism users might apply to unknown numbers. Once a connection is established via WhatsApp, the scammers often invent a crisis or a sensitive bureaucratic matter to pressure the target into providing funds or personal data.
Cybersecurity experts, including those from the National Cybersecurity Agency (ACN), frequently categorize these activities as “social engineering.” This technique relies on psychological manipulation rather than technical exploits to compromise security. Because the attacker poses as a trusted figure, the victim is more likely to ignore standard digital safety protocols, such as verifying the sender’s identity through official government channels.
Identifying and Reporting Fraudulent Messages
Government agencies in Italy consistently emphasize that official state business is never conducted through personal WhatsApp accounts or informal messaging platforms. When legitimate government officials, such as the Undersecretary of State, communicate with citizens or stakeholders, they utilize secure, verified channels and official email addresses ending in specific institutional domains.
To protect against these threats, the Polizia di Stato’s Postal and Communications Police recommends the following security measures for anyone receiving suspicious messages:
- Do not engage: Avoid replying to the message, even to challenge the sender, as this confirms the phone number is active and monitored.
- Block and report: Use the built-in reporting tools within WhatsApp to flag the account as spam or fraud.
- Verify the source: If a message claims to be from a government representative, contact the relevant ministry or office directly using contact information found on the official governo.it website.
- Never share data: Refuse requests for bank transfers, gift card codes, or personal identification documents transmitted over messaging apps.
Broader Trends in Digital Impersonation
The impersonation of public figures is a growing concern for law enforcement agencies across Europe. Data from the European Union Agency for Law Enforcement Cooperation (Europol) indicates that online fraud remains one of the most prevalent forms of cybercrime, frequently evolving to mirror current events and shifts in government personnel. By attaching a recognizable name to a scam, attackers significantly increase the probability of a successful hit, particularly among individuals less familiar with digital verification processes.
The use of AI-driven tools to personalize these scams is also a developing area of concern. While the current Mantovano impersonation appears to rely on traditional social engineering, the increasing availability of deepfake voice and text-generation technology creates new risks for future campaigns. Authorities continue to monitor these developments, emphasizing that digital literacy is the primary defense against such evolving threats.
Next Steps for Public Safety
The Italian government has not announced a specific deadline for the conclusion of their investigation into this particular campaign, as these operations often involve decentralized groups operating across multiple jurisdictions. The Cabinet Office continues to monitor for similar reports and maintains that any official updates regarding security advisories will be published exclusively through their official press portal.
Citizens who believe they have been targeted by this or similar scams are encouraged to file a formal report with the nearest Postal Police station or via the online portal provided by the Ministry of the Interior. Sharing these warnings helps protect other users from falling victim to similar deceptive practices. For further updates on cybersecurity best practices, visit the official website of the National Cybersecurity Agency.