Impersonation

Impersonation is acting as the target — using the target's identity, name, voice, image, accounts, signature, or documents — to interact with third parties in ways the target did not authorize. The third parties take the actions and statements as the target's. The target finds out later, partially, or not at all. The contest the operator is winning is not against the target directly; it is against the target's reputation, decisions, and relationships, mediated by people who think they are dealing with the target.

It is distinct from acting as someone else against the target (the fake support call, the fake institution email — that is outbound impersonation in the inverse sense, with the target as recipient). Here the direction is flipped: the operator is the target, and the recipients are everyone the target deals with.

Modes the impersonation can take

• Channel impersonation. Sending messages out of the target's actual account (email, iMessage, social DM, professional platform). Recipients see a familiar sender; the message lands as authentic. The narrowest, most-deniable version of this is covered separately under Outbound impersonation — this entry holds the broader family.
• Voice impersonation. A live or recorded call placed in the target's name. Once a feat of skilled mimicry; now, with a minute of source audio, a routine product of AI voice synthesis. The receiving end is a bank, doctor, employer, family member, child's school.
• Image and video impersonation. Composite or synthesized media presenting the target doing or saying something. Same trajectory as voice — recently exotic, now ordinary.
• Document impersonation. Signatures forged on contracts, releases, applications, withdrawals, court filings, school forms, medical consents. A lifted signature image plus a printer is the entire kit. Power of attorney capture is the high-end version of this family.
• In-person impersonation. Showing up at a counter, an office, a check-in claiming to be the target — to retrieve a record, sign a release, accept a delivery, pick up a child. Easier than commonly assumed where ID checks are casual.
• Institutional-front impersonation. Calling a third party (bank, doctor, school, employer, government office) and asserting to be the target over the phone, providing whatever identifiers are available, to extract information or to act.

Most operating-grade impersonation uses more than one mode in concert. A voice call to set up the context, followed by an email from a compromised channel "confirming" what was discussed, followed by a forged signature on the resulting paperwork. Each mode lends the others plausibility.

What it produces, by design

• Statements attributed to the target the target never made. What "the target said" is now part of the record other people share with each other.
• Decisions taken in the target's name. Contracts entered, accounts closed, prescriptions changed, appointments cancelled, releases signed.
• Access to information the target controlled. Account details, medical records, financial positions, schedule, location, relationships.
• Material for the next round. Whatever the impersonation extracts becomes the substrate for the smear, the frame, or the next institutional action — the cluster runs on it.

How it looks on the receiving end

• "What's this about?" from contacts referring to messages, calls, or commitments the target did not send or make.
• An account showing activity the target did not initiate; an outbox containing messages the target did not write.
• A document with the target's signature on it that the target did not sign.
• A service provider — bank, doctor, school, attorney — acting on instructions the target did not give and that the target only learns about by the consequence.
• A relative or friend reporting a recent conversation with "the target" that the target never had.
• A public statement, post, or piece of content credited to the target that the target did not produce.

Why it works

Voice, email, SMS, and signature are still treated by most institutions and individuals as identity proxies, even though each one is forgeable cheaply. A facially-plausible message from a familiar address is believed on arrival; the target is not in the loop because the operator is talking to other people. The target is usually the last to learn. By the time the disavowal is possible, the disavowal itself reads as suspicious — why are you saying you didn't do this? — because the consequences have already begun to land.

Voice and image synthesis specifically have shifted the cost curve. Anyone with an internet connection can produce a convincing impersonation of a target whose voice or face has appeared online once. The defense — out-of-band verification — has not caught up at the institutional level, and arguably cannot.

The benign overlay

Identity confusion is constant and mostly benign. Same-name overlap, autocomplete on the wrong contact, a relative answering on the target's behalf without thinking, a long-stale account someone forgot to close. One incident is not this tactic. The signature is direction and benefit together: communications and actions that look like the target initiated them, landing with people who matter to the target's life, producing outcomes the operator (and only the operator) benefits from.

Defensive posture

• Identity hygiene at the account layer. Hardware security keys on the high-value accounts (email, primary financial, primary social). MFA everywhere else. Regular audit of authorized devices, sessions, and recovery contacts. The single most leveraged investment.
• Out-of-band verification protocols with the people who matter. Bank, doctor, attorney, family, employer: agree in advance that important requests get a callback to a known number, a code word, or an in-person check. Voice is no longer a verification channel; it is a presentation layer. Tell the institutions the target deals with that voice is not authorization.
• Signature and document discipline. Sign in distinctive ink, on distinctive paper, in distinctive ways. Keep copies of every signed document the target controls. Where stakes are high, use witnessed or notarized signatures. Tell counsel and bank in advance which forms of authorization the target uses.
• A controlled public surface where the target's actual voice lives. Site, professional page, or archive the target controls publicly, dated and archived. When something circulates that the target did not write or say, the target's controlled surface is the rebuttal substrate — not a denial inside the smear's frame.
• Voice and image awareness with family. A short conversation with parents, partners, and children about voice and image synthesis, and an agreed-on out-of-band verification code, neutralizes a large class of personal-side calls before they happen.
• Document the pattern. Each impersonation event goes on the timeline alongside the rest of the cluster. The pattern is more legible than any single instance, and impersonation rarely runs alone — it is usually the substrate for the smear and the frame that follow.