Tag: fraud
-
Is attacker laziness enabled by genAI shortcuts making them easier to catch?
Tactics of attackers: The OpenAI report, published in June, detailed a variety of defenses the company has deployed against fraudsters. One, for example, involved bogus job applications.”We identified and banned ChatGPT accounts associated with what appeared to be multiple suspected deceptive employment campaigns. These threat actors used OpenAI’s models to develop materials supporting what may…
-
300K Crash Reports Stolen in Texas DOT Hack
Crash Records and Driver Data Exposed in Texas Transportation Hack. Hackers accessed the Texas Department of Transportation’s crash records system using a compromised account, stealing nearly 300,000 reports containing personal and vehicle information that could be used for fraud, the department warned in a letter to impacted individuals. First seen on govinfosecurity.com Jump to article:…
-
Texas warns 300,000 crash reports siphoned via compromised user account
Tags: fraudLone Star State drivers with accident records need to be careful about fraud First seen on theregister.com Jump to article: www.theregister.com/2025/06/10/texas_accident_report_theft/
-
Trump guts digital ID rules, claims they help ‘illegal aliens’ commit fraud
Also axes secure software mandates – optional is the new secure, apparently First seen on theregister.com Jump to article: www.theregister.com/2025/06/10/trump_cybersecurity_eo_digital_ids/
-
Indian Authorities Bust Cybercriminals Posing as Microsoft Tech Support
India’s Central Bureau of Investigation (CBI), the nation’s federal law enforcement agency, launched a sweeping operation targeting cyber-enabled financial fraud networks. Raids at 19 locations across India dismantled a sophisticated tech support scam operation impersonating Microsoft, primarily victimizing older adults in Japan. Major Crackdown on Tech Support Fraud Networks The operation led to the arrest…
-
EU identity fraud up 88%, report finds
First seen on scworld.com Jump to article: www.scworld.com/brief/eu-identity-fraud-up-88-report-finds
-
Boards Leave CISOs Exposed to Legal Risks
Attorney Jonathan Armstrong Says Board Diversity Must Include Cybersecurity Skills. Many boards lack cybersecurity expertise, leaving CISOs exposed to legal risks. New fraud laws and AI regulations compound the challenge as security leaders struggle for boardroom support, said Jonathan Armstrong, partner at Punter Southall Law. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/boards-leave-cisos-exposed-to-legal-risks-a-28621
-
FBI Warns of BADBOX 2.0 Botnet Surge in Chinese Devices
Over 1 Million Infected Off-Brand Android Devices Pose Global Fraud Risk. A China-based botnet operation called BADBOX 2.0 has infected more than 1 million off-brand Android smart devices globally. In an alert, the FBI advised consumers to check their home networks for suspicious activity that could be linked to multiple fraud schemes. First seen on…
-
Colossal breach exposes 4B Chinese user records in surveillance-grade database
Tags: breach, china, cybercrime, cybersecurity, data, data-breach, disinformation, exploit, finance, fraud, group, identity, infrastructure, insurance, intelligence, iphone, leak, mobile, organized, phishing, phone, threataccording to cybersecurity firm Cybernews, which reported its findings based on its own research.What makes this breach particularly alarming isn’t just its size, though at four billion records, it’s believed to be the largest single-source leak of Chinese personal data ever found, it’s the breadth and depth of information that was exposed.According to the report, the researchers stumbled…
-
BADBOX 2.0 Malware Hits Over a Million Android Devices in Global Cyber Threat
HUMAN’s Satori Threat Intelligence and Research team, in collaboration with Google, Trend Micro, and Shadowserver, has uncovered and partially disrupted a massive cyber fraud operation named BADBOX 2.0. This operation, an evolved iteration of the original BADBOX malware disclosed in 2023, has infected over 1 million Android Open Source Project (AOSP) devices worldwide, marking it…
-
5 Takeaways from the “Detect Bad Intent Early” Webinar: How to Stop Fraud Before It Starts
Learn how leading security teams are shifting fraud detection upstream, using intent-based signals and AI-driven defenses to stop fraud before it ever reaches checkout. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/5-takeaways-from-the-detect-bad-intent-early-webinar-how-to-stop-fraud-before-it-starts/
-
AT&T Hit by Massive Reported Identity Data Leak – Again
Leaked Records Include Names, Decrypted Social Security Numbers and Addresses. Hackers have seemingly re-released a refined trove of 86 million AT&T records, including decrypted Social Security numbers and full identity data, heightening the risk of fraud and impersonation for tens of millions of users as researchers cite structural improvements in the dataset. First seen on…
-
Den Tarifchaos bei US-Zöllen nutzen Cyberkriminelle zunehmend für Online-Betrug
Laut einem kürzlich auf CNBC erschienen Bericht setzen Cyberkriminelle in den USA für Online-Betrug zunehmend auf einen neuen Ansatzpunkt: die hochfluide Zollpolitik der Regierung Trump. Gut getarnt als Einzelhändler, Lieferant oder Regierungsbehörde, versenden sie per E-Mail und SMS Fake-Zahlungsaufforderungen zur Begleichung angeblicher Zolltarife für Lieferungen und Dienstleistungen an Verbraucher und Unternehmen. Als die US-Regierung im…
-
Peak Traffic, Peak Threat: Defending E-Commerce During France’s Soldes Season
During France’s soldes, bot-driven fraud spikes. Unpack key attack trends and how DataDome helps retailers stay protected. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/peak-traffic-peak-threat-defending-e-commerce-during-frances-soldes-season/
-
UAE Central Bank Tells FIs to Drop SMS, OTP Authentication
Banking Sector Faces Challenges in Meeting March 2026 Compliance Deadline. The Central Bank of UAE has issued a directive asking financial institutions to eliminate weak authentication methods including SMS and email OTPs. Banks are also expected to implement real-time fraud monitoring and suspend sessions when malicious activity is detected. First seen on govinfosecurity.com Jump to…
-
BidenCash darknet forum taken down by US, Dutch law enforcement
The FBI and Dutch national police were among the law enforcement agencies that took down 145 domains linked to BidenCash, a cybercrime marketplace linked to millions of dollars in fraud since late 2022. First seen on therecord.media Jump to article: therecord.media/bidencash-cybercrime-darknet-market-takedown-us-netherlands
-
Australian Scam Losses Increase 28% in 2025
Number of Reports Is Down, But Citizens Lost AU$60 Million to Investment Scams. While the number of reported fraud cases is down, Australians lost 28% more money to online scams in the first four months of the year, compared to the same period in 2024. The Australian government’s National Anti-Scam Center said Monday that Australians…
-
The Calm Before the Storm? – First-Party-Fraud ist weltweit führende Betrugsform
Tags: fraudFirst seen on security-insider.de Jump to article: www.security-insider.de/ki-gestuetzte-betrugsmaschen-bericht-lexisnexis-a-bcea909441c7a6756a96022111fdfd18/
-
The Calm Before the Storm? – First-Party-Fraud ist weltweit führende Betrugsform
Tags: fraudFirst seen on security-insider.de Jump to article: www.security-insider.de/ki-gestuetzte-betrugsmaschen-bericht-lexisnexis-a-bcea909441c7a6756a96022111fdfd18/
-
Threat Actors Target PerimeterX CAPTCHA to Automate Microsoft Account Creation
A recent post on an underground forum has brought renewed attention to the escalating arms race between cybercriminals and anti-bot security vendors. The solicitation, offering USD 1,500 for a working bypass of PerimeterX (PX) anti-fraud protections”, specifically targeting the “hold CAPTCHA” on Microsoft’s signup.live.com”, highlights the growing commoditization and sophistication of CAPTCHA evasion toolkits. Exploiting…
-
Monster Mitigates Malicious Traffic Fake Accounts with DataDome’s AI-Powered Protection
By eliminating click fraud, blocking job scrapers, stopping fake accounts, and reducing DevOps workload, Monster safeguarded its revenue, improved the platform’s integrity, and freed up engineering resources thanks to DataDome First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/monster-mitigates-malicious-traffic-fake-accounts-with-datadomes-ai-powered-protection/
-
Was ist BusinessMail-Compromise
Business-E-Mail-Compromise, kurz BEC, ist eine raffinierte Form des Cyberbetrugs, bei dem Angreifer legitime geschäftliche E-Mail-Kommunikation manipulieren oder fälschen, um Unternehmen zu finanziellen oder datentechnischen Verlusten zu bringen. Was passiert bei BEC? Beim Business-E-Mail-Compromise, auch häufig als CEO-Fraud bzw. Chef-Betrug, bezeichnet gibt sich ein Cyberkrimineller meist als eine vertrauenswürdige Person innerhalb des Unternehmens aus […]…
-
BEC- und FTF-Angriffe größte Cybergefahr in 2024
Betrug bei geschäftlichen E-Mails unter dem Begriff Business Email Compromise (BEC) zusammen gefasst sowie Funds Transfer Fraud (FTF) sind die Cyberbedrohungen, die im Jahr 2024 die größten Schäden verursacht haben. Dies geht aus einem Bericht von KnowBe4 hervor, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/01/bec-und-ftf-angriffe-groesste-cybergefahr-in-2024/
-
UK banks urged to beef up anti-fraud systems for international payments
Data reveals ‘notable increase’ in scammers tricking people into sending money abroadUK banks and payment firms have been urged to strengthen their anti-fraud systems for international payments after a rise in scammers tricking people into sending money abroad.After years of horror stories about people losing huge sums through bank transfer scams, rules came into force…
-
US medical org pays $50M+ to settle case after crims raided data and threatened to swat cancer patients
Cash splashed on damages, infrastructure improvements, and fraud monitoring First seen on theregister.com Jump to article: www.theregister.com/2025/05/30/fred_hutch_cancer_center_commits/
-
US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator
The U.S. sanctioned Funnull Technology and Liu Lizhi for aiding romance scams that caused major crypto losses through fraud infrastructure. The U.S. Department of Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Philippines-based company Funnull Technology Inc. and its admin Liu Lizhi for enabling romance scams, causing $200M in U.S. victim losses. A romance scam…