Tag: scam
-
Hackers Abuse Apple PayPal Invoice Emails in DKIM Replay Attack Campaign
A sophisticated way to bypass email security by weaponizing legitimate messages from trusted companies like Apple and PayPal. These attacks, known as DKIM replay attacks, exploit email authentication systems to deliver scams that appear completely authentic. The technique is deceptively simple. Attackers create accounts on platforms like Apple’s App Store or PayPal and manipulate user-controlled…
-
Hackers Use Signal QR Codes to Spy on Military and Political Leaders
Hackers are using Signal QR codes and fake support scams to spy on military and political leaders, German security agencies warn. First seen on hackread.com Jump to article: hackread.com/hackers-signal-qr-codes-spy-on-military-political-leaders/
-
Social Media Platforms Earn Billions from Scam Ads
Tags: scamRevolut claims social media sites make £3.8bn annually from scam ads targeting European users First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/social-media-platforms-billions/
-
Cybersquatting Attacks Exploit Trusted Brands to Steal Customer Data and Spread Malware
The nightmare scenario for any modern business is simple but devastating: scammers clone your website, steal your domain identity, and rob your customers. By the time the complaints roll in, the money is gone, and your reputation is left in tatters. This practice, known as cybersquatting, is no longer just a nuisance it is a…
-
New Telegram Phishing Scam Hijacks Login Flow to Steal Fully Authorized User Sessions
A new and sophisticated Telegram phishing operation is active in the wild, targeting users globally by hijacking the platform’s legitimate authentication features. Unlike traditional phishing, which often relies on malware or cloning login pages to steal passwords, this campaign integrates directly with Telegram’s official infrastructure. The attackers register their own Telegram API credentials (api_id and api_hash) and…
-
Romanian rail workers accused of bribery turned to ChatGPT for legal tips
Corruption probe takes detour as staff facing trial reportedly asked AI if seat-blocking scams caused financial damage First seen on theregister.com Jump to article: www.theregister.com/2026/02/06/romanian_rail_workers_chatgpt/
-
Fake Dubai Crown Prince tracked to Nigerian mansion after $2.5M romance scam
Tags: scamWhen a Romanian businesswoman fell for a fake Dubai Crown Prince in a $2.5 million romance scam, investigators tracked the fraudster to his Nigerian mansion – only to discover he was masquerading as a campaigning philanthropist. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/fake-dubai-crown-prince-tracked-to-nigerian-mansion-after-2-5m-romance-scam
-
Hackers Exploit Free Firebase Accounts to Launch Phishing Campaigns
A new wave of phishing campaigns where scammers are abusing Google’s legitimate infrastructure to bypass security filters. Attackers are now creating free developer accounts on Google Firebase to send fraudulent emails that impersonate well-known brands. By leveraging the reputation of the Firebase domain, these attackers are successfully landing in users’ inboxes, bypassing standard spam detection…
-
Why Attackers no Longer Need to Break in: The Rise of Identity-Based Attacks
In 2026 stolen credentials and unmanaged machine identities drive breaches”, small buys, phone scams, and weak IAM make identity the real perimeter; prioritize inventory, least privilege, and stronger auth. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/why-attackers-no-longer-need-to-break-in-the-rise-of-identity-based-attacks/
-
ChatGPT-Verbesserung durch Malewarebytes: Erkennung von Scams, Malware und Online-Risiken
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/chatgpt-verbesserung-malewarebytes-erkennung-scams-malware-online-risiken
-
Common Crypto Scams and How to Protect Your Funds in 2026
Crypto scams are surging worldwide, from pig butchering to fake trading platforms and deepfakes, draining victims while fraud teams struggle to keep up. First seen on hackread.com Jump to article: hackread.com/common-crypto-scams-protect-funds-2026/
-
New 3-Step Malvertising Chain Exploits Facebook Ads to Promote Tech Support Scam Kit
A new, sophisticated malvertising campaign targeting users in the United States. This attack leverages Facebook’s massive paid advertising platform to lure victims into a tech support scam (TSS) kit. The campaign is notable for its rapid infrastructure rotation and a distinct three-step redirection chain designed to bypass standard security filters. The attack begins with a…
-
Chinese Money Laundering Jargon via Google’s Gemini
After having a short discussion with Gemini about Chinese Money Laundering, I could tell we weren’t quite connecting on my Mandarin-assistance requests, so I shared an example post from a Telegram “Crime-as-a-Service” group that was part of a Chinese Guarantee Syndicate. For context, these posts were made in the Tudou Guarantee Syndicate’s group dedicated to…
-
How deepfake scams are fueling a new wave of fraud
<div cla Scammers are using deepfake technology to replicate your child’s voice in a kidnapping hoax, catfish with AI-generated video dates, and impersonate executives to steal millions. Learn how to spot deepfake fraud, and use Avast Deepfake Guard to help verify what’s real before it’s too late. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/how-deepfake-scams-are-fueling-a-new-wave-of-fraud-2/
-
GhostChat Malware Locks Victims’ Devices, Demands Passcodes for Restoration
A new Android spyware campaign that uses romance scams and fake chat profiles to spy on users in Pakistan. The malicious app, named GhostChat and detected as Android/Spy.GhostChat.A, disguises itself as a dating chat platform but is actually built for data theft and surveillance. Instead of being listed on Google Play, it is distributed as…
-
Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins
A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials. First seen on hackread.com Jump to article: hackread.com/phishing-scam-emails-pdfs-steal-dropbox-logins/
-
CTM360 Report Warns of Global Surge in Fake High-Yield Investment Scams
Tags: scamFake high-yield investment platforms are surging worldwide, promising “guaranteed” returns that mask classic Ponzi schemes.CTM360 explains how HYIP scams scale through social media, recycled templates, and referral abuse. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ctm360-report-warns-of-global-surge-in-fake-high-yield-investment-scams/
-
Jeffrey Epstein Had a ‘Personal Hacker,’ Informant Claims
Plus: AI agent OpenClaw gives cybersecurity experts the willies, China executes 11 scam compound bosses, a $40 million crypto theft has an unexpected alleged culprit, and more. First seen on wired.com Jump to article: www.wired.com/story/security-news-this-week-jeffrey-epstein-had-a-personal-hacker-informant-claims/
-
Cloud storage payment scam floods inboxes with fake renewals
Over the past few months, a large-scale cloud storage subscription scam campaign has been targeting users worldwide with repeated emails falsely warning recipients that their photos, files, and accounts are about to be blocked or deleted due to an alleged payment failure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cloud-storage-payment-scam-floods-inboxes-with-fake-renewals/
-
GhostChat Spyware Targets Android Users Through WhatsApp, Steals Sensitive Data
A sneaky Android spyware called GhostChat, which tricks Pakistan-based users with romance scams via WhatsApp. The malware grabs sensitive data like contacts, photos, and files from victims’ devices. Threat actors pose as dating apps to hook targets. GhostChat mimics a legit chat platform named >>Dating Apps without payment,<< stealing its icon for trust. Users must…
-
Threat Actors Hide Behind School-Themed Domains In Newly Uncovered Bulletproof Infrastructure
A sophisticated traffic distribution system (TDS) hiding behind education-themed domains. The operation uses bulletproof hosting to deliver phishing pages, scams, and malware files. Analysts triaged a first-stage JavaScript loader from hxxps[:]//toxicsnake-wifes[.]com/promise/script.js. This revealed a commodity cybercrime farm routing victims to harmful payloads. The main domain, toxicsnake-wifes[.]com, acts as a TDS node. It injects db.php with…
-
US Sentences Chinese National for Role in $36.9 Million Crypto Scam
A Chinese national has been sentenced for his role in a massive $36.9 million cryptocurrency scam operated from… First seen on hackread.com Jump to article: hackread.com/us-sentences-chinese-man-crypto-scam/
-
New Microsoft Teams feature will let you report suspicious calls
Microsoft plans to introduce a call reporting feature in Teams by mid-March, allowing users to flag suspicious or unwanted calls as potential scams or phishing attempts. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/new-microsoft-teams-feature-will-let-you-report-suspicious-calls/
-
Why Protecting Your Phone Number Matters for Online Security
Learn why phone numbers are critical to online security, how they’re exposed, and practical steps to reduce misuse, scams, and account takeover risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/why-protecting-your-phone-number-matters-for-online-security/
-
News brief: Email scams highlight need for employee vigilance
Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366637664/News-brief-Email-scams-highlight-need-for-employee-vigilance
-
A fake romance turns into an Android spyware infection
ESET researchers have identified an Android spyware campaign that uses romance scam tactics to target individuals in Pakistan. The operation relies on a malicious app … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/29/ghostchat-android-romance-spyware/
-
I’m a tech-savvy zillennial who knows how to safeguard against hacking. Scammers still managed to get me | Caitlin Cassidy
Had I received any suspicious text messages claiming to be from my bank, the fraud team asked. Had I clicked on the links? My stomach dropped<ul><li>Get our <a href=”https://www.theguardian.com/email-newsletters?CMP=cvau_sfl”>breaking news email, <a href=”https://app.adjust.com/w4u7jx3″>free app or <a href=”https://www.theguardian.com/australia-news/series/full-story?CMP=cvau_sfl”>daily news podcast</li></ul>The scariest part about getting scammed was not realising it was happening in the first place.Perhaps naively,…