Tag: scam
-
Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals
The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities.”This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a new report shared with The Hacker News.” First seen…
-
Fake Google Security Alert Hides a Phishing Scam
A developer reported the scam after noticing a slight discrepancy in the email address. The scam passed Google’s own DKIM checks. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-oauth-scam/
-
FBI: Scammers pose as FBI IC3 employees to ‘help’ recover lost funds
The FBI warns that scammers posing as FBI IC3 employees are offering to “help” fraud victims recover money lost to other scammers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-scammers-pose-as-fbi-ic3-employees-to-help-recover-lost-funds/
-
New payment-card scam involves a phone call, some malware and a personal tap
A new payment card scam uses malware disguised as a security tool or verification utility to capture card details and access funds. First seen on therecord.media Jump to article: therecord.media/new-payment-card-scam-involves-malware-tap
-
The Witcher 4 Scam-Alarm: Phishing-Falle tarnt sich als Beta-Test-Einladung
CD Projekt klärt aktuell auf: Hinter angeblichen Testeinladungen zu The Witcher 4 steckt eine Phishing-Kampagne. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/gaming/the-witcher-4-scam-alarm-phishing-falle-tarnt-sich-als-beta-test-einladung-313417.html
-
Microsoft Prevents Billions of Dollars in Fraud and Scams
Microsoft has reported significant strides in thwarting financial fraud across its ecosystem. From April 2024 to April 2025, the tech giant managed to prevent approximately $4 billion in fraudulent transactions, a testament to its robust anti-fraud measures and AI-driven defenses. AI-Enhanced Cyber Threats and Microsoft’s Defense The evolution of AI has inadvertently lowered the entry…
-
Cryptohack Roundup: $7M KiloEx Theft
Also: A $40M Block Penalty, US SEC Guidance on Crypto Laws. This week, a KiloEx exploit, Block fined $40M, U.S. Securities and Exchange Commission guidance on crypto laws, Senate Democrats slammed NCET disbandment, $4.3M scam disrupted, guilty plea in $3.3M tax evasion and a South Korea ban on crypto apps. First seen on govinfosecurity.com Jump…
-
CTM360 Tracks Global Surge in SMS-Based Reward and Toll Scams
Thousands tricked by fake reward & toll scam texts. CTM360 exposes PointyPhish & TollShark”, SMS phishing campaigns powered by the Darcula PhaaS platform, with 5K+ domains stealing payment info worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ctm360-tracks-global-surge-in-sms-based-reward-and-toll-scams/
-
Google blocked over 5 billion ads in 2024 amid rise in AI-powered scams
Google blocked 5.1 billion ads and suspended more than 39.2 million advertiser accounts in 2024, according to its 2024 Ads Safety Report released this week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/google/google-blocked-over-5-billion-ads-in-2024-amid-rise-in-ai-powered-scams/
-
WhatsApp Job Offer Scam Targets Job Seekers in New Phishing Attack
A new form of phishing attack is making waves among job seekers, as cybercriminals exploit WhatsApp and Meta’s trusted branding to lure victims into sophisticated job offer scams. Security experts warn that these attacks are not only increasing in frequency but have also become more elaborate, bypassing many traditional security layers and preying on those…
-
Social-Media-Konto einer britischen Politikerin gehackt
Minister’s X account hacked to promote crypto scam First seen on bbc.com Jump to article: www.bbc.com/news/articles/cr5drp0n8zjo
-
USPS Warns Public About Rising Mail, Email Scams”, How to Spot and Avoid Them
Discover how evolving USPS mail scams highlight growing cybersecurity risks. Learn how phishing, smishing, and brushing attacks threaten your personal data. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/usps-warns-mail-email-scams/
-
Hackers using AI-produced audio to impersonate tax preparers, IRS
Artificial Intelligence has supercharged an array of tax-season scams this year, with fraudsters using deepfake audio and other techniques to trick taxpayers into sending them money and financial documents. First seen on therecord.media Jump to article: therecord.media/hackers-use-ai-audio-to-impersonate-irs-tax-scams
-
Smishing Campaign Hits Toll Road Users with $5 Payment Scam
Cybersecurity researchers at Cisco Talos have uncovered a large-scale smishing campaign targeting toll road users across the United States. The campaign, which has been active since October 2024, impersonates toll road payment services, luring unsuspecting victims into revealing their personal and financial information through fraudulent payment requests. The Scam Unveiled The smishing campaign revolves around…
-
The Most Dangerous Hackers You’ve Never Heard Of
From crypto kingpins to sophisticated scammers, these are the lesser-known hacking groups that should be on your radar. First seen on wired.com Jump to article: www.wired.com/story/most-dangerous-hackers-youve-never-heard-of/
-
Smishing Triad: The Scam Group Stealing the World’s Riches
Millions of scam text messages are sent every month. The Chinese cybercriminals behind many of them are expanding their operations”, and quickly innovating. First seen on wired.com Jump to article: www.wired.com/story/smishing-triad-scam-group/
-
Breach Roundup: Port of Seattle Notifies 90,000 Victims
Also, Oracle Denies Cloud Breach, Blames Hack on Obsolete Servers. This week, Port of Seattle notified victims, Oracle blamed hack on obsolete servers, Google and Microsoft released April patches, WK Kellogg breached, six arrested in Spain for AI-investment scam, Scattered Spider’s King Bob pleaded guilty, SmokeLoader users busted. First seen on govinfosecurity.com Jump to article:…
-
Spirit of openness helps banks get serious about stopping scams
Recent announcements show that banks, financial services firms and IT companies are increasing efforts to curb online scams First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622166/Spirit-of-openness-helps-banks-get-serious-about-stopping-scams
-
Unraveling the U.S. toll road smishing scams
Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/unraveling-the-us-toll-road-smishing-scams/
-
Cyberbedrohungslage in Europa spitzt sich zu
Ein neuer Report belegt: Geopolitische Spannungen treiben Hacktivismus in die Höhe besonders die Ukraine steht im Fokus. Gleichzeitig boomt das Geschäft mit Ransomware-as-a-Service, das um 44 Prozent gewachsen ist. Zudem verzeichnet Europa einen starken Anstieg an Betrugsdelikten: 34 Prozent aller weltweiten Scams richteten sich gegen Finanzdienstleister in der Region. First seen on itsicherheit-online.com Jump to…
-
Smashing Security podcast #412: Signalgate sucks, and the quandary of quishing
QR codes are being weaponised by scammers, so maybe think twice before scanning that parking meter. And in a blunder so dumb it makes autocorrect look smart, the White House explains how it leaked war plans on Signal because an iPhone mistook a journalist for a government insider. First seen on grahamcluley.com Jump to article:…
-
Threat Actors Exploit Messaging Services as Lucrative Cybercrime Platforms
Threat actors are exploiting weaknesses in SMS verification systems to generate massive, fraudulent message traffic, costing businesses millions. This type of fraud involves artificially triggering SMS verification requests by creating numerous synthetic identities or using automated bots, thereby inflating the SMS traffic to exploit billing systems. Mechanics of SMS Pumping Fraudsters initiate this scam by…
-
Who’s calling? The threat of AI-powered vishing attacks
AI is making voice phishing (vishing) more dangerous than ever, with scammers cloning voices in seconds to trick employees into handing over their credentials. Learn how to defend your organization with Specops Secure Service Desk. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/whos-calling-the-threat-of-ai-powered-vishing-attacks/
-
Over £18m stolen from Santander UK customers in first three months of year
Bank’s latest quarterly report on scams said over £18m was stolen from its UK customers by scammers First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366622214/Over-18m-stolen-from-Santander-UK-customers-in-first-three-months-of-year
-
Australian regulator pulls licenses of 95 companies in effort to crack down on investment scams
Tags: scamA federal judge approved the immediate deregistration of 93 of the companies in an order on March 21. Two others will be wound up over time because they have “meaningful” assets. First seen on therecord.media Jump to article: therecord.media/australia-pulls-95-company-licenses-scam-crackdown
-
Six arrested for AI-powered investment scams that stole $20 million
Spain’s police arrested six individuals behind a large-scale cryptocurrency investment scam that used AI tools to generate deepfake ads featuring popular public figures to lure people. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/six-arrested-for-ai-powered-investment-scams-that-stole-20-million/
-
Smishing Triad Fuels Surge in Toll Payment Scams in US, UK
A rise in smishing campaigns impersonating toll service providers has been linked to China’s Smishing Triad First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smishing-triad-toll-payment-scams/
-
PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets
A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets. Silent Push researchers warn of a malicious PoisonSeed campaign that uses stolen CRM and bulk email provider credentials to send crypto seed phrase spam. Victims are tricked into importing compromised seed phrases into…