Tag: scam
-
Phishers Pose as Palo Alto Networks’ Recruiters for Months in Job Scam
A series of campaigns that began in August aim to defraud job candidates, using psychological tactics and data scraped from LinkedIn profiles. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/phishers-pose-palo-alto-networks-recruiters-job-scam
-
Fake OpenClaw Token Giveaway Targets GitHub Devs with Wallet-Draining Scam
OX Security reveals a new phishing campaign targeting GitHub developers. Scammers use fake OpenClaw token giveaways to trick users into connecting and draining their crypto wallets First seen on hackread.com Jump to article: hackread.com/fake-openclaw-token-github-devs-wallet-drainer-scam/
-
Scam compounds hiring >>AI models<< to seal the deal in deepfake video calls
Forced labor doesn’t play well on camera, so scam compounds are hiring women to deepfake their faces on video calls. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/scam-compounds-hiring-ai-models-to-seal-the-deal-in-deepfake-video-calls/
-
Google Forms Job Scam Spreads PureHVNC Malware
A newly observed malware campaign is leveraging trusted platforms like Google Forms to distribute the PureHVNC Remote Access Trojan (RAT), marking a shift in how attackers initiate infections. Rather than relying on traditional phishing emails or malicious websites, threat actors are using business-themed lures such as job interviews, project proposals, and financial documents to trick…
-
Ex-US Soldier Among 3 Sentenced for DPRK IT Worker Scam
IT Worker Scheme, Laptop Farm Siphon Funds Back to North Korea. A U.S. federal judge sentenced a now-former Army soldier to one year in prison Friday for renting his identity to North Korean IT workers who used it to collect more than $193,000 in salaries from American companies. Also sentenced were two California men who…
-
Google Reinvents Android Sideloading to Thwart Scammers
Google is adding a stricter sideloading process on Android, preserving app installs from outside Google Play while making scam-driven abuse harder. The post Google Reinvents Android Sideloading to Thwart Scammers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-google-android-sideloading-security-changes/
-
The March Madness scam playbook
Tags: scamFans aren’t the only ones who show up for March Madness. Here’s how to spot all the different scams that turn up to major sporting events. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-march-madness-scam-playbook/
-
Tax Scam Google Ads Push BYOVD EDR Killer, Huntress Finds
Tax-themed Google Ads are being weaponized to deliver a BYOVD-based EDR killer, with Huntress linking a large-scale malvertising campaign to rogue ScreenConnect deployments and a vulnerable Huawei audio driver used to blind endpoint defenses before hands-on-keyboard activity. Sponsored Google Ads for queries such as “W2 tax form” and “W”‘9 Tax Forms 2026” led to realistic…
-
Tax Scam Google Ads Push BYOVD EDR Killer, Huntress Finds
Tax-themed Google Ads are being weaponized to deliver a BYOVD-based EDR killer, with Huntress linking a large-scale malvertising campaign to rogue ScreenConnect deployments and a vulnerable Huawei audio driver used to blind endpoint defenses before hands-on-keyboard activity. Sponsored Google Ads for queries such as “W2 tax form” and “W”‘9 Tax Forms 2026” led to realistic…
-
International police Operation Alice take down 373,000 dark web sites exploiting children
Operation Alice: Police dismantle a massive dark web network with 373,000 fake sites luring users seeking child sexual abuse material. An international law enforcement operation, code named Operation Alice, shut down one of the largest dark web scams, uncovering over 373,000 fake sites tricking users seeking child sexual abuse content. The operation, first investigated in…
-
Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme
Fake “trusted sender” labels can mislead users, as scammers embed them into email bodies to disguise phishing emails and create a false sense of security. The post Fake ‘Trusted Sender’ Labels Misused in New Apple Mail Phishing Scheme appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-mail-trusted-sender-phishing-scam/
-
Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme
Apple Mail’s “trusted sender” label can mislead users, as scammers exploit it to disguise phishing emails and create a false sense of security. The post Apple Mail’s ‘Trusted Sender’ Label Misused in New Phishing Scheme appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-apple-mail-trusted-sender-phishing-scam/
-
Police dismantle dark web network exploiting child sexual abuse material
International law enforcement agencies announced Friday dismantling one of the largest known networks of fraudulent platforms on the dark web, uncovering hundreds of thousands of fake websites used to scam users seeking child sexual abuse content. First seen on therecord.media Jump to article: therecord.media/police-dismantle-dark-web-network-exploiting-child-abuse-images
-
New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs
Cybersecurity researchers at Sublime Security have discovered a new scam that uses realistic, interactive JavaScript-based Zoom meeting invites to trick users into installing malware. First seen on hackread.com Jump to article: hackread.com/fake-zoom-meeting-invite-scam-windows-pc-malware/
-
New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs
Cybersecurity researchers at Sublime Security have discovered a new scam that uses realistic, interactive JavaScript-based Zoom meeting invites to trick users into installing malware. First seen on hackread.com Jump to article: hackread.com/fake-zoom-meeting-invite-scam-windows-pc-malware/
-
New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs
Cybersecurity researchers at Sublime Security have discovered a new scam that uses realistic, interactive JavaScript-based Zoom meeting invites to trick users into installing malware. First seen on hackread.com Jump to article: hackread.com/fake-zoom-meeting-invite-scam-windows-pc-malware/
-
New Fake Zoom Meeting Invite Scam Spreads Malware on Windows PCs
Cybersecurity researchers at Sublime Security have discovered a new scam that uses realistic, interactive JavaScript-based Zoom meeting invites to trick users into installing malware. First seen on hackread.com Jump to article: hackread.com/fake-zoom-meeting-invite-scam-windows-pc-malware/
-
Google slows Android sideloading to trip up scammers
Google’s advanced flow for Android changes how apps from unverified developers are installed, adding steps to reduce scam-driven sideloading. The feature is aimed at … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/20/android-advanced-flow-sideloading-steps/
-
Google Adds 24-Hour Wait for Unverified App Sideloading to Reduce Malware and Scams
Google on Thursday announced a new “advanced flow” for Android sideloading that requires a mandatory 24-hour wait period to install apps from unverified developers in an attempt to balance openness with safety.The new changes come against the backdrop of a developer verification mandate the tech giant announced last year that requires all Android apps to…
-
Cybercriminals are Winning with AI
AI has become the most powerful tool for financial fraud since the dawn of the Internet. As predicted, criminals are exploiting it faster, more effectively, and at scale. According to the latest Interpol Global Financial Fraud Report, AI-enhanced fraud is now 4.5 times more profitable than traditional schemes. That’s a significant shift and we’re still…
-
Smashing Security podcast #459: This clever scam nearly hijacked a tech CEO’s Apple ID
In episode 459 of Smashing Security, we dive into a chillingly clever account takeover attempt targeting WordPress co-founder Matt Mullenweg – involving MFA fatigue, real Apple alerts, a convincing support call, and a phishing page that oh-so-nearly worked. If a famous techie could have this happen to you, can you be sure you’re immune? First…
-
North Korea’s 100,000-strong fake IT worker army rake in $500M a year for Kim Jong Un
Researchers map full org chart of the scam from dodgy recruiters to helpful Western collaborators First seen on theregister.com Jump to article: www.theregister.com/2026/03/18/researchers_lift_the_lid_on/
-
Nordstrom’s email system abused to send crypto scams to customers
Customers of upscale department store chain Nordstrom received fraudulent messages from a legitimate company email address that promoted cryptocurrency scams disguised as a St. Patrick’s Day promotion. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/nordstroms-email-system-abused-to-send-crypto-scams-to-customers/
-
Crypto Scam ShieldGuard Dismantled After Malware Discovery
ShieldGuard Chrome extension posed as a crypto security tool but stole wallets and drained user data First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/crypto-scam-shieldguard-dismantled/
-
New ClickFix Scam Tricks Users Into Mapping Hacker-Controlled Drives
A new ClickFix scam tricks Windows users into running hidden commands that map hacker-controlled drives and load malware… First seen on hackread.com Jump to article: hackread.com/clickfix-scam-users-mapping-hacker-controlled-drives/
-
FBI Intensifies Crackdown on Thai Scam Centers Targeting Americans
The first contact often seems harmless, a friendly message, casual conversation, or even a budding online romance. But for many Americans, these interactions mark the beginning of a devastating financial scam. Authorities say these crimes trace back to organized scam centers in Southeast Asia. Now, the FBI in Thailand is working closely with regional partners…
-
Georgian Charged for Running Phishing Scam Targeting NBA, NFL Players, While in Federal Custody
Kwamaine Jerell Ford First seen on thecyberexpress.com Jump to article: thecyberexpress.com/phishing-scam-targeting-pro-athletes/
-
Sears Exposed AI Chatbot Phone Calls and Text Chats to Anyone on the Web
Customer conversations with chatbots can include contact information and personal details that make it easier for scammers to launch phishing attacks and commit fraud. First seen on wired.com Jump to article: www.wired.com/story/sears-exposed-ai-chatbot-phone-calls-and-text-chats-to-anyone-on-the-web/
-
Zero lessons learned: Convicted scammer allegedly ran another athlete-focused phishing scam from federal prison
Kwamaine Jerell Ford allegedly impersonated an adult film star and tricked his high-profile victims into sharing their iCloud credentials and MFA codes under false pretenses. First seen on cyberscoop.com Jump to article: cyberscoop.com/nba-nfl-athletes-social-engineering-scheme-apple-icloud-mfa/
-
Big Tech Unites: Industry Giants Sign Global Accord to Combat AI-Driven Scams
In a rare display of unified defense, eight of the world’s most powerful technology firms have signed a landmark pact to disrupt the global scam networks currently siphoning billions of dollars from consumers. The Online Services Accord Against Scams signed by Google, Amazon.com Inc., Microsoft Corp., Meta Platforms Inc., OpenAI, LinkedIn, Adobe Inc., and Match..…