CySecurity News - Latest Information Security and Hacking Incidents: Cyber Fraud

Clickjacking Cyber Fraud Fake Captcha Malicious Campaign User Security

New “Double-Clickjacking” Threat Revealed: Security Settings at Risk

Cybersecurity experts are raising alarms about a new twist on the classic clickjacking attack technique. Paulos Yibelo, a security engineer at Amazon, has uncovered a variant called “double-clickjacking,” capable of disabling security settings, deleting accounts, or even taking over existing ones. This novel approach reignites concerns over online safety, urging users to be cautious when interacting with websites.

Clickjacking is a malicious tactic where hackers manipulate user clicks on one website to trigger unintended actions on another. For instance, a user might think they are clicking a button to navigate a site but inadvertently perform an action, such as making a purchase, on an entirely different platform.

Double-clickjacking takes this concept further by introducing an additional click. This adaptation helps attackers bypass modern browser protections that no longer deliver cross-site cookies. According to Yibelo, this seemingly minor tweak “opens the door to new UI manipulation attacks that bypass all known clickjacking protections.”

In documented cases, hackers lure victims to phishing websites, often disguised with a standard CAPTCHA verification process. Instead of typing text or identifying objects in images, users are prompted to double-click a button to prove they are human.

Here’s where the attack takes place:

First Click: The user closes the top window, seemingly completing the CAPTCHA process.
Second Click: This click is redirected to a sensitive page, such as an OAuth authorization or account settings page. The victim unknowingly confirms permissions, disables security features, or performs other critical actions.

Yibelo explains that this subtle manipulation is effective against many popular websites, allowing attackers to gain OAuth and API authorizations. The attack can also facilitate one-click account modifications, including disabling security settings, deleting accounts, authorizing money transfers, and verifying sensitive transactions. Even browser extensions are not immune to this method.

The Implications for Online Security

The resurgence of clickjacking attacks, now enhanced by the double-click variant, poses significant risks to both individual and organizational security. By exploiting common website interfaces and leveraging seemingly harmless CAPTCHA verifications, attackers can easily gain unauthorized access to sensitive information and functionalities.

Yibelo’s findings serve as a stark reminder of the evolving nature of cybersecurity threats. Websites must remain vigilant, regularly updating their defenses to counter these new manipulation techniques.

How to Stay Safe

Cybersecurity professionals recommend the following precautions to minimize the risk of falling victim to double-clickjacking:

Verify Websites: Always ensure you are on a legitimate website before interacting with any CAPTCHA or button.
Update Software: Keep browsers and extensions up-to-date with the latest security patches to reduce vulnerabilities.
Use Anti-Phishing Tools: Enable browser settings or software designed to detect and block phishing sites.
Be Skeptical: Avoid double-clicking buttons on unfamiliar sites, especially if prompted during unexpected verifications.

As cyber threats continue to evolve, user awareness remains a critical line of defense. The discovery of double-clickjacking highlights the importance of staying informed and cautious while navigating the digital world. By adopting secure browsing habits and staying vigilant, individuals and organizations can protect themselves against this emerging attack vector.

Watch Out: Fake Game Invites on Discord Are Stealing Your Personal Data



 

online games

Cookies Cyber Fraud Discord Email malware online games

Watch Out: Fake Game Invites on Discord Are Stealing Your Personal Data

There is a new online scam, where cyber criminals trick people into downloading harmful software under the pretext of beta testing a game. This campaign targets people on platforms such as Discord, email, and even text messages, aiming at stealing personal information and compromising accounts online.

How does this work?

The scam starts by sending a harmless message. In this case, a user on Discord or elsewhere receives a direct message from a purported game developer claiming to have sent them a new game to play. The user is asked whether they would want to try the supposed game. In most cases, these messages come from compromised accounts, so the request seems all the more real.

If the victim consents, the attacker shares a download link and password to the target so that they can actually access and start downloading the game file. These links are usually Dropbox or even Discord's network because most malware authors upload their creations to an existing, popular platform. But what users download aren't games-these are referred to as information stealers.

What Do These Malware Applications Do?

Once installed, these programs, such as Nova Stealer, Ageo Stealer, or Hexon Stealer, begin extracting sensitive data. This may include:

1. Saved browser passwords

2. Session cookies for services like Discord or Steam

3. Wallet information for cryptocurrencies

4. Credit card information

6. Two-factor authentication (2FA) backup codes

The Nova Stealer and Ageo Stealer are the new wave called Malware-as-a-Service (MaaS). This enables cybercriminals to rent these tools to conduct attacks. Nova Stealer even leverages a feature called a Discord webhook, allowing it to send information directly to hackers so they could know right away how much data had been stolen and not have to manually check.

Another tool that is used in these scams is the Hexon Stealer. It is a highly dangerous tool since it can gather a wide variety of personal information. Using such information, it hacks into Discord accounts and enables the attackers to send similar fake messages to the contacts of the victim, thereby further spreading the malware.

Why Do Hackers Target Discord?

The main focus of these attacks is the Discord credentials. When hackers get access to a person's account, they can pretend to be that person, deceive their friends, and expand their network of victims. This cycle of exploitation of trust makes the scam so effective.

How to Identify Fake Game Websites

Fake download pages are usually built using common web templates. Such sites appear legitimate but host malware. Among them are the following:

dualcorps[.]fr
leyamor[.]com
crystalsiege[.]com
mazenugame[.]blogspot.com

These sites are hosted on platforms that are resistant to takedown requests, making it difficult for researchers to shut them down. If one site is removed, attackers can quickly set up a new one.

How Can You Protect Yourself?

To keep yourself safe, follow these simple guidelines:

1. Be cautious with unsolicited messages: If someone you don’t know—or even a known contact—sends a download link, verify its authenticity through another platform.

2. Avoid downloading unknown files: Don’t download or install anything unless you’re certain it’s legitimate.

3. Use updated security software: An active anti-malware program can block known threats.

4. Be watchful of phony websites: Be on the lookout for amateurism or copy-and-paste designs when viewing suspicious sites.

In the end, this scamming attack is meant to reap a financial reward; it may come in the form of stolen cryptocurrency, credit card information, or other sensitive details. Knowing how this attack works can help you safeguard your data from cybercrime attacks.

Stay informed and be careful—your online safety depends on it.

Milwaukee Residents Warned of Parking Ticket Scam



 

User Security

Cyber Fraud Email scam Fraudulent Scheme Milwaukee User Security

Milwaukee Residents Warned of Parking Ticket Scam

A fraudulent text message claiming to notify residents about an overdue City of Milwaukee parking penalty has been flagged as a scam and should be deleted, city authorities announced earlier this week.

According to Ald. Lamont Westmoreland, the scam operates by sending recipients a text message stating that a parking ticket must be resolved to avoid late charges. The message urges recipients to click on a link.

Westmoreland warned that clicking the link could expose the user’s phone to malware or ransomware. He also advised anyone who has shared credit or debit card information through the scam to contact their financial institution immediately to ensure their accounts are secure.

The fraudulent text message includes the city’s logo and seal, along with a URL containing “milwaukee.com,” according to a screenshot shared by Westmoreland. These elements make the message appear legitimate, increasing the likelihood of deception.

City's Official Statement

The Department of Public Works clarified that the city does not issue parking penalties via text message. Official tickets are delivered either by registered mail or by being physically placed on the vehicle.

The department urged residents not to click on links or share personal information in response to such messages. Victims of the scam are encouraged to report the incident to the Milwaukee Police Department.

If you have questions about parking tickets, you can contact the city directly at 414-344-0840. Ald. Westmoreland expressed disappointment over the scam, stating: “It’s really sad that scammers are resorting to using what appears to be a legit city source to run a scam like this, but it is not surprising.”

RBI Report Highlights Rising Fraud Incidents and Financial Impact



 

RBI report

bank frauds banking fraud statistics Cyber Fraud Digital Fraud digital lending financial risk Internet Fraud mule accounts private sector banks public sector banks RBI report

RBI Report Highlights Rising Fraud Incidents and Financial Impact

The Reserve Bank of India (RBI) has revealed a significant rise in bank fraud cases during the first half of the current fiscal year. According to the Report on Trend and Progress of Banking in India 2023-24, fraud cases from April to September reached 18,461, involving a staggering ₹21,367 crore. This reflects a sharp increase compared to 14,480 cases amounting to ₹2,623 crore during the same period last year.

The Reserve Bank of India (RBI) report reveals a significant 28% rise in fraud incidents and an eight-fold increase in the financial impact during 2023-24. These frauds pose critical challenges, including reputational, operational, and financial risks, alongside the erosion of customer trust in the banking system.

Trends in Internet and Card-Related Frauds

Internet and card-related frauds have emerged as the most prevalent, accounting for:

44.7% of Total Fraud Amounts: The highest share of financial losses.
85.3% of Reported Cases: A majority of the incidents in 2023-24.

Private sector banks were implicated in 67.1% of these cases, while public sector banks incurred the largest financial losses, especially in card and online fraud categories.

In response to the alarming increase in fraud, regulatory penalties for banks more than doubled in 2023-24, reaching ₹86.1 crore. Key contributors included:

Public and Private Sector Banks: Accounted for the majority of penalties.
Cooperative Banks: Witnessed a decline in regulatory penalties.

Addressing Fraud in Digital Lending

The RBI highlighted fraudulent schemes in the digital lending space, where perpetrators falsely claim associations with regulated entities. To combat this, the central bank is developing a public repository of verified digital lending apps.

“Many cases of digital fraud stem from social engineering attacks, but there is a growing trend of using mule accounts to facilitate these frauds,” the RBI noted in its report.

Enhancing Fraud Prevention Measures

The report underscored the need for banks to strengthen their fraud prevention mechanisms, particularly in:

Customer Onboarding: Enhancing verification processes to detect fraudulent accounts.
Transaction Monitoring: Improving systems to identify and prevent suspicious activities.

“This exposes banks not only to serious financial and operational risks but also to reputational risks. Banks, therefore, need to strengthen their customer onboarding and transaction monitoring systems to monitor unscrupulous activities,” the RBI emphasized.

Collaborative Efforts to Tackle Fraud

To curb systemic fraud, the RBI is collaborating with law enforcement agencies (LEAs) through:

Enhanced coordination and information sharing.
Improved transaction monitoring systems.
Best practices to control mule accounts and prevent digital fraud.

The RBI’s initiatives aim to fortify the financial system’s resilience against these evolving threats, ensuring greater security and trust in the banking sector.

New Two-Step Phishing Attack Exploits Microsoft Visio and SharePoint



 

SharePoint

Credential Theft Cyber Fraud Cyber Threats Microsoft 365 login Microsoft visio Phishing Attack Phishing Campaigns SharePoint

New Two-Step Phishing Attack Exploits Microsoft Visio and SharePoint

A novel two-step phishing strategy is targeting Microsoft Visio files (.vsdx) and SharePoint, signaling a new trend in cyber deception, according to experts. Researchers at Perception Point have noted a significant rise in attacks leveraging these previously uncommon .vsdx files.

These files act as delivery tools, directing victims to phishing pages that replicate Microsoft 365 login portals, aiming to steal user credentials.

The two-step phishing attacks employ layered techniques to evade detection. Rather than delivering harmful content directly, these campaigns use trusted platforms like Microsoft SharePoint to host files that appear legitimate. Attackers embed URLs within Visio files, which redirect victims to malicious websites when clicked, bypassing traditional email security systems.

Microsoft Visio, a popular tool for professional diagram creation, has now become a phishing vector. Cybercriminals send emails with Visio files from compromised accounts, often mimicking urgent business communications such as proposals or purchase orders. This tactic encourages recipients to act quickly, increasing the likelihood of success.

Since the emails come from stolen accounts, they often pass authentication checks and evade recipient security filters. In some cases, attackers include .eml files within the emails, embedding additional malicious URLs linked to SharePoint-hosted files.

The Visio files typically contain a clickable button labeled "View Document." Victims are instructed to press the Ctrl key while clicking the button to access the malicious URL. This step, requiring manual interaction, bypasses automated security systems that cannot simulate such behaviors.

Perception Point advises organizations to strengthen their defenses against sophisticated phishing campaigns by adopting advanced threat detection solutions. Suggested measures include:

Dynamic URL analysis to identify harmful links.
Object detection models to flag suspicious files.
Enhanced authentication mechanisms to reduce the impact of compromised accounts.

Protect Yourself from Zelle Scams: Prevention Tips and Recovery Steps



 

Zelle phishing scams

Consumer Financial Protection Bureau Cyber Fraud online money transfer scams Zelle fraud Zelle phishing scams

Protect Yourself from Zelle Scams: Prevention Tips and Recovery Steps

Zelle has become a popular choice for online money transfers due to its simplicity, zero fees, and support from over 1,700 banks. However, since its launch in June 2017, the peer-to-peer payment service has been plagued by fraud. On December 20, 2023, the Consumer Financial Protection Bureau (CFPB) filed a lawsuit against Early Warning Services, the consortium of banks that owns Zelle, alleging that it "failed to safeguard the Zelle network from fraud and other defects, which resulted in hundreds of millions of dollars in consumer losses."

Zelle allows users to send money instantly using only a recipient's phone number or email. While convenient, these irreversible transactions have made Zelle a prime target for scammers. In 2023, Zelle processed $180 billion in transactions in the first quarter alone, underscoring its widespread use.

Fraudsters primarily rely on social engineering, tricking users into authorizing payments.

Fake Payment Alerts: Scammers send messages pretending to confirm large transactions and then follow up with calls impersonating bank representatives.
Account Compromise Claims: Victims are pressured into transferring money under the pretense of securing their accounts.
Utility Company Impersonation: Criminals posing as service providers demand payments to avoid service interruptions.

Protecting Yourself from Zelle Scams

Avoid Unsolicited Messages: If you receive unexpected texts or emails claiming to be from your bank, contact the institution directly using official channels.
Watch for Urgency: Be cautious of threats or tight deadlines demanding immediate action.
Verify New Payment Requests: Always confirm with businesses or organizations before making payments to new recipients.
Never Share Two-Factor Authentication Codes: Legitimate institutions will never ask for these passcodes.
Use Zelle Only for Trusted Contacts: Limit payments to individuals or businesses you know personally.

If you fall victim to a Zelle scam, report it immediately to your bank to initiate an investigation. Recent changes in Zelle’s policy, including a reimbursement program for specific scam types, have helped some victims recover funds. However, if your bank denies reimbursement, filing a complaint with the CFPB is a potential recourse.

Zelle remains a convenient tool for quick payments, but users must remain vigilant against fraud. For additional resources, consider identity theft protection services and stay informed about emerging scam tactics.

AI Impersonations: Revealing the New Frontier of Scamming



 

Voice Cloning

AI Impersonation Cyber Fraud Deepfake User Security Voice Cloning

AI Impersonations: Revealing the New Frontier of Scamming

In the age of rapidly evolving artificial intelligence (AI), a new breed of frauds has emerged, posing enormous risks to companies and their clients. AI-powered impersonations, capable of generating highly realistic voice and visual content, have become a major threat that CISOs must address.

This article explores the multifaceted risks of AI-generated impersonations, including their financial and security impacts. It also provides insights into risk mitigation and a look ahead at combating AI-driven scams.

AI-generated impersonations have ushered in a new era of scam threats. Fraudsters now use AI to create unexpectedly trustworthy audio and visual content, such as vocal cloning and deepfake technology. These enhanced impersonations make it harder for targets to distinguish between genuine and fraudulent content, leaving them vulnerable to various types of fraud.

The rise of AI-generated impersonations has significantly escalated risks for companies and clients in several ways:

Enhanced realism: AI tools generate highly realistic audio and visuals, making it difficult to differentiate between authentic and fraudulent content. This increased realism boosts the success rate of scams.
Scalability and accessibility: AI-powered impersonation techniques can be automated and scaled, allowing fraudsters to target multiple individuals quickly, expanding their reach and impact.
Deepfake threats: AI-driven deepfake technology lets scammers create misleading images or videos, which can destroy reputations, spread fake news, or manipulate video evidence.
Voice cloning: AI-enabled voice cloning allows fraudsters to replicate a person’s voice and speech patterns, enabling phone-based impersonations and fraudulent actions by impersonating trusted figures.

Prevention tips: As AI technology evolves, so do the risks of AI-generated impersonations. Organizations need a multifaceted approach to mitigate these threats. Using sophisticated detection systems powered by AI can help identify impersonations, while rigorous employee training and awareness initiatives are essential. CISOs, AI researchers, and industry professionals must collaborate to build proactive defenses against these scams.

Protect Yourself from AI Scams and Deepfake Fraud



 

Payment Scams

AI Scams Cyber Fraud deepfake scams Financial Fraud Identity Theft Online Safety Online Security Payment Scams

Protect Yourself from AI Scams and Deepfake Fraud

In today’s tech-driven world, scams have become increasingly sophisticated, fueled by advancements in artificial intelligence (AI) and deepfake technology. Falling victim to these scams can result in severe financial, social, and emotional consequences. Over the past year alone, cybercrime victims have reported average losses of $30,700 per incident.

As the holiday season approaches, millennials and Gen Z shoppers are particularly vulnerable to scams, including deepfake celebrity endorsements. Research shows that one in five Americans has unknowingly purchased a product promoted through deepfake content, with the number rising to one in three among individuals aged 18-34.

Sharif Abuadbba, a deepfake expert at CSIRO’s Data61 team, explains how scammers leverage AI to create realistic imitations of influencers. “Deepfakes can manipulate voices, expressions, and even gestures, making it incredibly convincing. Social media platforms amplify the impact as viewers share fake content widely,” Abuadbba states.

Cybercriminals often target individuals as entry points to larger networks, exploiting relationships with family, friends, or employers. Identity theft can also harm professional reputations and financial credibility. To counter these threats, experts suggest practical steps to protect yourself and your loved ones. Scammers are increasingly impersonating loved ones through texts, calls, or video to request money.

With AI voice cloning making such impersonations more believable, a pre-agreed safe word can serve as a verification tool. Jamie Rossato, CSIRO’s Chief Information Security Officer, advises, “Never transfer funds unless the person uses your special safe word.” If you receive suspicious calls, particularly from someone claiming to be a bank or official institution, verify their identity.

Lauren Ferro, a cybersecurity expert, recommends calling the organization directly using its official number. “It’s better to be cautious upfront than to deal with stolen money or reputational damage later,” Ferro adds. Identity theft is the most reported cybercrime, making MFA essential. This adds an extra layer of protection by requiring both a password and a one-time verification code. Experts suggest using app-based authenticators like Microsoft Authenticator for enhanced security.

Real-time alerts from your banking app can help detect unauthorized transactions. While banks monitor unusual activities, personal notifications allow you to respond immediately to potential scams. The personal information and media you share online can be exploited to create deepfakes. Liming Zhu, a research director at CSIRO, emphasizes the need for caution, particularly with content involving children.

Awareness remains the most effective defense against scams. Staying informed about emerging threats and adopting proactive security measures can significantly reduce your risk of falling victim to cybercrime. As technology continues to evolve, safeguarding your digital presence is more important than ever. By adopting these expert tips, you can navigate the online world with greater confidence and security.

Bengaluru Techie Loses ₹11.8 Crore in “Digital Arrest” Scam Over 18 Days



 

Online Scam

Bengaluru cyber crime Cyber Fraud Cyber Fraudsters Digital Arrest digital arrest fraud Financial Scam Online Scam

Bengaluru Techie Loses ₹11.8 Crore in “Digital Arrest” Scam Over 18 Days

A Bengaluru software engineer recently fell victim to a complex cyber scam, losing ₹11.8 crore in just 18 days. The incident highlights the growing sophistication of cybercrimes in India, particularly in tech hubs like Bengaluru. The victim, whose identity remains private, has filed a complaint with the North-East Cyber, Economic, and Narcotics (CEN) police station, prompting an investigation into the case.

The scam began when the victim received a call from someone posing as an official from the Telecom Regulatory Authority of India (TRAI). The caller falsely claimed that a SIM card linked to the victim’s Aadhaar number was being used for illegal activities, including harassment and fraudulent advertisements. Soon after, another individual alleged that the victim’s Aadhaar had been misused to open a bank account involved in money laundering.

To add credibility to their claims, the fraudsters insisted the victim participate in a “virtual investigation” via Skype. Over several calls, they impersonated senior police officers and pressured him to transfer funds for so-called “verification purposes.” They further threatened legal action and arrest of the victim’s family if he failed to comply. Under these threats, the victim made multiple payments, starting with ₹75 lakh and eventually transferring a total of ₹11.8 crore to different accounts.

It was only after weeks of continuous coercion that he realized he had been deceived. Police have registered the case under relevant sections of the Information Technology Act and Bharatiya Nyaya Sanhita, including provisions related to cheating and impersonation. Investigators are now working to trace the accounts used by the fraudsters and identify those behind the scam. This case stands out not only because of the amount involved but also for its elaborate execution.

Cybercrime in Karnataka has been on the rise, with losses amounting to ₹2,047 crore as of November 2024, according to government data. Bengaluru alone accounted for ₹1,806 crore of these losses, reflecting the city’s vulnerability as an IT hub. Experts warn that cybercriminals are employing increasingly sophisticated methods to exploit unsuspecting victims. They often leverage fear, urgency, and advanced digital tools to create a false sense of legitimacy.

Public awareness campaigns and stronger cybersecurity measures are critical to addressing this growing menace. Authorities have urged citizens to remain cautious, especially when receiving unsolicited calls or emails. Sharing sensitive information such as Aadhaar details or transferring funds without verification can lead to devastating consequences. This incident serves as a stark reminder of the need for vigilance in an increasingly digital world.

Global Crypto Hacks Escalate to $2.2 Billion in 2024



 

Cybersecurity

Crypto Hacks cryptocurrency Cryptocurrency Breach Cyber Fraud CyberCrime Cyberhackers Cybersecurity

Global Crypto Hacks Escalate to $2.2 Billion in 2024

Chainalysis, a blockchain analytics company that provides data analysis on the blockchain ecosystem, has reported that the volume of compromised crypto funds and the number of hacking incidents are set to rise in 2024. The report states that the total amount of stolen crypto funds rose by approximately 21.07% year-over-year (YoY), reaching $2.2 billion over the period. It also reports that the number of individual cyber-attacks increased from 282 in 2023 to 303 incidents in 2024, an increase of 34 per cent.

During its report this year, Chainalysis noted that hackers also increasingly target centralized services such as cryptocurrency exchanges. In addition to Bitcoin's 140% increase in value this year surpassing $100,000, the rise in crypto heists also coincides with the institutional support of U.S. President-elect Donald Trump. There have been 303 hacking incidents so far in 2023, compared to 282 in 2023 and 1.8 billion dollars, but that’s only about Rs. 15,302 crores, which means hackers stole 1.8 billion dollars (roughly Rs. 15,302 crores) in 2023, according to the report.

There has been an increase in crypto heists as the value of Bitcoin reached $100,000 (roughly Rs. 85 lakh) this year, and it has drawn institutional support and backing from US President-elect Donald Trump, who has become one of the biggest supporters of the digital currency. It is noted that DeFi still accounted for the largest share of stolen assets in the first quarter of 2024, but centralized services were more likely to be hacked during the second and third quarters.

According to Chainalysis' report, several notable hacks of centralized services occurred, such as the hack of DMM Bitcoin in May 2024, which cost $305 million, and WazirX in July 2024, which cost $234.9 million. The WazirX hack in July of this year resulted in huge losses for the Indian cryptocurrency exchange, which has responded by stopping users from withdrawing their remaining cryptocurrency and is currently requesting a reorganization in Singapore.

In addition, the Chainalysis report noted that North Korean hackers continue to try to steal cryptocurrency, particularly to avoid sanctions, as well as that the North Korean hackers are continuing to conduct cyber-attacks. As the industry faces an increasingly challenging environment in the new year, the industry has a lot of work to do to fight the proliferation of such crimes, especially fraud, that will undoubtedly pose a key challenge.

Several reports concluded that the majority of the stolen crypto this year resulted from compromised private keys that control access to users' assets. A majority of the attacks targeted centralized platforms. There were several notable hacks during the past year. The most significant ones were the theft of $305 million from Japan's DMM Bitcoin in May, and the loss of $235 million from India's WazirX in July. According to Chainalysis, North Korea-related crypto hacking increased by more than double from a year ago to 1.3 billion dollars in 2024, which is a record.

Colorado Faces Growing Financial Losses from AI-Powered Scams in 2024



 

Phishing Scams

AI Fraud artificial intelligence scams Colorado scams Cyber Fraud financial scams 2024 Investment fraud online fraud prevention Phishing Scams

Colorado Faces Growing Financial Losses from AI-Powered Scams in 2024

Colorado is on track to suffer even greater financial losses from scams by the end of 2024 compared to the nearly $100 million stolen in 2023. According to the Colorado Attorney General's Office, the rapid integration of artificial intelligence (AI) into everyday life may be driving this increase.

Gone are the days when misspelled words, unprofessional websites, and suspicious email domains were telltale signs of scams. With AI, criminals now replicate the voices of loved ones to stage fake emergencies, tricking victims into sharing money or sensitive information. "Artificial intelligence takes existing scam opportunities and puts them on steroids," said Colorado Attorney General Phil Weiser.

In 2023, the FBI Denver Field Office reported that scammers stole $187 million from nearly 11,500 residents in Colorado—an increase of $9 million compared to 2022. Investment fraud ($50 million), business email compromise ($57 million), and tech support scams ($23 million) were the top schemes contributing to these losses.

Weiser's office received a record-breaking 20,390 fraud complaints in 2023, up from 19,519 in 2019, reflecting a growing trend. Colorado now ranks seventh nationwide for scam complaints per capita. Many of these cases were reported through StopFraudColorado.com, a platform providing fraud education and reporting tools.

One alarming scam, known as the "grandparent scam," highlights how scammers use AI to imitate a grandchild's voice. The victim is told their grandchild is in jail abroad and needs money urgently. "One of the scary parts is many people have a hard time understanding the difference between deepfakes and reality," Weiser said. He advises skepticism: "Don't trust those calls. Hang up and verify the information with the appropriate source."

Younger internet users and older adults are particularly vulnerable. Weiser added, "AI is not new, but the widespread use of tools like ChatGPT has taken adoption to a new level."

Austin Hastings, assistant vice president at Alpine Bank, noted that scammers adapt their strategies once people stop falling for certain tricks. Recent scams involve AI-generated phishing emails and websites that convincingly mimic legitimate organizations.

To combat scams, Alpine Bank suggests:

Avoid clicking on unexpected links. Use verified websites or saved URLs.
Never share financial information or passwords over email or phone.
Beware of too-good-to-be-true deals and stick to trusted retailers.
Monitor bank accounts regularly for suspicious charges.
Report fraudulent activity to authorities promptly.
The Colorado Privacy Act, enacted in 2021, provides residents with tools to protect their data, such as opting out of targeted advertising and requiring entities to safeguard personal information.

"It's a dangerous world out there, and AI is making it more dangerous," Weiser warned. "Please protect yourself and those you love."

Dubai Police Impersonation Scam: A Sophisticated Cybercrime Targeting UAE Residents



 

Police Scam

Cyber Attacks Cyber Fraud data security Data Theft Dubai Malicious Link Phishing Attacks Police Scam

Dubai Police Impersonation Scam: A Sophisticated Cybercrime Targeting UAE Residents

Cybercriminals have recently targeted the Dubai Police in an elaborate impersonation scam aimed at defrauding unsuspecting individuals in the UAE. Thousands of phishing text messages, pretending to be from law enforcement, were sent to trick recipients into clicking on malicious links. These links redirected victims to fake websites designed to steal sensitive information, including bank details and personal identification.

According to researchers at BforeAI, these campaigns employ official branding to appear legitimate, showcasing a calculated level of sophistication. While specifically targeting UAE residents, the campaign adopts a broad “spray-and-pray” phishing approach. It leverages fear and trust in law enforcement — a psychological factor especially potent in a country like the UAE, where respect for authority is deeply ingrained.

Abu Qureshi, a threat intelligence expert at BforeAI, emphasized how cybercriminals misuse Dubai Police branding to deceive victims. This tactic highlights an advanced understanding of social engineering, combining fear and the appearance of credibility. UAE citizens with limited awareness of digital threats are particularly susceptible to such scams, mistaking fraudulent communication for genuine correspondence.

The Rising Threat of Cybercrime in the UAE

The increase in cybercrime campaigns across the UAE and the Middle East mirrors global trends in cybercriminal activity. A report by Kaspersky revealed that 87% of UAE-based companies have encountered cyber incidents in the past two years. Several factors contribute to the UAE being an attractive target for cybercriminals:

Affluent population and wealth concentration.
Widespread internet access and rapid adoption of digital technologies.
Exploitation of vulnerabilities in newly implemented systems.

Financially motivated campaigns often focus on wealthy regions or individuals, while geopolitical dynamics and economic factors play a role in the increasing cyber threats in the region.

Advanced Techniques Used in the Dubai Police Scam

In the Dubai Police impersonation scam, attackers used automated domain generation algorithms (DGA) and bulk domain registration techniques to host malicious web pages. These domains, typically short-lived, make detection challenging. Investigations by BforeAI traced many of these domains to Tencent servers in Singapore.

Although Singapore is known for its strong cybersecurity measures, its status as a global tech hub makes it a prime location for cybercriminals to exploit legitimate platforms. Tencent, a China-based firm with a significant presence in Singapore, has faced scrutiny for its servers being previously linked to malicious activity.

Mitigating the Risks of Sophisticated Cyber Scams

To combat threats like the Dubai Police impersonation scam, organizations and individuals must adopt proactive cybersecurity measures:

Predictive phishing detection to identify threats early.
Employee training programs to enhance awareness.
Collaboration with local law enforcement and Computer Emergency Response Teams (CERTs).

Enhancing vigilance and implementing robust incident response plans can significantly mitigate risks. Additionally, cross-border cooperation and threat intelligence sharing are essential to address the globalized nature of cybercrime effectively.

OTP Scams Decline in Bengaluru as Sophisticated Cybercrimes Surge in 2024



 

phishing attack statistics

Bengaluru cybercrime trends Cyber Fraud FedEx fraud cases investment scams rise OTP scams decline phishing attack statistics

OTP Scams Decline in Bengaluru as Sophisticated Cybercrimes Surge in 2024

Bengaluru has witnessed a significant drop in traditional cybercrimes like One-Time Password (OTP) scams and phishing, but more advanced and sophisticated scams, such as digital arrest fraud and stock investment schemes, have been on the rise.

Data obtained by DH shows that OTP scam cases fell dramatically from 1,860 in 2022 to 1,334 in 2023, and further to 893 in 2024 (as of November). This marks a sharp 51.98% decline in two years. Similarly, phishing cases — cyberattacks through fake emails, texts, and calls targeting sensitive personal information — dropped by 68.09%, from 605 cases in 2022 to just 193 in 2024.

However, the nature of cybercrime shifted in 2024. Fraudulent stock investment schemes, part-time job offers, and digital arrest scams saw a staggering surge. Investment scam cases rose from 411 in 2022 to 3,754 in 2023 and further jumped to 5,707 in 2024, reflecting a massive 1,288.56% increase.

Another growing concern is FedEx courier fraud. Victims are coerced into believing that a suspicious package in their name contains illegal items, leading to false arrest threats. These cases increased from 403 in 2023 to 1,417 in 2024 — a 251.61% rise. No such cases were reported in 2022.

Deepfake frauds, involving AI-generated visuals, also emerged as a new challenge. Reports rose from 3 cases in 2023 to 20 in 2024.

Of the 30 types of cybercrimes monitored by Bengaluru police, investment fraud topped the list with 5,707 cases in 2024, followed by job frauds (1,423) and FedEx scams (1,417).

Investigators confirmed that cybercrime has evolved significantly. A senior cybercrime officer stated, "Phishing and OTP scams were more commonly done by scamsters who were in parts of India like Jamtara, Haryana, Rajasthan, etc."

Another investigator added, "In 2023 and mainly in 2024, we saw a major evolution in cybercrimes. Now, aided by technology and Artificial Intelligence, the scams are more sophisticated and well-orchestrated. The kingpins are also located in China and parts of Southeast Asia, making it hard to crack down."

The data reveals that, as of November 30, 2024, Bengaluru cybercrime victims lost a massive Rs 1,806 crore — surpassing the total losses from 2019 to 2023, which amounted to Rs 1,187 crore. Despite efforts to contain the damage, investigators were able to freeze Rs 611 crore in mule bank accounts and recover Rs 122 crore this year.

Massive Data Breach Puts Millions at Risk During Christmas Season



 

User Privacy

Amazon Web Services Christmas Scam Cyber Fraud Data Leak US Citizens User Privacy

Massive Data Breach Puts Millions at Risk During Christmas Season

As the Christmas season approaches, millions of U.S. citizens could face a potential holiday nightmare after a major data breach exposed 5 million unique credit and debit card details online. The leak threatens to compromise countless transactions during the festive shopping spree.

Security experts from Leakd.com revealed that 5 gigabytes of private screenshots were found in an unsecured Amazon S3 bucket, a cloud storage service provided by Amazon Web Services. These screenshots depict unsuspecting consumers entering sensitive data into fraudulent promotional forms, lured by offers that seem "too good to be true," such as free iPhones or heavily discounted holiday products.

The scam operates by enticing consumers with exclusive holiday gifts or significant discounts, requiring them to make a small payment or subscription to claim the offer. These offers often include a countdown timer to create a sense of urgency, pressuring individuals to act quickly without scrutinizing the details.

However, the promised items never arrive. Instead, the fraudsters steal sensitive data and store it on an unsecured server, where it can be accessed by anyone. This poses a heightened risk during the holiday season when shoppers are more vulnerable due to increased spending, making it easier for malicious actors to carry out unauthorized transactions unnoticed.

What to Do If You’re Affected

If you recently filled out a form promising an unbelievable offer, there’s a strong chance your privacy may have been compromised. Here’s what you should do:

Contact Your Bank: Inform your bank immediately and request a card replacement to prevent unauthorized transactions.
Monitor Bank Statements: Keep a close eye on your statements for any suspicious transactions. Report anything you don’t recognize.
Dispute Fraudulent Charges: If you notice unauthorized charges, contact your bank to dispute them and explore options for reimbursement.

The Growing Threat of Christmas Scams

Unfortunately, credit card theft isn’t the only scam cybercriminals are leveraging this holiday season. Security researchers have reported an increase in text-based scams impersonating delivery services. These scams target online shoppers, exploiting the busy season to steal sensitive information or money.

Examples of such scams include fake delivery notifications requesting payment for a package and inks leading to phishing websites that steal personal or payment information.

How to Protect Yourself

To safeguard yourself during the holiday season:

Verify Offers: Avoid offers that seem too good to be true, especially those requiring personal or payment details.
Check Sender Legitimacy: Double-check emails or texts claiming to be from delivery companies. Visit the official website directly rather than clicking on links.
Enable Fraud Alerts: Activate alerts with your bank to be notified of any unusual transactions.
Educate Family Members: Warn loved ones about these scams, especially those who may be less tech-savvy.

The holiday season should be a time of joy, not stress caused by data breaches and scams. By staying vigilant and taking proactive measures, you can protect yourself and your finances from cybercriminals looking to exploit this festive time of year.

Cybercrime Network Busted: Turning Airbnbs Into Fraud Centers



 

phishing

Airbnb Cyber Fraud Europol links Netherlands phishing

Cybercrime Network Busted: Turning Airbnbs Into Fraud Centers

An international cybercrime network responsible for stealing millions of euros has been dismantled in a joint operation conducted in Belgium and the Netherlands. The Europol-coordinated effort led to eight arrests and 17 coordinated raids across the two countries on December 3.

Investigation and Arrests

The investigation, which began in 2022, targeted a gang involved in phishing, online fraud, and money laundering. Four suspects—three men and one woman, aged between 23 and 66—were arrested in the Netherlands. They face charges of participating in a criminal organization.

Authorities seized various pieces of evidence during the raids, including mobile phones, data storage devices, significant amounts of cash, and luxury items purchased with stolen funds. These findings underscored the extensive fraudulent activities conducted by the group.

Airbnbs: Temporary Bases for Cybercrime

The gang used rented Airbnb properties and luxury apartments as temporary call centers to avoid detection. Operating from these locations, they launched phishing attacks targeting victims across Europe. Communication methods included emails, text messages, and WhatsApp messages, in which they impersonated bank representatives or fraud prevention agents.

Victims were informed that their bank accounts had been compromised and were directed to fake banking websites designed to appear legitimate. Once victims entered sensitive information such as login credentials or PINs, the attackers swiftly accessed their accounts and withdrew funds. In some cases, unsuccessful fraud attempts led to verbal harassment, adding emotional distress to the victims’ financial losses.

Spending Details

Rather than keeping a low profile, the gang openly flaunted their stolen wealth online. They spent lavishly on luxury vacations, designer clothes, high-end cars, and exclusive parties. Their social media profiles featured images showcasing expensive purchases and interactions with celebrities, further exposing their illegal activities.

How to Avoid Phishing Scams

Phishing scams remain one of the most common tactics used by cybercriminals. To protect yourself:

Treat unsolicited calls, messages, and emails with suspicion, especially if they request sensitive information.
Avoid clicking on suspicious links. Instead, verify claims by contacting your bank directly through official channels.
Be cautious of small demands for money on second-hand sales websites; these may be attempts to steal card information.

Impact

Europol highlights that phishing tactics are constantly evolving, making them harder to trace. This case underscores the importance of vigilance and staying informed about online threats. As cybercrime becomes more sophisticated, individuals must take proactive steps to secure their personal and financial data.

The success of this operation demonstrates the critical role of international collaboration in combating cybercrime. It serves as a powerful reminder of the ongoing need for cooperation between law enforcement agencies to effectively counter global threats.

Canadians Targeted by Scammers Amid Canada Post Strike and Holiday Season



 

postal scam tips

Canada Post strike scams Cyber Fraud holiday phishing scams online shopping fraud parcel delivery fraud postal scam tips

Canadians Targeted by Scammers Amid Canada Post Strike and Holiday Season

Canadians are facing an increase in scams as fraudsters capitalize on the Canada Post strike to target victims. Octavia Howell, Chief Information Security Officer at Equifax Canada, highlighted a rise in phishing emails and deepfake phone calls, stating, “Any time there is a major political event, a major strike or anything like that, we’ll see an uptick.”

Impact of the Holiday Season and Shipping Disruptions

The holiday season has further exacerbated the issue, with parcel-related scams growing alongside online shopping. Howell noted up to 87 fraud reports in a single day from identical IP addresses, calling the trend “insidious” and linking it to holiday pressures and shipping disruptions.

Canada Post's Advisory and Red Flags

Canada Post urges Canadians to be cautious, emphasizing it does not send unsolicited texts or emails about deliveries. Red flags include poor grammar, fake tracking numbers, or inconsistent logos. Phishing scams often mimic trusted sources to steal sensitive information.

The Better Business Bureau has also issued warnings, advising consumers to verify delivery services, avoid unsolicited offers, and check for BBB accreditation. “Watch out for fake package delivery offers during Canada’s postal strike,” the organization stated.

How to Protect Yourself

Customers should report suspicious communications to the Canadian Anti-Fraud Centre. Fraudsters often mimic brands like private couriers, demanding payment for non-existent shipments. One recent scam impersonated the U.S. Postal Service, asking for credit card details under false pretenses.

Octavia Howell recommends verifying sources and staying skeptical of unsolicited messages. “Take a step back. Don’t click, don’t do anything. Verify sources,” she said, encouraging Canadians to remain vigilant during this heightened period of fraud.

India Blocks 17,000 WhatsApp Accounts to Combat Digital Arrest Fraud



 

WhatsApp accounts blocked

2024 Cyber Fraud cybercrime awareness cybercrime crackdown digital arrest fraud digital scams India human trafficking scams online financial scams WhatsApp accounts blocked

India Blocks 17,000 WhatsApp Accounts to Combat Digital Arrest Fraud

In a decisive move against rising cyber fraud, the Ministry of Home Affairs (MHA) has blocked over 17,000 WhatsApp accounts allegedly involved in digital arrest scams. Sources revealed that many of these accounts were traced to countries such as Cambodia, Myanmar, Laos, and Thailand, where they were reportedly used for fraudulent activities.

This crackdown was spearheaded by the Home Ministry's cybercrime coordination centre, acting on complaints submitted by victims through online platforms. The Ministry reviewed these complaints, identified suspicious accounts, and instructed WhatsApp to take action.

The action follows an investigative report by India Today, which uncovered operations of fraudulent call centres based in Cambodia, Myanmar, and Laos. These call centres, often located in Chinese-owned casinos in Cambodia, are linked to large-scale cyber fraud. Investigations also revealed a disturbing connection to human trafficking, where Indian citizens are lured to Cambodia with job promises and then coerced into executing online scams.

"Digital arrest" scams involve fraudsters impersonating law enforcement officials, such as CBI agents, income tax officers, or customs agents, to extort money. Victims are intimidated with false accusations of illegal activities and pressured to transfer large sums of money.

Prime Minister Narendra Modi recently issued a public warning, urging citizens to stay vigilant and report such incidents to the cyber helpline.

Home Ministry cyber wing sources estimate that scammers have been siphoning off approximately ₹6 crore daily through these frauds. Between January and October this year, digital arrest scams accounted for ₹2,140 crore in losses, with 92,334 cases reported during the period.

New Ghost Tap Assault Exploits NFC Mobile Payments to Steal Funds



 

Payment Fraud

Cyber Fraud Ghost Tap NFC Payment Card Payment Fraud

New Ghost Tap Assault Exploits NFC Mobile Payments to Steal Funds

The attackers are increasingly relying on a novel approach that employs near-field communication (NFC) to pay out victims' funds at scale. ThreatFabric's Ghost Tap technology enables fraudsters to cash out money from stolen credit cards related to mobile payment services such as Google Pay or Apple Pay while relaying NFC traffic.

"Criminals can now misuse Google Pay and Apple Pay to transmit your tap-to-pay information globally within seconds," the Dutch security company stated. "This means that even without your physical card or phone, they can make payments from your account anywhere in the world.”

These attacks usually include deceiving victims into downloading malware for mobile banking, which subsequently uses an overlay attack or a keylogger to steal their banking credentials and one-time passwords. As an alternative, it can include a voice phishing feature.

Once the threat actors get the card information, they proceed to link the card to Apple Pay or Google Pay. However, the tap-to-pay information is sent to a mule, who is in charge of making fraudulent transactions at a business, in an effort to prevent the issuer from blocking the cards. A reliable research tool called NFCGate, which has the ability to record, examine, and alter NFC traffic, is used to achieve this. Using a server, NFC traffic can also be transferred between two devices.

Researchers from TU Darmstadt's Secure Mobile Networking Lab stated that one device functions as a reader reading an NFC tag, while the other device emulates an NFC tag using the Host Card Emulation (HCE).

The most recent development is the first instance of NFCGate being misused to relay data, even though ESET previously noted that bad actors have previously utilised the technology to transfer NFC information from victims' devices to the attacker using NGate malware back in August 2024.

"Cybercriminals can establish a relay between a device with stolen card and PoS [point-of-sale] terminal at a retailer, staying anonymous and performing cash-outs on a larger scale," ThreatFabric explained. "The cybercriminal with the stolen card can be far away from the location (even different country) where the card will be used as well as use the same card in multiple locations within a short period of time.”

The approach has further benefits in that it can be employed to purchase gift cards at offline businesses without the fraudsters being physically present. Even worse, it can be utilised to expand the fraudulent operation by recruiting the assistance of multiple mules in different locations over a short period of time.

Further complicating the detection of Ghost Tap assaults is the fact that the transactions appear as if they are originating from the same device, hence circumventing anti-fraud measures. It can be more difficult to determine their precise location and the fact that the associated card was not used to complete the transaction at the PoS terminal if the device is in flight mode.

Meet Daisy, the AI Grandmother Designed to Outwit Scammers



 

Voice-Based App

AI Tool Cyber Fraud Scammers User Security Voice-Based App

Meet Daisy, the AI Grandmother Designed to Outwit Scammers

The voice-based AI, known as Daisy or "dAIsy," impersonates a senior citizen to engage in meandering conversation with phone scammers.

Despite its flaws, such as urging people to eat deadly mushrooms, AI can sometimes be utilised for good. O2, the UK's largest mobile network operator, has implemented a voice-based AI chatbot to trick phone scammers into long, useless talks. Daisy, often known as "dAIsy," is a chatbot that mimics the voice of an elderly person, the most typical target for phone scammers.

Daisy's goal is to automate "scambaiting," which is the technique of deliberately wasting phone fraudsters' time in order to keep them away from potential real victims for as long as possible. Scammers employ social engineering to abuse the elderly's naivety, convincing them, for example, that they owe back taxes and would be arrested if they fail to make payments immediately.

When a fraudster gets Daisy on the phone, they're in for a long chat that won't lead anywhere. If they get to the point when the fraudster requests private data, such as bank account information, Daisy will fabricate it. O2 claims that it is able to contact fraudsters in the first place by adding Daisy's phone number to "easy target" lists that scammers use for leads.

Of course, the risk with a chatbot like Daisy is that the same technology can be used for opposite ends—we've already seen cases where real people, such as CEOs of major companies, had their voices deepfaked in order to deceive others into giving money to a fraudster. Senior citizens are already exposed enough. If they receive a call from someone who sounds like a grandchild, they will very certainly believe it is genuine.

Finally, preventing fraudulent calls and shutting down the groups orchestrating these frauds would be the best answer. Carriers have enhanced their ability to detect and block scammers' phone numbers, but it remains a cat-and-mouse game. Scammers use automated dialling systems, which allow them to phone numbers quickly and only alert them when they receive an answer. An AI bot that frustrates fraudsters by responding and wasting their time is preferable to nothing.

Browser Warning: Fake Websites Steal Millions from Users



 

Safari

Browser Cyber Fraud Google link Safari

Browser Warning: Fake Websites Steal Millions from Users

Cyber scammers give new warnings as they do not stop scamming unsuspecting web shoppers through a new phishing campaign posing to be online stores. Many of these fake stores Google has removed from its search results, but links remain on social media and other sites, hence why all internet users need to know how to spot these dangerous sites.

How the Scam Works

In its latest research, Human Security's Satori team has found that cyber thieves are taking advantage of a method that leads internet users from legitimate online platforms to fake online shopping. The attackers inject a malicious program that creates fake product listings in genuine websites. This tactic pushes these fake listings up to the top rank of the search results; hence, users who click on such pages are attracted by what seems to be a good deal. When you click on such links, you are redirected to a phishing site by a malicious person who actually controls the site.

On such rogue sites, they will force you to pay using the actual service providers that have a history of legitimacy, therefore giving you more confidence. After you pay, you never receive the product and lose your cash. Maybe some consumers have effectively filed a credit card chargeback, but recovery is not always possible.

A Massive Phishing Campaign

According to the latest research, the cybercrooks have managed to compromise more than 1,000 websites to spread false business proposals. The thieves had established 121 fake online shops, where the amount of dollars in money lost by hundreds of thousands of gullible people was going into millions. According to Human Security, hundreds of thousands of people have been duped by these cheats.

Be Alert with These False Sites Signs

The victim will not get caught again if he can see the following signs:

- Deals That Seem Too Good to Be True: Something that you bought a little below its selling price is a red flag. Confirm if the website is legit before you go further.

- Inconsistent Website Names: Sometimes, the domain name, popup titles, and payment processing pages can have different names. Fake sites often have inconsistent names in these details.

- Order Process Quality: Be cautious when the ordering process appears suspicious or lacks most normal security measures, such as autofill with an address.

- Check Reviews: Look for reviews of the website from outside sources. Recognize that some reviews are completely false. Some review sites are much better about guaranteeing legitimacy.

This phishing scam, they have called "Phish 'n' Ships." This campaign effectively makes use of search engine optimization tricks to push these phony listings up as top results, giving them a spurious sense of legitimacy to unsuspecting users. In spite of these having been largely removed by Google, the criminals' strategies are changing day by day.

Continued Threat Against Browser Users

These attacks are highly likely to be affected in all major web browsers, but researchers warn that "Phish 'n' Ships" has not been suppressed, because it remains active.

Even though Google succeeded in taking down some of its parts partially, criminals will most likely change their attack in order to continue scamming further.

Meanwhile, Malwarebytes has detected another threat in Bing search results. Cybercrooks have misused the terms "Keybank login" and other similar ones to reroute innocent surfers fraudulently to phishing sites aimed at stealing banking credentials. Sometimes, even the top result of the search is a malicious link.

Security Tips for Ad Campaigns

Before launching online ads, organisations should make sure that the advertising associates they hire are well-equipped to handle malvertising. Key best practices for this include ad monitoring for threats, latent "cloaked" malicious scanning and processes in place in case of attacks.

By being vigilant and checking websites, users can avoid becoming a victim of these very sophisticated scams.

Search This Blog

Sections

Popular Posts

Blog Archive

Labels

About Me

Showing result(s) for

Popular Posts

Pages

Menu Item

The Rising Threat of Cybercrime in the UAE

Advanced Techniques Used in the Dubai Police Scam

Mitigating the Risks of Sophisticated Cyber Scams

What to Do If You’re Affected

The Growing Threat of Christmas Scams

How to Protect Yourself

Investigation and Arrests

Airbnbs: Temporary Bases for Cybercrime

Spending Details

How to Avoid Phishing Scams

Impact

Impact of the Holiday Season and Shipping Disruptions

Canada Post's Advisory and Red Flags

How to Protect Yourself