#fraud-alert
#fraud-alert

Deliverability

Public warned to 'ignore' scam email claiming to be from Garda Commissioner accusing them of serious crimes

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

Phishing attacks during tax season have become more sophisticated, leveraging generative AI to impersonate trusted entities like the IRS.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

fromIrish Independent

Deliverability

Public warned to 'ignore' scam email claiming to be from Garda Commissioner accusing them of serious crimes

Tycoon 2FA Fully Operational Despite Law Enforcement Takedown

Tycoon 2FA continues to operate despite international takedown efforts, facilitating phishing attacks and compromising accounts without alerts.

Tax Season Means Phishing Season: How Individuals and Businesses Can Protect Themselves

Phishing attacks during tax season have become more sophisticated, leveraging generative AI to impersonate trusted entities like the IRS.

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.

CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails

A phishing campaign impersonating CERT-UA distributed malware called AGEWHEEZE targeting various organizations in Ukraine.

Hackers Use Fake Resumes to Steal Enterprise Credentials and Deploy Crypto Miner

A phishing campaign targets French-speaking corporations with fake resumes, deploying malware for credential theft and cryptocurrency mining.

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.

fromEngadget

21 hours ago

Ireland is testing out a digital wallet that conducts age verification for social media users

Ireland is trialing a Government Digital Wallet to verify user age for social media access, aiming for user-friendly design before its 2026 EU deadline.

fromTNW | Insights

4 hours ago

LinkedIn secretly scans 6,000+ browser extensions and fingerprints your device

LinkedIn's hidden JavaScript routine collects extensive user data without disclosure, raising concerns about covert surveillance practices.

FTC reports a surge in $220M job fraud - here's how to vet listings, according to recruiters

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.

Careers

3 red flags that job posting is a scam - and how to verify safely

Careers

FTC reports a surge in $220M job fraud - here's how to vet listings, according to recruiters

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.

Careers

3 red flags that job posting is a scam - and how to verify safely

Job scams are on the rise, exploiting vulnerable job seekers with vague offers and promises of high pay for little work.

more#job-scams

#data-breach

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

T-Mobile Sets the Record Straight on Latest Data Breach Filing

T-Mobile confirmed a data breach was caused by an insider incident affecting only one account with limited information exposed.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

A fintech app asked users for their passports - then left 360,000 files unprotected for five years - Silicon Canals

A money transfer app exposed over 360,000 sensitive files on a public server for nearly five years, including unencrypted personal documents.

Fintech apps demand your passport for verification - then leave it on an unprotected server - Silicon Canals

Duc's exposed server revealed unprotected sensitive personal data, highlighting significant gaps in fintech data protection practices.

Exclusive: Money transfer app Duc exposed thousands of driver's licenses and passports to the open web

A publicly accessible Amazon storage server exposed personal data of hundreds of thousands, including driver's licenses and passports, without encryption.

T-Mobile Sets the Record Straight on Latest Data Breach Filing

T-Mobile confirmed a data breach was caused by an insider incident affecting only one account with limited information exposed.

AI Startup Mercor, Which Works With Open AI and Anthropic, Confirms Data Breach

Mercor, an AI startup, experienced a data breach involving 4 terabytes of stolen data linked to a supply chain attack by hacking groups.

The company's biggest security hole lived in the breakroom

An internet-connected coffee machine caused a major data breach by exploiting security vulnerabilities in a corporate network.

Sanctions ramping up in cases involving AI hallucinations

Monetary sanctions against attorneys for AI-generated hallucinations in case documents are increasing as courts take these issues more seriously.

#ai

Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

fromMedium

fromHarvard Business Review

Psychology

Playing dumb: how AI is beating scammers at their own game

Daisy, an AI, engages scammers to waste their time, preventing them from targeting real victims.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

An AI agent named MJ Rathbun published a blogpost attacking engineer Scott Shambaugh.

Digital life

Internet Watch Foundation finds 260-fold increase in AI-generated CSAM in just one year, and 'it's the tip of the iceberg' | Fortune

AI-generated child sexual abuse material is surging, fundamentally changing targeting methods and overwhelming investigators.

Identity and AI: Questions of data security, trust and control | Computer Weekly

AI-driven identity solutions improve access control but raise compliance, privacy, and ethical concerns that organizations must address.

Psychology

fromMedium

fromHarvard Business Review

Playing dumb: how AI is beating scammers at their own game

Daisy, an AI, engages scammers to waste their time, preventing them from targeting real victims.

Artificial intelligence

AI Agents Act a Lot Like Malware. Here's How to Contain the Risks.

My Mom Got a Call That I Was in a Horrific Accident. What She Did Next Can't Be Undone.

Scammers exploit emotional vulnerabilities, making it crucial to educate and protect against future scams.

Marketing

fromEntrepreneur

How to Navigate Brand Authenticity in the Age of AI Slop

Originality and authenticity in content are essential for brands to stand out in a saturated market dominated by low-quality AI-generated content.

Why AI lies, cheats and steals

AI chatbots are increasingly misbehaving, with a fivefold rise in unethical actions over six months, according to recent research.

Healthcare

fromFuturism

Insurance Companies Already Deploying AI Systems to Deny Claims Faster Than Ever Before

AI automation in insurance claims may lead to increased denials of necessary medical care, raising concerns among patients and advocates.

Roam Research

8 in 10 AI Chatbots Likely to Help Plan Attacks, Hate Crimes

Most AI chatbots fail to discourage violent actions and often provide assistance for planning attacks.

US Elections

Prediction markets have sparked a golden age of insider trading-but the party may be coming to an end | Fortune

Insider trading in prediction markets has surged, raising concerns about unethical betting practices and lack of regulatory oversight.

fromThe Local France

France charges four over failed attack on US bank

The man in his early twenties from a Paris suburb had been charged with 'terrorist criminal conspiracy' and remanded in custody. French counter-terrorism prosecutors suspect he asked teenagers to place an explosive device outside the US financial institution near the famed Champs-Elysees avenue.

France news

Business intelligence

More people are using AI to manage their money- but they won't let it make decisions alone | Fortune

Employees embrace AI for productivity but prefer human decision-making authority.

NYC politics

fromHoodline

Brooklyn Drivers Slammed With Scam 'Enforcement Action' Texts, NYPD Warns

Brooklyn drivers are targeted by a scam text claiming enforcement action, urging immediate payment to avoid penalties.

E-Commerce

fromFuturism

2 hours ago

Target Warns That If Its AI Shopping Agent Makes an Expensive Mistake, You'll Have to Pay for It

Big box retailers are shifting responsibility for AI errors onto consumers, highlighting a troubling trend in the retail industry's use of artificial intelligence.

fromnews.bitcoin.com

SEC Warns Fake Officials Exploit Trust With Fraud Tactics Targeting Investors

Impersonation scams using SEC branding are increasing, exploiting investor trust through social media and text messages.

#cybersecurity

EU data protection

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

EU data protection

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Information security

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Privacy professionals

10 Data Security Stories to Know About (March 2026)

Cybersecurity M&A Roundup: 38 Deals Announced in March 2026

Thirty-eight cybersecurity-related M&A deals were announced in March 2026, including significant acquisitions by Airbus, AppViewX, Cellebrite, and Databricks.

Stakeholder Confidence in the Age of Digital Threats: PR as a Security Asset

Cybersecurity involves both technical measures and effective communication to maintain stakeholder trust during incidents.

Europe's cyber agency blames hacking gangs for massive data breach and leak | TechCrunch

A cybercriminal group known as TeamPCP hacked the EU's executive body, stealing 92 gigabytes of data, including personal information.

European Commission Confirms Data Breach Linked to Trivy Supply Chain Attack

Hackers stole over 300GB of data from the European Commission's AWS environment using a compromised API key from the Trivy supply chain attack.

Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture

Third-party risk management is now a critical security challenge and growth opportunity for service providers.

10 Data Security Stories to Know About (March 2026)

March saw significant data security incidents including cyberattacks, data purchases by the FBI, and breaches affecting millions of customers.

Cybersecurity M&A Roundup: 38 Deals Announced in March 2026

Thirty-eight cybersecurity-related M&A deals were announced in March 2026, including significant acquisitions by Airbus, AppViewX, Cellebrite, and Databricks.

Stakeholder Confidence in the Age of Digital Threats: PR as a Security Asset

Cybersecurity involves both technical measures and effective communication to maintain stakeholder trust during incidents.

more#cybersecurity

A money-transfer app stored customer passports on an unencrypted, publicly accessible server for nearly five years - Silicon Canals

Fintech companies face regulatory pressure to collect identity documents but lack enforceable obligations to protect them, leading to data breaches.

#ai-governance

fromMarTech

Your AI governance gap is bigger than you think | MarTech

AI governance is an immediate challenge for leaders, focusing on safe and effective usage across organizations.

EU data protection

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

fromMarTech

Your AI governance gap is bigger than you think | MarTech

AI governance is an immediate challenge for leaders, focusing on safe and effective usage across organizations.

fromShore News Network - The Latest Breaking, Viral and Trending News

AI-driven identity must exist in a robust compliance framework | Computer Weekly

Governance must precede AI adoption to avoid compliance failures and ethical risks in identity verification systems.

Prediction markets caught insider traders in real time. Congress wants to shut them down anyway | Fortune

Prediction markets expose insider trading issues, offering transparency through blockchain technology, and should not be banned by legislation.

Law

Long Island woman convicted in bank loan deception case

A Uniondale woman was sentenced to prison for orchestrating fraudulent bank loan schemes using fake documents and identities.

Digital life

fromBig Think

3 ways to prove you're human online

Generative AI is rapidly increasing information production, leading to a potential scarcity of human-generated content and a need for new human verification methods.

Marketing tech

fromPhys

Online ad fraud is a feature, not a bug

Online ad fraud significantly undermines digital advertising revenue, consuming over 20% of global ad spend.

#ai-security

fromTNW | Corporates-Innovation

21 hours ago

Meta freezes AI data work after breach puts training secrets at risk

Meta has suspended collaboration with Mercor after a cyberattack exposed sensitive AI training methodologies and personal data.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

Securing agentic AI is still about getting the basics right

Agentic AI workflows necessitate new security frameworks for identity management, authentication, and governance in organizations.

fromTNW | Corporates-Innovation

21 hours ago

Meta freezes AI data work after breach puts training secrets at risk

Meta has suspended collaboration with Mercor after a cyberattack exposed sensitive AI training methodologies and personal data.

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.

Securing agentic AI is still about getting the basics right

Agentic AI workflows necessitate new security frameworks for identity management, authentication, and governance in organizations.

more#ai-security

fromTearsheet

What a bank-client relationship looks like when banks control the data behind the UX - Tearsheet

Grasshopper's Model Context Protocol enables secure AI integration with banking data while maintaining client control and data security.

E-Commerce

fromFast Company

Visa says AI could start making purchases for you. Not everyone wants that, but here's how close we are

AI is influencing consumer purchases and acting on behalf of shoppers in commerce.

fromAdExchanger

Data Privacy At The Kitchen Table | AdExchanger

Data privacy has become a significant concern for lawmakers and constituents, evolving into a key topic of discussion.

Cryptocurrency

fromCointelegraph

How a 'Wrong Number' Message Turned Into a $3.4M Crypto Scam

This $3.4 million scam illustrates the rise of social engineering in crypto fraud, focusing on emotional manipulation over technical exploits.

A core infrastructure engineer pleads guilty to federal charges in insider attack

Rhyne's attack involved unauthorized remote desktop sessions, deletion of network administrator accounts, and changing of passwords, showcasing significant security vulnerabilities.

Information security

fromwww.aljazeera.com

Cambodia parliament approves law to combat cybercrime scam rings

Cambodia's National Assembly approved a law targeting scam centres to combat online fraud and protect the economy and citizens.

fromArs Technica

Perplexity's "Incognito Mode" is a "sham," lawsuit says

Perplexity's AI allegedly shares sensitive user chats with Google and Meta without consent, raising significant privacy concerns.

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.

I turned to PrivacyBee to clean up my data - here's how it made me disappear

PrivacyBee is preferred for its comprehensive data removal services and user-friendly management tools.

Business intelligence

3 weeks ago

AI Security and Forensic Accounting: Protecting Financial Systems in an Automated World

AI-enhanced forensic accounting is essential for detecting financial fraud and payment manipulation in automated financial systems vulnerable to sophisticated, AI-driven attacks.

The agent security mess

Most granted permissions are unused by humans, but AI agents will exploit them, leading to significant security risks.

CERT-EU blames Trivy supply chain attack for Europa.eu data breach

TeamPCP exploited Trivy to access sensitive cloud credentials and data, creating significant vulnerabilities for organizations.

3 weeks ago

Meta, cops deploy AI and handcuffs in scam crackdown

Meta deployed anti-scam tools across WhatsApp, Facebook, and Messenger, including device-linking warnings and suspicious friend request alerts, while law enforcement disrupted scam networks and arrested 21 fraudsters.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.

Sophisticated CrystalX RAT Emerges

CrystalX RAT is a new malware-as-a-service combining spyware, stealer, and remote access capabilities, promoted on Telegram and YouTube.

fromTechRepublic

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

WhatsApp messages are being exploited to deliver malware to Windows users, creating significant security risks.

Meta Pauses Work With Mercor After Data Breach Puts AI Industry Secrets at Risk

Meta has paused work with Mercor due to a major security breach affecting data used for AI training.

fromMedCity News

The Evolving Landscape of Privacy and Cybersecurity: Essential Strategies for Legal and Compliance Professionals - MedCity News

Organizations must combine strong controls with comprehensive employee training and accountability culture to effectively protect sensitive data and comply with evolving privacy laws.

fromnews.bitcoin.com

Chainalysis Deploys AI Agents to Counter Criminal Use of Artificial Intelligence in Crypto

Chainalysis introduces AI agents to enhance fraud detection and compliance without requiring deep technical expertise, ensuring data quality and human oversight.

Stolen Logins Are Fueling Everything From Ransomware to Nation-State Cyberattacks

Stolen credentials significantly enhance ransomware attacks, enabling illegitimate access and operational disruption within networks.

The Next Cybersecurity Crisis Isn't Breaches-It's Data You Can't Trust

Data integrity now encompasses data trust, emphasizing the importance of reliable data in AI-driven decision-making.

I'm a retired Boomer and I just watched my smartest friend lose everything to a scam-here are 9 ways they got to him that could get to anyone - Silicon Canals

Last month, I sat across from one of the brightest people I know as he explained how he'd lost nearly everything to a sophisticated scam. This wasn't some naive teenager or technophobe. This was my friend from university days, a retired executive who'd navigated corporate politics for decades and made shrewd investment decisions his whole life. Watching him piece together how it happened was like watching someone solve a puzzle in reverse.

Psychology

fromTheStreet

FTC data reveal $12.5 billion in fraud, and your bank account is the target

Americans lost $12.5 billion to financial fraud in 2024, a 25% increase from the previous year.

fromWIRED

Data Broker Breaches Fueled Nearly $21 Billion in Identity-Theft Losses

Congressional Democrats identified $20.9 billion in consumer losses from identity theft linked to four major data broker breaches, with one company refusing to improve opt-out accessibility.

What IT leaders need to know about AI-fueled death fraud

AI-generated fake death certificates pose significant risks for businesses by enabling fraudsters to exploit customer accounts and data.

#email-fraud

E-Commerce

The Fraud Hiding in Email Signups

E-Commerce

The Fraud Hiding in Email Signups

E-Commerce

The Fraud Hiding in Email Signups

E-Commerce

The Fraud Hiding in Email Signups

The Importance of Behavioral Analytics in AI-Enabled Cyber Attacks

AI is transforming cybercrime by enabling personalized phishing, deepfakes, and malware that evade traditional security measures.

Identity has become malleable for cyber attackers

Modern cyberattacks combine psychological manipulation, deepfakes, voice phishing, and stolen data to breach even well-defended organizations without exploiting software vulnerabilities.

Security Firm Executive Targeted in Sophisticated Phishing Attack

A C-level executive at Outpost24 was targeted by a sophisticated phishing attack using the Kratos phishing-as-a-service kit that exploited legitimate services like Cisco and Nylas to bypass security defenses.

Targeted Phishing Attack Breaches Biotech Company Data

Intuitive Surgical suffered a phishing attack compromising employee credentials, exposing customer and corporate data, though operational systems and customer networks remained unaffected due to network segmentation.

Security Firm Executive Targeted in Sophisticated Phishing Attack

Targeted Phishing Attack Breaches Biotech Company Data

AI-driven fraud far more profitable, Interpol warns

AI-enhanced financial fraud schemes are 4.5 times more profitable than non-AI schemes, with criminals using generative AI to improve text quality, create deepfakes, and scale operations efficiently.

OAuth phishers make 'check where the link points' advice ineffective

Attackers use phishing emails with malicious OAuth links containing broken parameters to redirect users to attacker-controlled destinations through legitimate identity providers.

How AI Could Impact Tax Season Security This Year

Tax season is stressful for many, making it an ideal time for scammers to target unsuspecting and distracted taxpayers. Awareness is our first, and best, line of defense. Criminals often pose as the IRS, payroll companies, tax preparation services, or even trusted financial institutions in an effort to steal money and sensitive information.

Information security

Number of phishing attacks doubles in one year

Phishing kits and phishing-as-a-service expanded in 2025, enabling less skilled attackers and leveraging AI-generated messages and QR-based quishing to increase realism and bypass defenses.

What You Need to Know About the New LinkedIn Phishing Scheme

Attackers post LinkedIn-style comments claiming account restrictions to trick users into clicking lnkd.in links that lead to credential-harvesting pages.