Security News

Fraud detection is simply a necessity nowadays, but it's only the beginning of what organizations need to do to protect themselves and their users. Knowing what's fraud is only half the battle: you need to be able to catch it in time to prevent the fraud from succeeding.

Scammers are taking full advantage of the launch of Google's new TikTok competitor, YouTube Shorts, which has turned out to be an awesome tool for feeding billions of engaged viewers stolen content. Narang analyzed 50 different YouTube channels and found as of December, they had racked up 3.2 billion views across at least 38,293 videos stolen from TikTok creators.

All digital markets are built on trust and that trust has been reduced to an algorithm driven by proof of identity, which currently remains heavily reliant on formal documents such as a passport or driving license. Among the various methods used by those committing criminal fraud, an alarmingly common and effective tactic designed to defeat many existing automated technologies is the use of "Synthetic identities." This is where real and fictitious identity fragments are combined specifically to evade fraud detection processes.

The fraud detection and prevention market is expected to surpass $100 billion by 2027, as reported in a research study by Global Market Insights. The internal fraud type is anticipated to grow at over 25% CAGR between 2021 to 2027 due to the rising collusion among employees.

While researching a recent large-scale bot campaign with CQ Prime Threat Research team lead, Dean Lendrum, we found attackers using domain parking and monetization services to register multiple domains, creating a large number of fake eCommerce accounts per domain. Patterns observed include irregular domain names, domain resolving to an untrusted web app, SSL not enabled.

The year-end holiday season is a time for celebration - a chance to decorate homes, splurge on gifts and gather with family and friends. Last year, 1 in 4 people fell victim to fraud during the holiday season.

In this interview with Help Net Security, Tom Wesselman, CTO of TeleSign, explains how to successfully combat identity fraud to not only protect an organization but its customers too. One way to do so is by conducting extensive vetting during the new customer onboarding process that challenges customers to verify their identities.

Among all of the attacks aimed at rank-and-file users, there's one that stands out - the tech support scam. Tech support scams happen when people receive a message - either through a popup on their screen or an unsolicited phone call - insisting that something's wrong with their computer and needs fixing.

Digital criminals are creating new and effective ways to con businesses and financial institutions by using synthetic identity fraud. "We're seeing a huge increase in synthetic identity fraud - the process of combining real and fake personal information to create an identity and commit fraud," Hoffner said during an email conversation.

Riot Games, the developer behind League of Legends, has filed a California lawsuit against scammers, whose identities aren't yet known, for ripping off job seekers with the promise of a gig with the company. Usually early in their careers and eager for a chance with a gaming company like Riot, job hunters are either targeted by a cybercriminal posing as a recruiter or with fake ads on popular employment sites like Indeed, Riot's filing explained.