Security News

A class action complaint [PDF], filed Tuesday in federal court for the District of Northern California, claims that "Over nearly a decade, Google has knowingly kept millions of dollars in stolen money from victims of gift card scams who purchased Google Play gift cards." Filed on behalf of Indiana resident Judy May, the suit alleges Google keeps funds from stolen Google Play gift cards - either by taking its 15-30 percent commission from payments to Google Play app developers made with fraudulently obtained gift cards, or by withholding all funds paid via scammed gift cards for its own benefit.

In this Help Net Security video, Tyler Adams, CEO at CertifID, illustrates how the real estate sector needs to invest significant effort in educating consumers and implementing protective measures to safeguard real estate transactions. Recent CertifID research found that median consumer losses in real estate fraud schemes exceeded $70,000 per incident as a result of stolen buyer down payments and seller net proceeds.

92% of respondents to a recent report shared that their organization had been a victim of identity fraud, costing an average of $4.3 million over the last 12 months. Only 40% stated identity verification as a top identity challenge, noting that many organizations still need to trust more secure authentication practices, patchy identity monitoring, and other outdated manual processes to do the job.

A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.

More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. In the case of VexTrio, tens of thousands of websites are compromised so that their visitors are redirected to pages that serve up malware downloads, show fake login pages to steal credentials, or perform some other fraud or cyber-crime.

The U.S. Federal Trade Commission says Americans lost over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. Imposter scams emerged as the most frequently reported fraud category, with notable upticks in business and government impersonation reports.

Nearly half of businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased, according to AuthenticID. Consumers and businesses alike are facing new challenges in today's digital existence, from considering the ramifications of digital identity to grappling with the use and prevalence of new tools like generative AI. In the meantime, the explosion of AI has also pushed identity fraud into a new frontier that will become a potential global shift in the coming year. 68% of people said the threat of identity fraud and scams impacts how they make purchases, open accounts, and do business.

B.J. Herbison February 5, 2024 11:36 AM. Was the call recorded? On the call we have a bunch of scammers and one person who says "The deepfakes were great, I was fooled." and sends the money. The "Worried about a phishing email" might be just posturing.

"As the risk of vendor payment fraud grows, so does the need to automate bank account validations and embed them into your daily processes. It's essential for winning the fight against fraud and ensuring payments are sent to the correct parties." 75% of C-level finance and treasury leaders say they'd stop doing business with an organization that fell victim to payment fraud and lost their payment.

New York Attorney General Letitia James sued Citibank over its failure to defend customers against hacks and scams and refusing to reimburse victims after allowing fraudsters to steal millions from their accounts. The complaint claims that because it's providing online and mobile banking options for wire transfers, Citibank should also compensate fraud victims, akin to the protections afforded to victims of electronic credit or debit card fraud under the same legislation.