Security News
A new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. The new malware, spotted by Group-IB, is part of a malware suite developed by the Chinese threat group known as 'GoldFactory,' which is responsible for other malware strains such as 'GoldDigger', 'GoldDiggerPlus,' and 'GoldKefu.
More than 70,000 presumably legit websites have been hijacked and drafted into a network that crooks use to distribute malware, serve phishing pages, and share other dodgy stuff, according to researchers. In the case of VexTrio, tens of thousands of websites are compromised so that their visitors are redirected to pages that serve up malware downloads, show fake login pages to steal credentials, or perform some other fraud or cyber-crime.
The U.S. Federal Trade Commission says Americans lost over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. Imposter scams emerged as the most frequently reported fraud category, with notable upticks in business and government impersonation reports.
Nearly half of businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased, according to AuthenticID. Consumers and businesses alike are facing new challenges in today's digital existence, from considering the ramifications of digital identity to grappling with the use and prevalence of new tools like generative AI. In the meantime, the explosion of AI has also pushed identity fraud into a new frontier that will become a potential global shift in the coming year. 68% of people said the threat of identity fraud and scams impacts how they make purchases, open accounts, and do business.
B.J. Herbison February 5, 2024 11:36 AM. Was the call recorded? On the call we have a bunch of scammers and one person who says "The deepfakes were great, I was fooled." and sends the money. The "Worried about a phishing email" might be just posturing.
"As the risk of vendor payment fraud grows, so does the need to automate bank account validations and embed them into your daily processes. It's essential for winning the fight against fraud and ensuring payments are sent to the correct parties." 75% of C-level finance and treasury leaders say they'd stop doing business with an organization that fell victim to payment fraud and lost their payment.
New York Attorney General Letitia James sued Citibank over its failure to defend customers against hacks and scams and refusing to reimburse victims after allowing fraudsters to steal millions from their accounts. The complaint claims that because it's providing online and mobile banking options for wire transfers, Citibank should also compensate fraud victims, akin to the protections afforded to victims of electronic credit or debit card fraud under the same legislation.
Mexican financial institutions are under the radar of a new spear-phishing campaign that delivers a modified version of an open-source remote access trojan called AllaKore RAT. The BlackBerry...
A Baltimore man faces a potential maximum 20-year prison sentence after being charged for his alleged role in running an online service that sold personal data which was later used for financial fraud. The filing claims customers would approach Charleron with a name and home address, plus a payment in the region of $25 sent either via cryptocurrency or other digital means, and in return they would receive the PII necessary to take out credit cards in a victim's name.
The result is that digital nomads come across systems for identity verification more often than most people do. Identity verification of digital nomads can be a tricky task for many businesses as their established processes are not designed for such a large variety of foreign IDs, and thus require revamping.