Security News

25% of Americans has lost money to online tax scams, according to McAfee. "As tax season ramps up, so too does cybercriminal activity. What's new this year is the scale and sophistication of scams we're now seeing thanks to artificial intelligence. From AI-generated robocalls with regional accents to very realistic and convincing fake emails, websites, and scam texts, cybercriminals are utilizing all the AI tools available to them, and so too should consumers to stay safe," said Steve Grobman, CTO at McAfee.

Customers of bankrupt crypto platform BlockFi have been targeted with a very convincing phishing email impersonating the platform, asking them to connect their wallet to complete the withdrawal of remaining funds. BlockFi was a digital asset lender that filed for Chapter 11 bankruptcy protection after it lost access to funds in the wake of the bankruptcy of the FTX cryptocurrency exchange and the Silicon Valley Bank shutdown.

As the digital wolves dress in sheep's tax forms, Microsoft has thrown a spotlight on a crafty 2024 phishing expedition, unraveled in January, that preys on the unsuspecting herd of early tax filers. The malicious email campaign, purporting to be employees' tax returns, contained an attachment that, when clicked, directs the user to a phony website that looks like a blurred spreadsheet, with a download documents button marked "Confidentials to users[dot]name[at] contoso[dot]com."

The U.S. Federal Trade Commission warned today that scammers are impersonating its employees to steal thousands of dollars from Americans. FTC says its staff has received numerous reports from consumers who have fallen victim to scams in which fraudsters exploited the identities of agency personnel to coerce them into transferring or wiring money.

Scammers on Airbnb are faking technical issues and citing higher fees to get users to a spoofed Tripadvisor website and steal their money. Malwarebytes researchers came across the Airbnb scam when trying to book an apartment through the platform.

A deepfake video conference call paired with social engineering tricks has led to the theft of over US$25 million from a multinational firm, the South China Morning Post has reported. They have been later quelled by a group video conference to which the employee was invited.

Cryptocurrency scammers are abusing a legitimate Twitter "Feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs. On X, formerly and more widely known as Twitter, a post's URL consists of the account name of the person who tweeted it and a status ID, as shown below. This allows you to take an URL for a Tweet and modify the account name to whatever you want, even high-profile accounts.

Cryptocurrency scammers are abusing a legitimate X "Feature" to promote scams, fake giveaways, and fraudulent Telegram channels used to steal your crypto and NFTs. On X, formerly Twitter, a post's URL consists of the account name of the person who tweeted it and a status ID, as shown below. This allows you to take an URL for a Tweet and modify the account name to whatever you want, even high-profile accounts.

Interpol on Tuesday revealed the results of what it's dubbed Operation HAECHI IV - a six-month effort that saw 34 nations cooperate, with funding from South Korea. The majority - about three quarters - of the crime investigated by the op was business email compromise, e-commerce fraud, and investment fraud.

The threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the...