Security news aggregator

Latest coverage for Fraud

Stay informed on the latest in information security with updates on fraud prevention, detection techniques, and cyber fraud trends.

170 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Fraud is intentional deception used to obtain money, access, information, or another unfair benefit. In information security, the term commonly covers digitally enabled schemes such as phishing, account takeover, payment fraud, business email compromise, and misuse of stolen identities or credentials. The defining feature is deceptive use of systems, accounts, or data—not merely a technical failure.

Security teams should treat fraud as both an identity and transaction-risk problem. Relevant controls include phishing-resistant authentication, least-privilege access, payment and account-change verification, and monitoring for unusual login or transaction patterns. Personal and financial data require appropriate privacy protections because exposed data can support impersonation even when passwords are not compromised. Investigation must preserve authentication, email, endpoint, and transaction records so organizations can contain unauthorized access, reverse or block fraudulent activity where possible, notify affected parties, and improve controls based on the attack path.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 170 Filtered view

A coordinated law enforcement operation, in partnership with private sector companies, including Bitdefender, Bitsight, ESET, and Microsoft, has resulted in the takedown of criminal infrastructure powering Amadey and StealC

Cybersecurity researchers have disclosed details of a telecommunications fraud campaign that uses fake CAPTCHA verification tricks to dupe unsuspecting users into sending international text messages that incur charges on their mobile bills, generating illicit revenue for the threat actors who lease the phone numbers

Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser extensions act normally while pulling data and running code. Even update channels are used to push payloads. It’s not breaking systems—it’s bending trust

Cybersecurity researchers have unmasked a novel ad fraud scheme that has been found to leverage search engine poisoning (SEO) techniques and artificial intelligence (AI)-generated content to push deceptive news stories into Google's Discover feed and trick users into enabling persistent browser notifications that lead to scareware and financial scams

The U.S. Federal Bureau of Investigation (FBI), in partnership with the Indonesian National Police, has dismantled the infrastructure associated with a global phishing operation that leveraged an off-the-shelf toolkit called W3LL to steal thousands of victims' account credentials and attempt more than $20 million in fraud

Loading more headlines...