Security news aggregator

Latest coverage for Impersonation

Impersonation attacks mimic trusted people or services to trick users into sharing credentials, sending money, or bypassing security controls.

22 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Impersonation is the deliberate presentation of a person, organization, account, device, or service as another trusted identity. In information security, attackers use stolen credentials, look-alike domains, caller-ID or email spoofing, forged messages, and social engineering to persuade users or systems to accept that false identity. The aim may be account takeover, unauthorized access, fraudulent transactions, or disclosure of sensitive information.

Impersonation commonly targets identity providers, email and messaging systems, help desks, executives, suppliers, and customer-support channels. Useful controls include phishing-resistant multi-factor authentication, least-privilege access, email authentication and domain monitoring, and independent verification of unusual requests—especially changes to payment details or credentials. Detection and response depend on examining authentication logs, device and session context, reported fraudulent messages, and newly registered look-alike domains; compromised accounts should be revoked or reset promptly and impersonated parties notified where appropriate.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 22 Filtered view
Bank Info Security 1 month, 1 week ago

Identity Scams Evolve Into Multi-Stage Attacks

Victims Increasingly Face Multiple Compromises From a Single IncidentIdentity theft scams are increasingly unfolding as coordinated, AI-assisted attack chains that begin with phishing or impersonation escalate into account takeovers, device compromise and broader fraud, according to the Identity Theft Resource Center.

Gartner's Apeksha Kaushik on Why Detection Alone Can't Stop ID ImpersonationOrganizations facing deepfake-driven impersonation attacks must move beyond traditional detection strategies and build stronger identity resilience. Security leaders should adopt layered defenses that combine detection, prevention and broader risk signals to disrupt attackers.

Bank Info Security 5 months, 2 weeks ago

Memcyco Gets $37M to Fight AI-Powered Impersonation Attacks

Digital Risk Protection Startup to Expand Preemptive Scam Detection ToolsWith brand impersonation and account takeover attacks surging, Memcyco raised $37 million in Series A funding to scale its preemptive scam detection platform. The firm plans to grow its sales team, develop AI-based features and support new product launches in the coming year.

Bank Info Security 5 months, 3 weeks ago

Identity Fraud: The New Crimewave Targeting Remote Work

The Urgency of High-Assurance Identity Proofing Amid Growing Identity FraudRemote work has fueled a new crimewave built on stolen and synthetic identities. As deepfakes scale, high-assurance identity proofing - combining biometrics, liveness detection and verified IDs - becomes essential to verify users, prevent impersonation and protect enterprise access.

Bank Info Security 10 months, 2 weeks ago

Varonis Acquires SlashNext to Combat Phishing, Email Attacks

Acquisition Targets Business Email Compromise, Impersonation and Spear-PhishingVaronis has acquired SlashNext to strengthen detection of phishing and social engineering attacks. The integration will help prevent identity compromises via email, SMS and collaboration tools while enhancing Miami-based Varonis’ AI-driven data protection.

Impersonation Hoax Leverages Top Officials' Known Use of Commercial Messaging AppSecurity analysts tell Information Security Media Group more impersonation scams fueled by artificial intelligence - like the recent one involving Secretary of State Marco Rubio - may increasingly target top U.S. officials if the government continues failing to enforce strict security protocols.

Bank Info Security 1 year, 1 month ago

Hackers Target Job Recruiters Through Malicious Resumes

Russian Speaking Hackers FIN6 Flip Job Fraud ScriptFinancially-motivated hackers tracked as FIN6 have flipped the script on job fraud, impersonating job seekers to phish recruiters and deploy stealthy malware through fake resumes hosted on trusted cloud platforms. The group engages recruiters on LinkedIn and Indeed with realistic resumes.

Bank Info Security 1 year, 1 month ago

AT&T Hit by Massive Reported Identity Data Leak - Again

Leaked Records Include Names, Decrypted Social Security Numbers and AddressesHackers have seemingly re-released a refined trove of 86 million AT&T records, including decrypted Social Security numbers and full identity data, heightening the risk of fraud and impersonation for tens of millions of users as researchers cite structural improvements in the dataset.

Bank Info Security 1 year, 3 months ago

Fraud in Your Inbox: Email Is Still the Weakest Link

At-Bay Cyber Insurance Claims Report Finds 83% of Financial Fraud Starts With EmailFinancial fraud remains the leading driver of cyberinsurance claims, with 83% of cases traced back to email-based attacks. Common tactics used to deceive employees include wiring funds to fraudulent accounts, generative AI-crafted emails, executive and vendor impersonation and BEC scams.

AICD's Figueroa on Business-Focused Communication for Authentication ProgressModern phishing tactics now leverage voice, SMS and AI-powered impersonation, yet many Asia-Pacific organizations continue relying on vulnerable single-factor authentication, said Marco Figueroa, senior manager of cyber security, risk and compliance at the Australian Institute of Company Directors.

Bank Info Security 1 year, 4 months ago

Popular Voice Cloning Tools Lack Safeguards

Abuse Can Lead to Fraud, Impersonation ScamsNeed a new voice? Artificial intelligence has you covered. Need to protect your own? That's another story. Some of the most widely used AI voice synthesis tools offer only superficial safeguards against misuse - if any at all, researchers found in a recent analysis.

Bank Info Security 1 year, 8 months ago

Singapore Requires Banks, Telecoms to Prevent Scams

SMS Impersonation Scam Victims Must Be Made WholeSingapore regulators gave banks six months to institute real-time detection tools for blocking impersonation scams or else assume liability for stolen funds. A finalized framework published Thursday also shifts liability onto island-nation telecoms unless they block fraudulent SMS messages

Bank Info Security 1 year, 8 months ago

Hacker Poses as Israeli Security Vendor to Deliver Wiper

Phishing Emails Impersonating Eset Target Cybersecurity Professionals With MalwareCybercriminals posing as a top security firm in Israel have launched wiper attacks on local cybersecurity professionals after bypassing significant security measures, according to recent reports. Cybersecurity firm Eset said threat actors did not compromise its systems.

Bank Info Security 1 year, 9 months ago

Beyond Phishing: AI's New Tricks for Cyberattacks

Paramount's Surinder Lall on AI Impersonation, Deepfakes, AI Governance FrameworksWhile AI transforms business operations, it helps cybercriminals develop sophisticated impersonation techniques such as deepfakes and voice synthesis, posing new challenges for corporate security, said Surinder Lall, senior vice president of global information security risk management at Paramount.

Bank Info Security 1 year, 10 months ago

NoName Apparently Allies With RansomHub Operation

NoName Specializes in Long-Tail ExploitsUp-and-coming online criminal extortion group RansomHub appears to have a new affiliate - NoName, a midtier actor whose main claim to fame so far has been impersonating the LockBit ransomware-as-a-service operation. NoName is known for exploiting years-old vulnerabilities.

Bank Info Security 2 years, 1 month ago

Fraudsters Impersonate CISA in Money Scams

CISA Won't Ask You to Wire Money or Keep Discussions SecretIf you've received an urgent phone call from the U.S. Cybersecurity and Infrastructure Security Agency about a security vulnerability, you should know: The call wasn't really from CISA. Americans reported more than $1.1 billion in financial losses due to impersonation scams in 2023.

First Purchase in Bugcrowd's History to Boost Attack Surface Management, VisibilityBugcrowd has acquired Informer to enhance its external attack surface management, giving customers better visibility and security. The integration will bring Bugcrowd's existing bug bounty and penetration testing offerings together with new capabilities such as brand impersonation detection.

Bank Info Security 2 years, 3 months ago

Half of UK Firms, Charities Failed to Report Cyber Incidents

Survey: SMBs, Charities Mostly Targeted With Phishing, Online Impersonation in 2023Cybercriminals launched 7.78 million attacks against U.K. businesses and nearly 1 million against charity organizations, according to the latest U.K. government survey report. But fewer than half of those firms reported the incidents to authorities, something researchers say is a concerning trend.

Bank Info Security 2 years, 3 months ago

Breach Roundup: Omni Hotels Acknowledges Cyber Incident

Also: Insurer Predicts Ransomware for Cars, Offers to Cover Towing CostsThis week, Omni, OWASP and MarineMax suffered cyber incidents, Ivanti disclosed flaws, Cisco gave tips to stop password-spraying attacks, a court upheld an FCC ban, India rescued citizens in Cambodia, Americans lost $1.1 billion to impersonation scams, and an insurer introduced a cyber auto policy.

Loading more headlines...