Tech support scam ring leader gets 7 years in prison, $6M fine
The leader of a tech support fraud scheme was sentenced to seven years in prison after tricking at least 6,500 victims and generating more than $6 million. [...]
Scams use deception to steal money, credentials, or sensitive data, making them a cybersecurity risk for individuals and organizations.
Search across headline titles and summaries.
Background for this topic.
Scams are deceptive schemes intended to make people surrender money, credentials, sensitive information, or access. In information security, they commonly use phishing messages, impersonation, fraudulent websites, business-email compromise, fake technical support, or malicious attachments. Their defining feature is manipulation: the attacker creates a credible pretext and pressures the target to act before verifying the request.
Security teams should treat scams as an attack surface spanning email, messaging, telephone calls, social media, and payment workflows. Material risks include account takeover through stolen credentials, unauthorized payments, disclosure of personal or company data, and malware execution from deceptive content. Useful controls include phishing-resistant authentication, secure payment-change procedures with independent verification, filtering and domain protections, user training focused on reporting, and rapid review of suspicious messages or transactions. Incident handling may require revoking sessions, resetting credentials, contacting financial institutions, preserving evidence, and notifying affected parties where applicable.
The leader of a tech support fraud scheme was sentenced to seven years in prison after tricking at least 6,500 victims and generating more than $6 million. [...]
The United Kingdom's National Crime Agency (NCA) has shut down Russian Coms, a major caller ID spoofing platform used by hundreds of criminals to make over 1.8 million scam calls. [...]
UK authorities shut down a scam platform responsible for over 1.3 million calls to 500,000 victims, resulting in millions of pounds in losses
Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks
Cybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script
An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint's defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others