FTC: older adults lost record $700 million to scammers in 2024
Americans aged 60 and older lost a staggering $700 million to online scams in 2024, marking a sharp rise in fraud targeting seniors, according to the Federal Trade Commission. [...]
Scams use deception to steal money, credentials, or sensitive data, making them a cybersecurity risk for individuals and organizations.
Search across headline titles and summaries.
Background for this topic.
Scams are deceptive schemes intended to make people surrender money, credentials, sensitive information, or access. In information security, they commonly use phishing messages, impersonation, fraudulent websites, business-email compromise, fake technical support, or malicious attachments. Their defining feature is manipulation: the attacker creates a credible pretext and pressures the target to act before verifying the request.
Security teams should treat scams as an attack surface spanning email, messaging, telephone calls, social media, and payment workflows. Material risks include account takeover through stolen credentials, unauthorized payments, disclosure of personal or company data, and malware execution from deceptive content. Useful controls include phishing-resistant authentication, secure payment-change procedures with independent verification, filtering and domain protections, user training focused on reporting, and rapid review of suspicious messages or transactions. Incident handling may require revoking sessions, resetting credentials, contacting financial institutions, preserving evidence, and notifying affected parties where applicable.
Americans aged 60 and older lost a staggering $700 million to online scams in 2024, marking a sharp rise in fraud targeting seniors, according to the Federal Trade Commission. [...]
Cybersecurity researchers are drawing attention to a new campaign that's using legitimate generative artificial intelligence (AI)-powered website building tools like DeepSite AI and BlackBox AI to create replica phishing pages mimicking Brazilian government agencies as part of a financially motivated campaign
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google's official app storefronts under the guise of seemingly useful applications
WhatsApp is introducing a new security feature that will help users spot potential scams when they are being added to a group chat by someone not in their contact list. [...]
A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs
Cybersecurity researchers have lifted the veil on a widespread malicious campaign that's targeting TikTok Shop users globally with an aim to steal credentials and distribute trojanized apps
The ClickTok campaign lures victims with fake TikTok shops and drains their crypto wallets. CTM360 exposes how SparkKitty spyware spreads via trojanized apps, phishing pages, and AI-powered scams. [...]
The ClickTok campaign lures victims with fake TikTok shops and drains their crypto wallets. CTM360 exposes how SparkKitty spyware spreads via trojanized apps, phishing pages, and AI-powered scams. [...]