FBI Shares Tips to Spot Fake Lawyer Schemes Targeting Crypto Scam Victims
The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy
Scams use deception to steal money, credentials, or sensitive data, making them a cybersecurity risk for individuals and organizations.
Search across headline titles and summaries.
Background for this topic.
Scams are deceptive schemes intended to make people surrender money, credentials, sensitive information, or access. In information security, they commonly use phishing messages, impersonation, fraudulent websites, business-email compromise, fake technical support, or malicious attachments. Their defining feature is manipulation: the attacker creates a credible pretext and pressures the target to act before verifying the request.
Security teams should treat scams as an attack surface spanning email, messaging, telephone calls, social media, and payment workflows. Material risks include account takeover through stolen credentials, unauthorized payments, disclosure of personal or company data, and malware execution from deceptive content. Useful controls include phishing-resistant authentication, secure payment-change procedures with independent verification, filtering and domain protections, user training focused on reporting, and rapid review of suspicious messages or transactions. Incident handling may require revoking sessions, resetting credentials, contacting financial institutions, preserving evidence, and notifying affected parties where applicable.
The Bureau’s Internet Crime Complaint Center has provided a list of indicators for potential cryptocurrency scam victims to avoid a double whammy
Google said it's implementing a new policy requiring developers of cryptocurrency exchanges and wallets to obtain government licenses before publishing apps in 15 jurisdictions in order to "ensure a safe and compliant ecosystem for users." The policy applies to markets like Bahrain, Canada, Hong Kong, Indonesia, Israel, Japan, the Philippines, South Africa, South Korea, Switzerland, Thailand,
AI-powered trading platforms have been observed exploiting deepfake technology to trick investors with fake endorsements
The sophisticated campaign aims to steal credentials of sponsor license holders to facilitate immigration fraud, extortion and other monetization schemes
$150 Million Stolen From Victims and Laundered, Allege Federal ProsecutorsFour Ghanian nationals have been charged with stealing more than $100 million by perpetrating romance scams and business email compromises against U.S. organizations, as well as laundering the stolen proceeds. Three of the suspects have been extradited to the United States to stand trial.
The U.S. Department of Justice charged four Ghanaian nationals for their roles in a massive fraud ring linked to the theft of over $100 million in romance scams and business email compromise attacks. [...]
Four senior members of a Ghana-based criminal network have been indicted for stealing over $100 million through romance scams and BEC frau
PLUS: Crypto mixer founders plead guilty; Another French telco hacked; Meta fights WhatsApp scams; And more! Infosec In Brief A critical vulnerability in the on-prem version of Trend Micro's Apex One endpoint security platform is under active exploitation, the company admitted last week, and there's no patch available.…