Security news aggregator

Latest coverage for Scam

Scams use deception to steal money, credentials, or sensitive data, making them a cybersecurity risk for individuals and organizations.

7 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Scams are deceptive schemes intended to make people surrender money, credentials, sensitive information, or access. In information security, they commonly use phishing messages, impersonation, fraudulent websites, business-email compromise, fake technical support, or malicious attachments. Their defining feature is manipulation: the attacker creates a credible pretext and pressures the target to act before verifying the request.

Security teams should treat scams as an attack surface spanning email, messaging, telephone calls, social media, and payment workflows. Material risks include account takeover through stolen credentials, unauthorized payments, disclosure of personal or company data, and malware execution from deceptive content. Useful controls include phishing-resistant authentication, secure payment-change procedures with independent verification, filtering and domain protections, user training focused on reporting, and rapid review of suspicious messages or transactions. Incident handling may require revoking sessions, resetting credentials, contacting financial institutions, preserving evidence, and notifying affected parties where applicable.

Showing 7 most recent headlines Filtered view

Crypto mines, BEC scams, fake passports, and a $300M fraud empire allegedly brought down during Serengeti 2.0 Interpol's latest clampdown on cybercrime resulted in 1,209 arrests across the African continent, from ransomware crooks to business email compromise (BEC) scammers, the agency says.…

Also: Coinbase's Misconfigured Smart Contract, GMX Repayment PlansThis week, a Ponzi scammer must pay $228 million, Google clarified Play Store non-custodial wallet rules, Coinbase misconfiguration, GMX repayment, BtcTurk halted transfers, bank groups wrote lawmakers. Prosecutors seized funds. The Federal Reserve ended a special oversight program. Hong Kong published new rules.

Cybersecurity researchers have demonstrated a new prompt injection technique called PromptFix that tricks a generative artificial intelligence (GenAI) model into carrying out intended actions by embedding the malicious instruction inside a fake CAPTCHA check on a web page

Bank Info Security 10 months, 4 weeks ago

Why the US Needs New Policies to Fight Scams

Fraud Expert Trace Fooshee on Regulatory Steps Needed to Curb Payment ScamsWhile the U.K. and Australia have mobilized multiple sectors to tackle payment scams, the United States faces complex hurdles. The U.S. can't replicate other regulatory models but it can pursue targeted actions such as regulating scam-prone ad platforms and creating a central fraud-fighting agency.

PLUS: Kryptos solution up for auction; Canadian parliament springs a leak; Fake crypto lawyers; And more Infosec In Brief New York State is suing bank-owned peer-to-peer payment app Zelle, claiming that the banks behind it knew fraud was rampant on the platform but allowed scammers to conduct business with impunity.…