Security news aggregator

Latest coverage for Scam

Scams use deception to steal money, credentials, or sensitive data, making them a cybersecurity risk for individuals and organizations.

5 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Scams are deceptive schemes intended to make people surrender money, credentials, sensitive information, or access. In information security, they commonly use phishing messages, impersonation, fraudulent websites, business-email compromise, fake technical support, or malicious attachments. Their defining feature is manipulation: the attacker creates a credible pretext and pressures the target to act before verifying the request.

Security teams should treat scams as an attack surface spanning email, messaging, telephone calls, social media, and payment workflows. Material risks include account takeover through stolen credentials, unauthorized payments, disclosure of personal or company data, and malware execution from deceptive content. Useful controls include phishing-resistant authentication, secure payment-change procedures with independent verification, filtering and domain protections, user training focused on reporting, and rapid review of suspicious messages or transactions. Incident handling may require revoking sessions, resetting credentials, contacting financial institutions, preserving evidence, and notifying affected parties where applicable.

Showing 5 most recent headlines Filtered view
Bank Info Security 1 year, 10 months ago

US Moves Toward Expanding Reg E to Address Payment Fraud

Fraud Expert Ken Palla on Recent Legislative Efforts and Regulatory ScrutinyRecent developments suggest the U.S. is taking a more serious approach to holding faster payments platforms accountable for scams. It's unlikely any changes will occur before the November U.S. election, but the move toward more regulation is a good start, said Ken Palla, retired MUFB Bank director.

Bank Info Security 1 year, 10 months ago

Cryptohack Roundup: SEC Sends Wells Notice to OpenSea

Also: WazirX Seeks Moratorium to Restructure Debt After HackThis week, the SEC sent OpenSea a Wells notice, WazirX sought protection from creditors, Ryan Salame reconsidered his guilty plea, objections to the FTX bankruptcy reorganization plan were filed, U.S. police recovered pig-butchering scam funds, and Colombia accused Worldcoin of privacy violations.

Krebs on Security 1 year, 10 months ago

When Get-Out-The-Vote Efforts Look Like Phishing

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote effort that had all the hallmarks of a phishing campaign.

Bank Info Security 1 year, 10 months ago

Seeking a Job in Cybersecurity? Protect Yourself From Scams

Learn How to Recognize Fraudulent Job Postings and Avoid Becoming a Scam VictimThe demand for skilled cybersecurity professionals, coupled with the rise in remote work, has led to an increase in fraudulent job postings targeting tech-savvy individuals. Learn why this is so and how to protect yourself from deceptive schemes as you pursue a job in cybersecurity.