Notícias

Fraudsters clone Avast's website to target French users with a €499 phishing scam, using urgency tactics, live chat, and card validation to steal payment data.

2025 saw 32M phishing emails, with identity threats surpassing vulnerabilities

The Scattered Lapsus$ Hunters (SLH) hacking collective has launched a recruitment push aimed specifically at women, offering cash payments for participating in voice-phishing (vishing) attacks. A few days ago, threat intelligence firm Dataminr detected posts on a public Telegram channel advertising roles for female callers willing to conduct social-engineering phone operations. SLH's recruitment ad (Source: Dataminr) The group is apparently offering between $500 and $1,000 per call, up front, and is supplying prepared scripts to … More → The post Scattered Lapsus$ Hunters seeks women for vishing attacks appeared first on Help Net Security.

Encrypted messaging platforms are becoming a primary channel for Authorised Push Payment (APP) fraud, with Telegram representing a growing share of reported cases, according to the Revolut report. APP scam origination by % social media platform (Source: Revolut) The platform generates over 20% of authorised fraud origination, surpassing WhatsApp and posting growth of more than 30% in its share of scam cases compared to 2024. Meta-owned platforms remain the largest source of APP scams, accounting … More → The post Telegram rises to top spot in job scam activity appeared first on Help Net Security.

AI models are being folded into fraud and influence operations that follow long standing tactics. A February 2026 update to OpenAI's Disrupting Malicious Uses of Our Models report details how ChatGPT and related API access were used in romance scams, fake legal services, coordinated influence campaigns, and a state linked harassment effort. Six tweets whose text matches a batch of comments generated by the main ChatGPT account in this operation, and posted online by six … More → The post Fraudsters integrate ChatGPT into global scam campaigns appeared first on Help Net Security.

Intellicheck announced the roll out of its enriched Desktop Application. The new Desktop Application allows any sized organization to immediately stop identity theft and fraud losses. Implementation is immediate. No system integration is needed. This comes at minimal cost. The technology solution works with the scanners most organizations already have in place. Intellicheck's Desktop Application is designed for customers of all sizes. The application ensures a superior, frictionless and rapid customer authentication experience. Businesses can … More → The post Intellicheck Desktop Application helps organizations combat identity theft appeared first on Help Net Security.

Here's how to protect yourself from this new twist on a classic social engineering scam.

submitted by /u/AdventurousPlum7945 [link] [comments]

Author here. Starkiller got my attention this week — Abnormal AI's disclosure of a PhaaS platform that proxies real login pages instead of cloning them. I wrote a technical breakdown of the AitM flow, why traditional defences (including MFA) fail, and concrete detection strategies including TLS fingerprinting. I also released ja3-probe, a zero-dependency Rust PoC that parses TLS ClientHello messages and classifies clients against known headless browser / proxy fingerprints. submitted by /u/Reversed-Engineer-01 [link] [comments]

ShinyHunters' alleged CarGurus leak exposed 12.4 million accounts, heightening phishing and fraud risks. The post 12.4 Million Accounts Exposed in CarGurus Leak appeared first on eSecurity Planet.