Latest news with #onlineScams
Bloomberg
09-07-2025
- Business
- Bloomberg
South Africa's Financial Cop Beefs Up to Take Down Online Scams
South Africa's financial-markets regulator is ramping up its operations to combat an explosion in online scams. The Financial Sector Conduct Authority will spend 200 million rand ($11 million) over the next 18 months to build up the supervisory muscle to beef up monitoring and enforcement.
Forbes
06-07-2025
- Forbes
Google Warns All Gmail Users To Upgrade Accounts—This Is Why
It's time to upgrade your Google account. It happens all the time. A familiar sign-in window pops up on your screen, asking for your account password to enable you open a document or access emails. It happens so often we no longer notice and simply go through the motions on autopilot. But Google warns this is dangerous and needs to stop before you lose your account. Most Gmail users 'still rely on older sign-in methods like passwords and two-factor authentication (2FA),' Google warns, despite the FBI reporting that 'online scams raked in a record $16.6 billion last year — up 33% in just one year — and are growing more sophisticated.' That means you're less likely to spot an attack until it's too late. When I first covered Google's alarming new stats, the company told me the warning to upgrade accounts is right, but needs to go further. This is about more than Gmail, it's about all the accounts that can be accessed with a Google sign-in. But Gmail is the most prized, because your email account opens up access to so much more. And less than a month later we have a frightening new proof point as to exactly why accounts that are protected by passwords and even 2FA are at such risk. Okta warns threat actors are now 'abusing v0 — a breakthrough GenAI tool created by Vercelopens to develop phishing sites that impersonate legitimate sign-in webpages.' Most users have not upgraded to passkeys. That's why Google says 'we want to move beyond passwords altogether, while keeping sign-ins as easy as possible.' That means upgrading the security on your Google Account to add a passkey. This stops attackers accessing your account, because the passkey is linked to your own devices and can can't be stolen or bypassed. Most Gmail users still don't have passkeys — but all must add them as soon as possible. Okta says this 'signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts.' If you're willing to use your password, you're at risk. And that's the second part of this warning. Upgrading your account with a passkey only helps secure that account if you change your behavior as well. No more entering a password when prompted — only use your passkey. And if that's not possible, make sure your account uses a different form of 2FA to SMS codes. An authenticator app is best. Video showing how easily a malicious sign-in window can be created with AI. Okta warns 'today's threat actors are actively experimenting with and weaponizing leading GenAI tools to streamline and enhance their phishing capabilities. The use of a platform like Vercel's allows emerging threat actors to rapidly produce high-quality, deceptive phishing pages, increasing the speed and scale of their operations.' Passkeys are phishing resistant. That's why Microsoft is going even further than Google, actively pushing users to delete passwords altogether and removing them from its own Authenticator app, and will now limit that app to passkeys only. This is just the beginning of the new AI-fueled attacks that will fast become the norm. Attackers are playing with these new tools, and that's changing the game. You need to ensure that all your key accounts are fully protected — it's a change you should make today, not some time soon when you get around to it. 'We build advanced, automatic protections directly into Google's products,' the company says, 'so security is something you don't have to think about.' But if you're still securing those products with a password — the digital equivalent of a flimsy $5 padlock, then you are playing into the hands of those attackers. It takes a few seconds and can be done directly from here. Add your passkey now.
Daily Mail
03-07-2025
- Business
- Daily Mail
Warning issued over card scam hitting Apple and PayPal
It looks like a real sale from a big brand, until your credit card details are stolen. An alarming wave of online scams is sweeping the US, targeting shoppers with fake websites designed to mimic major retailers. These sites are crafted to steal your payment information without delivering a product, often luring shoppers in through social media links, fake ads, or even top Google search results. Cybersecurity experts from the Silent Push say thousands of these fake storefronts are active, many operated by organized criminal groups based in China . 'Our team has found thousands of domains spoofing various payment and retail brands in connection to this campaign, including: PayPal , Apple, Wayfair, Lane Bryant, Brooks Brothers, Hermes, Omaha Steaks, Michael Kors, and many, many more peddling everything from luxury watches to garage doors,' they say. Cybercriminals have copied images, layouts, and text from real retailers to appear convincing, sometimes with only a single swapped letter in the web address. They also use fake Google Pay or Apple Pay buttons , or logos for Visa, MasterCard, and PayPal, to make the fraudulent checkouts more believable. Once users land on one of these sites, they're pressured with 'limited-time' deals and countdown timers, classic bait to rush purchases. The FBI warns that these scams are becoming more sophisticated, especially around peak shopping seasons. 'A site you're buying from should have HTTPS in the web address,' the agency said. That's a basic sign of a secure site; it encrypts data, so your payment details stay private. Silent Push was tipped off by Mexican journalist Ignacio Gómez Villaseñor, who discovered fake stores targeting Mexico's 'Hot Sale 2025,' a Black Friday-style event . When shoppers search for a deal, they are more likely to land on a scam site first, like 'Wrangler jeans' or 'discount handbags.' Domains like (a misspelled version of Harbor Freight) and were among many found to be operating under this network. As Gómez Villaseñor noted, 'This simulation is done to gain user trust and steal your information without raising immediate suspicion.' The scale of the scam is staggering. Despite efforts to take down many of these sites, thousands remain live as of June 2025, according to Silent Push. Traditional takedown methods are being overwhelmed by the sheer number of new scam domains popping up each week. The consequences are costly. According to the FBI's Internet Crime Complaint Center (IC3), Americans lost $16.6 billion to internet scams in 2024, a 33 percent increase from the year before. That includes nearly 860,000 complaints, a dramatic rise from the early 2000s when the center averaged just 2,000 reports per month.
Daily Mail
03-07-2025
- Business
- Daily Mail
Warning issued to US shoppers over card scam hitting Apple and PayPal: Do not use
It looks like a real sale from a big brand, until your credit card details are stolen. An alarming wave of online scams is sweeping the US, targeting shoppers with fake websites designed to mimic major retailers. These sites are crafted to steal your payment information without delivering a product, often luring shoppers in through social media links, fake ads, or even top Google search results. Cybersecurity experts from the Silent Push say thousands of these fake storefronts are active, many operated by organized criminal groups based in China. 'Our team has found thousands of domains spoofing various payment and retail brands in connection to this campaign, including: PayPal, Apple, Wayfair, Lane Bryant, Brooks Brothers, Hermes, Omaha Steaks, Michael Kors, and many, many more peddling everything from luxury watches to garage doors,' they say. Cybercriminals have copied images, layouts, and text from real retailers to appear convincing, sometimes with only a single swapped letter in the web address. They also use fake Google Pay or Apple Pay buttons, or logos for Visa, MasterCard, and PayPal, to make the fraudulent checkouts more believable. Once users land on one of these sites, they're pressured with 'limited-time' deals and countdown timers, classic bait to rush purchases. The FBI warns that these scams are becoming more sophisticated, especially around peak shopping seasons. 'A site you're buying from should have HTTPS in the web address,' the agency said. That's a basic sign of a secure site; it encrypts data, so your payment details stay private. Silent Push was tipped off by Mexican journalist Ignacio Gómez Villaseñor, who discovered fake stores targeting Mexico's 'Hot Sale 2025,' a Black Friday-style event. Their analysts found code written in Chinese, reused templates, and cloned checkout systems across many of the fake websites. These scams rely heavily on a tactic called SEO poisoning, a method where fake websites are pushed to the top of search engine results for popular items. When shoppers search for a deal, they are more likely to land on a scam site first, like 'Wrangler jeans' or 'discount handbags.' Domains like (a misspelled version of Harbor Freight) and were among many found to be operating under this network. Experts advise checking for proper web addresses, ensuring the domain belongs to the actual brand. Pictured is a fake website used in the scam that appears like the real deal As Gómez Villaseñor noted, 'This simulation is done to gain user trust and steal your information without raising immediate suspicion.' The scale of the scam is staggering. Despite efforts to take down many of these sites, thousands remain live as of June 2025, according to Silent Push. Traditional takedown methods are being overwhelmed by the sheer number of new scam domains popping up each week. The consequences are costly. According to the FBI's Internet Crime Complaint Center (IC3), Americans lost $16.6 billion to internet scams in 2024, a 33 percent increase from the year before. That includes nearly 860,000 complaints, a dramatic rise from the early 2000s when the center averaged just 2,000 reports per month. The agency urges Americans to stay vigilant, avoid paying with gift cards, don't wire money online, and always verify seller reviews and site authenticity before entering payment information.
South China Morning Post
05-06-2025
- Business
- South China Morning Post
Joint police crackdown on cross-border scams delivers swift justice
More often than not, news reports on online scams are more about victims falling for new tactics rather than money retrieved and culprits brought to justice. To be fair, the authorities have already doubled down on public education and enforcement. Unfortunately, fraudsters continue to outsmart their prey and the law. Hopefully, this will change after authorities in the region stepped up enforcement together. In the first joint crackdown on online scams using a cross-border communication platform, Hong Kong and six other Asian jurisdictions have intercepted more than HK$157 million and made over 1,800 arrests. Time was of the essence as the Hong Kong Police Force took part in the successful joint operation that also involved its counterparts in Singapore, South Korea, Thailand, Malaysia, the Maldives and Macau. Thanks to the platform, Frontier +, which also links law enforcement agencies in Australia, Canada and Indonesia, officers were able to liaise with each other on the handling of suspected proceeds from crime, helping victims of transnational swindles, and the sharing of intelligence. In March, the Anti-Deception Coordination Centre in Hong Kong cooperated with Singapore police and helped recover almost US$500,000 following a late-night alert regarding a money-transfer scam using deepfake technology that targeted a financial director of a multinational company. Overall, Hong Kong police investigated 301 cases of fraud under the joint crackdown, arresting 337 suspects, freezing 68 bank accounts and recovering HK$49.5 million. The operation may have helped banish the impression that it is usually too late for police to do anything when people are scammed. However, the culprits in many cases are still at large and the amount of money swindled continues to escalate. With more than 44,000 deception cases lodged last year, accounting for almost half of all crime in the city, and a detection rate of merely 10.6 per cent, there is no room for complacency. At stake is not only the perception and confidence in law enforcement and justice, but also the economic loss to individuals and society. Worryingly, losses resulting from financial fraud surged to a staggering HK$9.15 billion last year. Authorities must show they are not powerless when it comes to bringing fraudsters to justice. The cross-border nature of many scams has become such a problem that no single jurisdiction alone can win the fight.
