Holiday Shopping May Be Over but the Scams Aren’t

Think the shopping season ends on December 25? Not even close. Retailers launch a whole new wave of promotions: after-holiday blowouts, New Year deals, clearance events, and anything else they can dream up to keep shoppers clicking. But while stores ramp up the marketing, cybercriminals ramp up their tricks — especially domain-jacking and typosquatting. And during this busy online shopping stretch, more people than ever are falling for them. READ FULL STORY

Shopping Season Cybersecurity Tips

It’s back….again! It seems like we just went through this period and it’s already time for Black Friday, Small Business Saturday, and Cyber Monday shopping again! Even for those who don’t participate in the holiday shopping season madness can find some great deals this time of year. Unfortunately, all the deals also mean the cyber thieves are lurking around trying to profit from everyone else’s holiday cheer. However, there are some things you can do to lower the risk that your payment card information is stolen. READ FULL STORY

While Charity Scams Never Take a Day Off, Giving Tuesday Brings Out the Grinches

The spirit of giving doesn’t depend on the season. However, when Giving Tuesday comes around every year, scammers are quick to jump on that bandwagon. They exploit generosity, posing as legitimate charities or creating entirely fake ones to steal money and personal information. Their tactics change, but the goal never does: To take advantage of your kindness. Before you donate, take a moment, a little caution goes a long way toward protecting both your wallet and your identity. READ FULL STORY

Gmail Tech Support Exposes New Threats From AI

A significant cybersecurity breach involving Gmail raised alarms across the tech community late in 2024. Hackers leveraged advanced AI techniques to create a sophisticated scheme involving account recovery phishing emails that were nearly indistinguishable from legitimate communications. And, to make it even more believable, they were followed up with a phone call from a “Gmail tech support person,” throwing everyone a phishing curveball. READ FULL STORY

Passkeys Make Passwords a Thing of the Past

Tired of creating and remembering passwords? Aren't we all? Well, now there’s an easier option to do away with all those pesky passwords. They’re called “passkeys”, and the best part is, they’re easier to use and more secure (you can now jump for joy). Passkeys are a type of authentication technology doing away with the risks of traditional logins. Unfortunately, not all websites use them yet, but more are appearing every day. While it's a hip hip hooray for us, finding ways around them is also a big challenge for hackers. READ FULL STORY

Invisible Ink, Visible Risk: Researchers Reveal Hidden Fake Warnings in Gmail Summaries

Think Gmail’s new AI summarizer is a handy time-saver? Sure, being able to summarize your emails might sound like a great idea, but it also might be a scammer’s dream. Mozilla’s 0din research team discovered a nasty trick targeting Google’s recent upgrade. Tools that can be very handy, can also become another weapon against us. In this one, attackers can hide secret instructions to perform malicious activity inside an email—stuff you’ll never see, but Gmail’s AI will. READ FULL STORY

Online Scams The New Top Cybercrime With 73% Of All Attacks

Move over former top cybercrimes, there’s a new winner according to Group-IB experts who specialize in high-tech cybercrimes. Group-IB recently announced that online scams are now the number one type of cybercrime in the world today, with some referring to this as a “scamdemic.” Researchers found that in total, fraud now makes up 73% of all online attacks. There’s a definite need for users to be aware of these scams, how they can work and how prevalent they are. READ FULL STORY

Financial Sector Faces New Targeted Phishing Attacks

Banks and other financial institutions are grappling with a new form of phishing attack that leverages the popular business networking website LinkedIn to reach potential victims. The two-stage attack is notable for its sophistication, but with a smidge of awareness and vigilance, the multi-stage threat can be managed. The recent targeted phishing attacks on the financial sector highlight the importance of ongoing vigilance and careful scrutiny of online communications. READ FULL STORY

Shimming Right Along To Skim Your Payment Card Number

By now, most of us have at least one or two EMV (Europay, MasterCard, Visa) cards. These are the payment cards that were touted as far more secure than the ones with the magnetic strips on the backs. And indeed, if you ask Visa these cards have resulted in a 75% decrease in fraud in the three years since they were introduced. Cybercriminals are of course finding ways to take advantage of the EMV cards too. Now, there are reports of a new way to skim. READ FULL STORY

Is Your Email Account Hacked? What You Need To Know

The reality is these days, stolen email addresses are a dime a dozen. Thanks to relentless data breaches, it’s safe to assume your email address is already in the wrong hands. Although it may not sound like much, it’s a goldmine for further crimes involving you. Considering what a hacker can do with your cracked email account, prevention is always the best medicine. Read on for a few tips to keep your email in your control and also how hackers can use your email against you. READ FULL STORY

Text Scams Impersonating Financial Institutions

Jim Stickley gives a quick warning about malicious text messages that appear to come from your financial institution. READ FULL STORY

Hackers Flush Out Users’ Google Credentials

Hackers have begun employing a new annoyance technique to steal Google account passwords. This tactic, called credential flushing, relies on getting malware onto a device that locks the system into “kiosk mode.” In this mode, users are prevented from doing anything else without providing their account credentials. Once the victim provides them, hackers can log into the victim’s Google account and steal personal information or further compromise their online security. READ FULL STORY