Identity Theft | Breaking Cybersecurity News | The Hacker News

Government impersonation scams have evolved into a large, highly coordinated fraud ecosystem targeting citizens across the globe. CTM360 's latest threat intelligence research analyzes a widespread campaign, referred to as GovTrap, that demonstrates how attackers systematically exploit public trust in government institutions through thousands of fraudulent digital platforms. Unlike traditional phishing attacks that rely on simple deceptions, GovTrap campaigns replicate entire government service environments. These fraudulent platforms mimic official portals with high accuracy, including branding, language, workflows, and service structures. From tax portals and licensing systems to fine payment services, each fake site is designed to appear legitimate while functioning as part of a broader, scalable fraud operation. Read the full report here:  https://www.ctm360.com/reports/government-impersonation-phishing-govtrap-scams Scale and Targeting Patterns CTM360 identified mo...

CTM360 researchers have identified a large-scale fraud campaign involving thousands of fake banking websites that actively target users in the United States and the United Kingdom. Over the past year, more than 11,000 fraudulent bank domains were observed, with 8,000+ in the U.S. and 3,000+ in the UK, all operating without regulatory authorization or physical presence. These are not throwaway phishing pages. They are polished, SEO-optimized platforms that impersonate legitimate financial institutions, regulators, and lending services. Not Your Typical Phishing Fraud What sets this campaign apart is operational maturity. The fake banks offer services such as loans, mortgages, grants, and high-limit credit cards, often promising instant approval or no credit checks. Victims are funneled through simplified onboarding flows, fake KYC processes, and staged "approvals" designed to build trust before monetization. Once engaged, users are pressured to pay activation or processing fees ,...

Imagine joining a video call with your CEO, only to find out later the CEO participant was actually an AI-generated fake. Welcome to the new digital battlefield.  Adversarial AI and deepfakes have created an identity attack surface that is not just digital, but is also based on reality itself . These technologies are no longer science fiction or theoretical. They are actively being used to spoof identities, manipulate political perceptions, and circumvent even the best cybersecurity training initiatives. , and circumvent even the best cybersecurity training initiatives.  If your cybersecurity defenses rely solely on human perception, voice recognition, or even visual evidence, you are vulnerable to an attack.  From Cat and Mouse to Machine vs. Machine Cybersecurity has always been a game of cat and mouse. As defenders (mice), we have historically been able to adapt our defenses for phishing, malware , ransomware, and insider threats . Today, we're also strategizing ...