Fraud Prevention | Breaking Cybersecurity News | The Hacker News

Event Overview The " AI Leaders Spill Their Secrets " webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager. Key Speakers and Their Backgrounds 1. Michael Ward Senior Risk Data Analyst at Sardine. Over 25 years of experience in software engineering. Focuses on data science, analytics, and machine learning to prevent fraud and money laundering. 2. Damon Bryan Co-founder and CTO at Hyperfinity. Specializes in decision intelligence software for retailers and brands. Background in data science, AI, and analytics, transitioning from consultancy to a full-fledged software company. 3. Stephen Hillion SVP of Data and AI at Astronomer. Manages data science teams and focuses on the development and scaling of

As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That's according to research from Imperva, a Thales company. In their 2024 Bad Bot Report , Imperva finds that bad bots accounted for 44.5% of the industry's web traffic in 2023—a significant jump from 37.4% in 2022.  The summer travel season and major European sporting events are expected to drive increased consumer demand for flights, accommodation, and other travel-related services. As a result, Imperva warns that the industry could see a surge in bot activity. These bots target the industry through unauthorized scraping, seat spinning, account takeover, and fraud. From Scraping to Fraud Bots are software applications that run automated tasks across the internet. Many of these tasks, from indexing websites for search engines to monitoring website performance, are legitimate, but a growing number are not. B

As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, "Your First 100 Days as a vCISO – 5 Steps to Success" , which covers all the phases entailed in launching a successful vCISO engagement, along with recommended actions to take, and step-by-step examples.  Following the success of the playbook and the requests that have come in from the MSP/MSSP community, we decided to drill down into specific parts of vCISO reporting and provide more color and examples. In this article, we focus on how to create compelling narratives within a report, which has a significant impact on the overall MSP/MSSP value proposition.  This article brings the highlights of a recent guided workshop we held, covering what makes a successful report and how it can be used to enhance engagement with your cyber security clients.

The popularity of Brazil's  PIX  instant payment system has made it a  lucrative target for threat actors  looking to generate illicit profits using a new malware called GoPIX . Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off  using malicious ads  that are served when potential victims search for "WhatsApp web" on search engines. "The cybercriminals employ malvertising: their links are placed in the ad section of the search results, so the user sees them first," the Russian cybersecurity vendor  said . "If they click such a link, a redirection follows, with the user ending up on the malware landing page." As other malvertising campaigns observed recently, users who click on the ad will be redirected via a cloaking service that is meant to filter sandboxes, bots, and others not deemed to be genuine victims. This is accomplished by using a legitimate fraud prevention solution known as  IPQu

Checking the mail in December is typically a pleasant experience, filled with holiday cards and packages. Then comes January. Besides the Christmas bills, mailboxes begin to overflow with W-2s, 1099s, statements from financial institutions, and IRS forms. It's no wonder John Ulzheimer, president of consumer education for Smartcredit.com, calls January the most dangerous month for mail. "January is a high-value month for thieves," he said. It's particularly easy for thieves to dip into someone's mailbox, take the envelopes, and gain all the information needed to steal someone else's identity. How to best protect mail, short of meeting the mail carrier at the mailbox each day, is a significant challenge. You shouldn't stop your mail because many items are time-sensitive. Creating an alternative delivery destination, like a P.O. box, could cause more trouble than it's worth, said Ulzheimer. The first step is to know what tax-related statements you should be receiving. For mos

When Ben Franklin famously wrote, "An ounce of prevention is worth a pound of cure," he wasn't thinking about cybercrime. Yet, in today's world of phishing, shoulder-surfing, and spyware, his advice is more relevant than ever. Unfortunately, some people will take advantage of any opportunity to rip you off. Just as you take precautions when handling cash, you should be vigilant when using credit or debit cards, whether in person or online. Tips for Protecting Your Account Information and Avoiding Payment Card Scams Prevent Online Intrusions Use updated anti-virus and anti-spyware software. Only download information from trusted sites, and don't click on pop-up windows or suspicious links in emails. These can be tricks to install spyware, which can record your keystrokes to steal account or other confidential information. Use Secure Websites When purchasing items online, look for safety symbols like the padlock icon in the browser's status bar, an "s" after "http" in the U

Criminals are posing as IT support staff, calling unsuspecting U.K. internet users to push rogue antivirus software. GetSafeOnline.org reports this as part of their Internet safety week campaign. These scam operations often involve up to 400 people using sales techniques and social engineering to deceive victims. The goal is to obtain credit card information through the sale of rogue antivirus software or gain remote access to the victim's system for future use. Typically, the scam begins with an unexpected call. The caller, pretending to be an IT helpdesk technician, builds rapport with the victim, presenting themselves as trustworthy by using personal information available online. The victim is then questioned about computer problems like slow email or internet browsing. Once the victim admits to an issue, the caller exaggerates the problem and offers a solution for a small fee. The caller might say, "For a small fee, we can install something to fix your system and clean it co

Money mules have been aggressively recruited this year to help cybercriminals launder money, according to Fortinet. A recent example of this is the worldwide prosecution of a Zeus criminal operation, which included 37 charges against alleged money mules. Recent Zeus stories illustrate how prevalent money mules have become and how they are being used to filter, disguise, and spread money transfers. Today, mules are typically recruited into criminal organizations through legitimate-looking advertisements. A suspect ad may suggest a client is looking for a "payment processing agent," "money transfer agent," or something as vague as an "administrative representative." These recruitment ads can be found anywhere from print and online job sites to direct points of contact. While many mules likely enter into the business relationship knowing the full criminal implications of what they are doing, a surprising number do not. One of the most recent money mule rec