Bitdefender discovered over 200 incredibly realistic websites offering a wide range of products, including shoes, clothing, and electronics. Customers are tricked into providing credit card information and agreeing to monthly subscriptions.

Cybercriminals are deploying highly sophisticated subscription scams, including deceptive “mystery box” offers, to harvest credit card data and commit financial fraud. These scams are spreading across social media platforms, particularly Facebook.

Chinese cybercriminals are especially active in NFC-enabled fraud and are known for their well-established money laundering chains across multiple continents. They arrange for an NFC-enabled POS terminal and a merchant account linked to it.

A sophisticated phishing campaign is targeting individuals seeking U.S. travel authorization by impersonating the U.S. Customs and Border Protection (CBP) and the Electronic System for Travel Authorization (ESTA).

A large-scale ad fraud operation called 'Scallywag' is monetizing pirating and URL shortening sites through specially crafted WordPress plugins that generate billions of daily fraudulent requests.

The FBI has issued a warning about a persistent fraud scheme in which scammers impersonate employees of the Internet Crime Complaint Center (IC3) to deceive and revictimize individuals, particularly those who have already suffered financial fraud.

Phishing actors are employing a new evasion tactic called 'Precision-Validated Phishing' that only shows fake login forms when a user enters an email address that the threat actors specifically targeted.

The Smishing Triad group has been linked to a surge in smishing campaigns targeting the U.S. and the U.K. The fraudulent text messages claim unpaid toll bills or payment requests related to toll services like FasTrak, E-ZPass, and I-Pass.

These campaigns lead to phishing pages delivered via the RaccoonO365 phishing-as-a-service (PhaaS) platform, remote access trojans (RATs) like Remcos, and other malware like Latrodectus, BruteRatel C4 (BRc4), AHKBot, and GuLoader.

Silent Push Threat Analysts discovered a phishing campaign using website lures to gather information against Russian individuals sympathetic to defending Ukraine and willing to share sensitive information.