The business manager of Grand Forks Public Schools said Monday the $2.2 million swindled from the district earlier this year was the result of a phishing or social engineering scam.

A BlueSky post from last week featured an AI-generated image of Mark Zuckerberg and promoted crypto assets like "MetaChain" and "MetaCoin." The post misleads viewers into associating the advertised products with Meta.

Tech support scammers are again stooping low with their email campaigns. This one hints that one of your contacts may have met an untimely end. It all starts with an email titled “Sad announcement” followed by a full name of someone you know.

The technique, codenamed Ghost Tap by ThreatFabric, enables cybercriminals to cash-out money from stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relaying NFC traffic.

Amazon, Amazon Music, and Audible, an Amazon-owned online audiobook and podcast service, have been flooded with bogus listings that push dubious "forex trading" sites, Telegram channels, and suspicious links claiming to offer pirated software.

Spotify playlists and podcasts are being abused to push pirated software, game cheat codes, and "warez" sites. By injecting targeted keywords and links in playlist names and podcast descriptions, threat actors may benefit from boosting SEO.

We’ve seen two main lures, both via Google ads: the first one is simply a website promoting online support for QuickBooks and shows a phone number, while the latter requires victims to download and install a program that will generate a popup.

The campaign tricks users into installing a harmful browser extension under the guise of a security update. Key findings include:Platform Exploitation. Attackers are leveraging Facebook’s advertising platform to deliver ads that look legitimate.

Proofpoint researchers have identified an increase in ClickFix. The ClickFix social engineering technique uses dialogue boxes containing fake error messages to trick people into copying, pasting, and running malicious content on their own computer.

Citizens have been getting crafted letters faked to look like they have been sent from the nation's Federal Office of Meteorology and Climatology. They tell recipients to scan a QR code and download a "Severe Weather Warning App" for Android.