Latest news with #scammers
SBS Australia
11 hours ago
- SBS Australia
Australians warned of new 'spoof call' scam impersonating consumer watchdog
Australians are being warned that scammers are reportedly spoofing phone numbers belonging to the Australian Competition and Consumer Commission (ACCC) in an attempt to steal personal information. The National Anti-Scam Centre, which operates under the ACCC, issued a warning after it became aware of scammers using ACCC phone numbers, which are listed on the agency's official website. Here's what you need to know about the latest scam, how to spot it, and what to do if you are targeted. The scammers are reportedly using the phone numbers to pretend to be representatives of the ACCC and request personal information from unsuspecting recipients. According to the National Anti-Scam Centre, the numbers have been "spoofed", and the ACCC does not make calls from the publicly listed numbers. ACCC deputy chair Catriona Lowe said: "Spoofing is when scammers disguise their phone number to make it look like they're calling from a trusted organisation — including government agencies like the ACCC — to deceive people into answering and sharing personal information." "This is a tactic that helps scammers hide their true identity while posing as trusted institutions — it's designed to lower your guard." If a call or message feels suspicious, the ACCC recommends ending the call and contacting the agency directly to verify the information. In some of the reported incidents, scammers requested sensitive information over the phone, misused the ACCC acronym to impersonate an unrelated organisation, or spoke in a language other than English. The ACCC says it will never 'cold' call or email consumers and ask for personal information such as passwords, bank details, or answers to security questions. The ACCC also does not charge money for its services and does not threaten or pressure you to stay on the line. If a caller does any of these things, it could be a scam. The ACCC suggests hanging up and reporting the incident. The National Anti-Scam Centre also said 'urgent' requests asking people to 'act immediately' could be a sign of a scam. If you receive an unusual call, message or email, consider whether it could be fake — even if it appears to come from an organisation you know and trust. The ACCC advises if something feels wrong, it is best to act quickly. End the call, and contact the organisation directly yourself to verify if the call was real or not. Any scams should be reported to ScamWatch, and messages received on platforms like WhatsApp or iMessage should also be reported. If you have provided personal information, contact IDCARE on 1800 595 160 and contact your bank immediately.
Yahoo
a day ago
- Yahoo
Think again before clicking 'unsubscribe' on spammy emails. See safer options.
A word to the wise: That "click to unsubscribe" link at the bottom of those unwanted email newsletters and new product announcements may do the exact opposite of what you'd hoped. TK Keanini, CEO at cybersecurity software seller DNSFilter, recently told the Wall Street Journal that clicking the "unsubscribe" link in hopes of getting off annoying email lists could do more harm than good, if you happen upon the wrong one. Instead of adding users to a "do not send" register, the links could instead send them to a mock landing page or give scammers the exact confirmation they were looking for, allowing them to pick out better potential victims, according to Keanini and DNSFilter, per the outlet. Here's what to know about safely freeing yourself from a cluttered inbox full of spam. At least one in every 644 "click here to unsubscribe" links led to potentially malicious websites, DNSFilter found, per the WSJ. While some may be looking for people to input personal information, such as an email address or other account details under the guise of "unsubscribing," others are simply testing to see if you are paying attention. Like with spam callers who repeatedly call but leave no message or follow-up, some of these links serve the purpose of simply telling the person on the other end that you have received, looked at and clicked on items within their messages. An individual's initial click may not lead to imminent doom, but it can identify them as a potential future email service providers and platforms have a built-in unsubscribe feature that does not require interacting with any shady links. The easiest and most common are the 'list-unsubscribe headers," the banner with a hyperlink from your mail provider that is usually positioned in or right above or below an email's header. Clicking through this should allow you to unsubscribe from repeat emails without going to an external website. On the other hand, if the email or sender is one you never want to see again, you can simply mark either as spam, delete the unwanted message and block the sender's email address. You can even block a sender's IP address in case they send those annoying blasts from several different accounts. You can also set up manual filters for emails that will automatically divert them to your spam box, or if you want to keep things even more contained, set up a separate email address to use when interacting with potentially spammy sources. Some services even have a built-in email hiding option, like Apple's 'Hide My Email." This article originally appeared on USA TODAY: Want to get off email lists? Do this, don't click 'unsubscribe'
The Sun
a day ago
- The Sun
The secret settings to ‘scam-proof' your phone, stop crooks stealing your private photos & £1000s from your bank account
THOUSANDS of pounds gone in seconds, your private pics in the hands of strangers, and your loved ones ripped off too – these are just a few of the nightmare consequences of a smartphone scam. I've spent years writing about how to dodge increasingly convincing online cons that cost Brits millions a year - and it only takes a few seconds to avoid disaster by changing settings on your iPhone or Android. Online scams are big business and a recent Ofcom report warned that almost half of Brits have been drawn in by clever scammers. A quarter of those had lost money, with a fifth losing at least £1,000. They can come over the phone, text, or email, or through websites and apps. They may rush you into making an investment, trick you into thinking you're chatting with a loved one, or hoodwink you with the promise of a prize, tech support, or a refund. Now, crooks are even using AI to dish out more convincing scams faster than ever, so it's important you have the absolute best phone settings to avoid being another victim parted from their savings. Here are the iPhone and Android tricks you need to activate immediately to keep yourself and you cash safe. IPHONE TRICK #1 – SILENCE UNKNOWN NUMBERS Cold calls are a classic way for crooks to target you with a scam. So go to Settings > Apps > Phone > Calls > Silence Unknown Callers, then turn it on. This will send any calls from unknown callers straight to voicemail. If it's important, they'll leave a voicemail. You can also read transcriptions of your voicemail in real time if you've got iOS 17 or later (go to Settings > General > Software Update to check). IPHONE TRICK #2 – CALL SCREENING This one isn't out yet, but it'll land on your iPhone with the imminent iOS 26 update (likely in September). Make sure to install that (in Settings > General > Software Update), and then a robot will answer your phone calls for you. 16 It'll ask their name and reason for calling, and write out the answer in real-time on your screen. Then you can decide whether to answer or if it sounds like a scam. This also prevents scammers from being able to hear your voice and cloning it for future cons. IPHONE TRICK #3 – LOCKDOWN MODE One extreme option is to turn on Lockdown Mode – but only do this if you think you're definitely being targeted by scammers. It'll block most message attachment types, as well as links and link previews, as well as incoming FaceTime calls from unknown numbers. 16 You'll also be prevented from automatically connecting to unsafe "non-secure" WiFi networks – and you'll be blocked from adding configuration profiles that let other people change settings on your phone. Your iPhone won't work to its full potential with Lockdown Mode on, so keep that in mind: this is only for extreme cases. To switch it on, just go to Settings > Privacy & Security > Lockdown Mode > Turn On Lockdown Mode > Turn On Lockdown Mode, then follow the steps to restart your phone. IPHONE TRICK #4 – AUTHENTICATOR If you've accidentally given up your password, it's not the end of the world – as long as your online accounts also require a special authentication code to log in. You've probably had these coming via SMS, but you can also get them via an app. Authenticator codes from an app are far safer than the ones that come over text, because SMS messages are more easily hacked. And your iPhone has an authenticator code generator built in as standard. Go into the account settings for an app, then choose the option to add two-factor verification. Then scan the code with your iPhone camera, and Apple's iCloud Keychain will suggest adding it to your account. Then when you sign in, iCloud Keychain will automatically fill in the code for you. You can also manually add it by going into the Passwords app, and looking under the Codes tab. Then if you ever accidentally give up your password to an account, crooks still won't be able to log in. IPHONE TRICK #5 – CALL BLOCKING There are lots of apps that maintain giant lists of phone numbers that are known to be spam or scams. And your iPhone can use these apps to automatically block calls from these numbers. First, go to the Apple App Store in the UK, and download some call identification apps, like Truecaller or Whoscall. Then go to Settings > Apps > Phone > Call Blocking & Identification. This will only appear if you've installed some ID apps. 16 16 Now, choose Silence Junk Callers, which will silence calls identified by your phone network as potential spam or fraud. This option may not appear if your phone network hasn't activated it. Then activate any Call Identification apps that you've installed. ANDROID TRICK #1 – SCAM DETECTION Millions of Android phones now have a feature called Scam Detection inside Google Messages. Make sure to update to the latest version of Android. Then when you're receiving texts, AI on your phone will scan your texts to look for "suspicious" signs that you're being scammed. It only works on conversations with non-contacts, and your texts won't be send to Google (unless you report the conversation). You'll see it working if a big red alert pops up that says "Likely Scam" – and then you'll be able report and block the sender. ANDROID TRICK #2 – APP SCANNER Dodgy apps are another way criminals will try to scam you. These apps might even seem legitimate, but they're actually silently harvesting your info or money in the background. Google automatically scans the apps you download from its Play Store – but often the most dangerous apps come are ones that you've installed from elsewhere. Go to the Google Play Store > Profile > Play Protect > Settings > Improve Harmful App Detection and turn it on. This will let Google scan apps that you've downloaded from outside of its own Play Store, potentially spotting scam apps that you've installed. Then you'll get the warnings and can delete them from your phone. ANOTHER SAFETY TRICK – CALL YOUR FAMILY! The Sun's tech editor Sean Keach has another useful scam-busting trick that requires no changes to settings at all... One of the most devastating scams out there right now is the "Hi mum" con. This sees crooks texting parents or their kids posing as the other – saying they're reaching out from a new number and need help. It'll start innocently, but they'll quickly ask for cash for an urgent bill, taxi, or fine. Brits have lost thousands in one go to this brutal con. So call your loved ones today and set up a safe word or phrase. That way, if any of you asks the other for money, you'll be able to verify the request with a safe word. Don't pick something obvious like a place or birthday – and certainly don't write it down anywhere online or on your devices. This is the easiest way to avoid being caught up in a "Hi mum" scam, so don't delay – call your family today. ANDROID TRICK #3 – CALL BLOCKING One option is to outright block calls from unknown numbers. Just go to Phone > More > Settings > Blocked Numbers > Unknown, which blocks calls from private or unidentified numbers. You'll still get calls from phone numbers not stored in your contacts though. And like iPhone, you can also use spam-busting apps to identify scam callers too. Just download an app like Hiya or Truecaller, both of which maintain giant lists of known spammers and scammers. That way, you can easily avoid dodgy calls. ANDROID TRICK #4 – AUTHENTICATOR Like with iPhone, Android phones also have a way to serve up log-in codes. These give you an extra layer of protection on top of your password – and they're safer than the ones you get via text. On Android, the standard option is the Google Authenticator app. It's totally free and will generate log-in codes for apps and websites whenever you need them. That way, even if you accidentally give your password to a scammer, you'll still be protected. ANDROID TRICK #5 – ADVANCED PROTECTION MODE The iPhone's Lockdown Mode doesn't exist on Android – but there's something very similar called Advanced Protection Mode. You'll need to update to the latest Android 16 software (just go to Settings > System > Software Update and follow the instructions). 16 It's designed for VIPs who might be targeted by crooks – like celebs or politicians – but anyone can use it for free. If you toggle the button on, it'll activate a long list of hardcore security features to help you dodge scams and boost your security. That includes preventing your phone from being hacked by a physical cable, using AI to detect scam calls live as they're happening, saving you from unsafe Wi-Fi, and blocking you from unsafe websites and apps. You'll find it in Settings > Google > Personal & Device Safety > Advanced Protection > Device Protection. 16
Forbes
2 days ago
- Business
- Forbes
Don't Get Scammed: 5 Ways To Outsmart Today's Most Costly Online Fraud
Fraud Alert in red keys on high-tech computer keyboard background with security engraved lock on ... More fake credit cards. Concept of Internet security, data privacy, cybercrime prevention for online shopping transaction payments. If it feels like financial scams are getting worse, that's because they are. In 2024 alone, Americans lost a staggering $12.5 billion to fraud—up $2.5 billion from the year before, according to the Federal Trade Commission. With scammers growing more sophisticated by the day, protecting your identity and money is no longer optional. Whether it's phishing emails, fake investment pitches, or outright identity theft, these schemes are catching millions off guard. But you don't have to be one of them. Here are five smart habits you can adopt today to guard your financial life in an increasingly risky digital world: 1. Use Anonymous Messaging Apps to Protect Your Identity Many scams begin with messages that appear harmless but aim to gather your personal data or trick you into fraudulent schemes. BeProg tackles this problem by eliminating any possibility to identify you. Unlike traditional apps, BeProg, to function, does not require phone no, registration, device ID or any kind of user ID – making it a truly anonymous messaging platform. This level of anonymity reduces the chances of scammers exploiting your contact details or impersonating you. Using such tools can create a safer communication environment and help protect your privacy online Phishing remains one of the most effective tools in a scammer's arsenal. Fraudsters send emails or texts that look official—maybe from your bank or a retailer you trust—but clicking those links can lead you to fake websites built to steal your login info or install malware. Before clicking, hover over the link to check the actual URL. Double-check the sender's name and email address. And when in doubt, go directly to the company's site rather than clicking on a link in a message. Tools like McAfee WebAdvisor or built-in phishing filters in Gmail and Outlook can help flag risky links. Even if your password gets stolen, two-factor authentication (2FA) can stop a scammer in their tracks. This adds a second step—usually a code sent to your phone or generated by an app—that's required to log in. It takes less than a minute to turn on 2FA for your most important accounts: email, bank, credit cards, and social media. Use apps like Google Authenticator, Authy, or Microsoft Authenticator to keep things secure. Think of it as a lock on your digital front door. Cybercriminals are always looking for outdated software to exploit. If your phone, browser, or apps aren't current, you're an easy target. Turn on automatic updates for your phone, laptop, and major apps. It's also smart to run antivirus programs like Norton or Bitdefender, which help block threats before they can do real damage. You might not know you've been scammed until it shows up on your credit report—and by then, the damage may be done. That's why regular credit monitoring is essential. Services like Credit Karma, Experian, and Equifax alert you if someone tries to open a new account or take out a loan in your name. Make it a habit to check your reports at least monthly and freeze your credit if anything looks suspicious.
Fast Company
2 days ago
- Business
- Fast Company
Deepfake interviews: Navigating the growing AI threat in recruitment and organizational security
The breakneck speed of artificial intelligence (AI) technology has fundamentally reshaped how businesses manage recruitment, communication, and information dissemination. Among these developments, deepfake technology has emerged as a significant threat, particularly through its use in fraudulent interviews. Deepfake interviews leverage advanced AI techniques, predominantly Generative Adversarial Networks (GANs), to generate hyper-realistic but entirely fabricated audio, video, or imagery. These synthetic media forms convincingly manipulate appearances, voices, and actions, making it exceedingly difficult for average users—and even experts—to discern authenticity. IMPLICATIONS AND MOTIVATIONS FOR DEEPFAKE USE The motivations behind deploying deepfake technology for scams and fraud are varied but consistently damaging. Criminals use deepfakes primarily for financial gain, identity theft, psychological manipulation and disinformation. For instance, deepfakes can facilitate vishing (voice phishing), whereby scammers convincingly mimic a trusted individual's voice, deceiving victims into transferring funds or revealing sensitive information. Additionally, these AI-generated falsifications enable sophisticated blackmail, extortion, and reputation sabotage by disseminating maliciously altered content. Further, deepfakes significantly disrupt corporate trust and operational integrity. Financial crimes involving deepfakes include unauthorized transactions orchestrated by impersonating company executives. A notable case occurred in Hong Kong, where cybercriminals successfully impersonated executives, causing multi-million-dollar losses and severe reputational harm. Beyond immediate financial damage, deepfake attacks can erode consumer trust, destabilize markets, and inflict lasting damage to brand reputation. Moreover, malicious actors exploit deepfake technology politically, disseminating misinformation designed to destabilize governments, provoke conflicts, and disrupt public order. Particularly during elections or significant political events, deepfakes have the potential to manipulate public opinion significantly, challenging the authenticity of democratic processes. TECHNOLOGICAL MECHANISMS AND ACCESSIBILITY The core technological mechanism behind deepfake interviews involves GANs, where AI systems are trained to produce realistic synthetic media by learning from authentic audio and video datasets. The recent democratization of this technology means anyone can produce deepfakes cheaply or freely using readily accessible online tools, exacerbating risks. The emergence of ' deepfake-as-a-service ' models on dark web platforms further compounds these concerns, enabling sophisticated attacks without extensive technical expertise. In recruiting scenarios, deepfake candidates use synthetic identities, falsified resumes, fabricated references, and convincingly altered real-time video interviews to infiltrate organizations. These fraudulent candidates pose acute threats, particularly within industries that rely heavily on remote hiring practices, such as IT, finance, healthcare, and cybersecurity. According to Gartner predictions, one in four job candidates globally will be fake by 2028, highlighting the scale and urgency of addressing this issue. ORGANIZATIONAL RISKS AND CONSEQUENCES Organizations face numerous operational and strategic threats from deepfake attacks. Financially, companies victimized by deepfake fraud experience significant losses, averaging $450,000 per incident. Deepfake infiltration can also lead to data breaches, loss of intellectual property, and compromised cybersecurity infrastructure, all of which bear significant financial and regulatory repercussions. Moreover, deepfake-driven scams lead to broader social engineering attacks. For instance, remote IT workers fraudulently hired through deepfakes have successfully conducted espionage activities, extracting sensitive data or installing malware within corporate networks. Often linked to state-sponsored groups, such incidents further emphasize deepfake-related geopolitical threats. PROACTIVE STRATEGIES FOR MITIGATION AND DEFENSE Given the complexity and severity of deepfake threats, organizations must adopt comprehensive mitigation strategies. Technological solutions include deploying sophisticated AI-powered detection tools designed explicitly for deepfake identification. Platforms such as GetReal Security (no relationship)offer integrated solutions providing proactive detection, advanced forensic analysis, and real-time authentication of digital content. Combining AI-driven solutions with manual forensic analysis has proven particularly effective, as human expertise can spot contextual inconsistencies that AI alone might miss. Furthermore, businesses should enhance cybersecurity awareness and employee training programs. Regular training on recognizing visual, audio, and behavioral anomalies in deepfake content is crucial. Organizations can adopt robust authentication measures like multi-factor authentication (MFA), biometric verification, and blockchain-based methods for verifying digital authenticity, although scalability remains challenging. Additionally, continuous investment in adaptive threat intelligence platforms ensures rapid responses to emerging threats. It's now a necessity to adopt scalable deepfake detection technologies integrated seamlessly within recruitment workflows and organizational infrastructures. My team has encountered a few deepfake interviews ourselves, through contractors. Since then, we've required deeper vendor due diligence and vendor technology to mitigate as well as recruiter training to detect red flags. COLLABORATIVE AND REGULATORY ACTIONS Addressing deepfake threats effectively requires robust collaborative efforts across tech companies, government agencies, and industry bodies. Regulatory frameworks, such as the European Union's AI Act and various U.S. federal and state initiatives, represent important steps toward transparency, accountability, and comprehensive protection against malicious AI misuse. Nevertheless, current regulations remain fragmented and incomplete, underscoring the urgent need for standardized, comprehensive legislation tailored to the risks posed by deepfakes. Deepfake technology presents profound ethical, societal, and cybersecurity challenges. The increasing prevalence and sophistication of AI-driven fraud in recruitment and beyond require proactive, multi-layered defensive measures. Organizations must enhance technical defenses, raise employee awareness, and advocate for robust regulatory frameworks. By taking informed, collaborative, and proactive approaches, businesses can significantly mitigate the risks associated with deepfake technology while leveraging its beneficial applications responsibly.
