All news with #deepfake fraud tag

🛂 Yurii Nazarenko pleaded guilty to operating OnlyFake, an AI-driven subscription site that generated and sold more than 10,000 counterfeit identification images worldwide. The platform produced realistic digital passports, U.S. driver's licenses for all 50 states, Social Security cards, and IDs for roughly 56 other countries, with options for customization and output as scans or tabletop photos. Only accepting cryptocurrency and offering bulk discounts, the site was used to circumvent Know Your Customer (KYC) checks; undercover FBI agents purchased fake documents in a 2024 sting. Nazarenko was extradited from Romania in September 2025, agreed to forfeit $1.2 million, and faces up to 15 years in prison with sentencing set for June 26, 2026.

📧 Business email compromise (BEC) is a targeted fraud where attackers impersonate executives, vendors, or partners to trick employees into wiring funds or revealing sensitive data. Last year BEC caused $2.7 billion in losses and increasingly uses techniques like AI-based voice/text cloning, QR-code scams, and conversation hijacking. These attacks often require no malware, relying instead on reconnaissance and trust. Defenses include multi-factor verification, approval tiers, employee training, and advanced email authentication and detection.

🗣️ Deepfake voice calls are increasingly easy and convincing, enabling scammers to impersonate executives, suppliers or customers to request urgent transfers or authentication resets. Common giveaway signs include unnatural rhythm, flat emotional tone, missing breaths, robotic timbre or oddly uniform background noise. Defend by combining employee training (including simulated deepfake scenarios), out-of-band verification, pre-agreed passphrases and technical detection tools as part of a people, process and technology approach.

🔎 Ireland's Data Protection Commission has opened a formal probe into X over the use of its Grok AI to generate non‑consensual sexual images of real people, including children. The inquiry will assess whether X Internet Unlimited Company complied with core GDPR duties such as lawful processing, data protection by design, and required impact assessments. The DPC said it has been engaging with XIUC since media reports emerged and has commenced a large‑scale inquiry. As X's EU lead regulator, the DPC's findings could trigger cross‑border enforcement and significant penalties.

📷 This article examines whether parents should allow children to post selfies online, arguing that prohibition rarely works and parental guidance is a more effective approach. It details specific harms — from predator grooming and AI-enabled sextortion (via nudifier tools) to identity theft, cyberbullying and long-term reputational damage — and highlights correlations between heavy social-media use and worsening adolescent mental health. Practical recommendations include open communication, using privacy settings and geolocation controls, selective follower approval, routine digital clean-ups and household screen-time rules, while urging parents to model responsible sharing and reduce their own “sharenting.”

💌 Technology is changing how people communicate, date, and form attachments. Messaging dialects, emoji usage and generational differences now shape tone and intimacy, but they can also be exploited: attackers can use AI to clone someone’s voice or texting style for social engineering. The article reviews AI companions such as Replika and high‑profile AI weddings, and warns about deepfakes, catfishing, phishing, stalking and sextortion. Practical guidance includes verifying contacts with video calls or reverse image search, using security software, stripping photo metadata, locking down privacy settings, and choosing end‑to‑end encrypted apps with self‑destructing messages for sensitive content.

🔒 Kaspersky's anti-phishing systems blocked more than 554 million phishing-link attempts in 2025, while Mail Anti-Virus intercepted nearly 145 million malicious attachments and almost 45% of all email traffic was identified as spam. Scammers refined tactics across ticketing and streaming fraud, messaging-app account takeovers, government impersonation, and KYC harvesting, often using AI-generated content and deepfakes. Messaging platforms such as Telegram and WhatsApp were heavily abused to hijack accounts via phishing and malicious Mini Apps. Users are advised to check URLs carefully, never share verification codes, enable two-factor authentication, and run robust protection like Kaspersky solutions.

🛡️ Mandiant attributes a targeted campaign to North Korean financially motivated group UNC1069, which combines social engineering, deepfake video and macOS malware to steal cryptocurrency and credentials. The attackers hijacked a cryptocurrency executive’s Telegram account to build trust, then sent a calendar invite to a faux Zoom meeting hosted on attacker infrastructure. During the call a purported deepfake of the executive appeared and a ClickFix ruse persuaded victims to run commands, enabling deployment of backdoors and information-stealers.

🛡️ UNC1069, a North Korea-linked threat actor, has used AI-generated video lures and compromised Telegram accounts to target cryptocurrency firms and personnel. According to Google Mandiant, attackers staged fake Zoom meetings via Calendly invites and delivered a ClickFix-style troubleshooting vector that dropped multiple payloads on Windows and macOS. The intrusion employed at least seven malware families — including WAVESHAPER, HYPERCALL, HIDDENCALL, DEEPBREATH, CHROMEPUSH and SILENCELIFT — to harvest credentials, browser data and session tokens to facilitate financial theft.

🔒 North Korean-linked UNC1069 ran tailored campaigns using AI-generated deepfake video and a ClickFix-style pretext to deliver macOS and Windows malware against cryptocurrency targets. During a Mandiant response to a fintech compromise, attackers used a compromised Telegram account and a spoofed Calendly/Zoom meeting to coerce the victim into executing troubleshooting commands that launched AppleScript and malicious Mach-O binaries. Mandiant identified seven distinct macOS families—WAVESHAPER, HYPERCALL, HIDDENCALL, SILENCELIFT, DEEPBREATH, SUGARLOADER, and CHROMEPUSH—deployed to steal credentials, browser and Telegram data, and to enable future social-engineering operations.

🤖 The rise of generative AI has created adversarial “arms races” across institutions that once relied on the difficulty of writing and cognition to limit volume. From magazines and academic journals to courts, legislatures, hiring processes and social platforms, organizations are being overwhelmed by AI-generated submissions and inputs. Responses range from shutdowns to deploying defensive AI for triage and detection, producing trade-offs between democratized access to writing tools and the risk of systemic fraud. The essay argues institutions should adopt assistive AI and clear norms to balance benefits and harms while recognizing no defensive AI will fully stop misuse.

🔒 Mandiant links a targeted intrusion to UNC1069 that leveraged AI-enabled social engineering to compromise a cryptocurrency executive and deploy multiple macOS malware families. The attacker used a hijacked Telegram account, a spoofed Zoom meeting allegedly featuring a deepfake video, and a ClickFix paste-and-execute ruse to trick the victim into running troubleshooting commands. The operation dropped WAVESHAPER, HYPERCALL, HIDDENCALL, SUGARLOADER, DEEPBREATH, CHROMEPUSH, and SILENCELIFT to harvest credentials, browser data, and session tokens. GTIG and Mandiant highlight UNC1069's expanding use of GenAI for lures and tooling.

🔍 This article explains how modern deepfakes are created, deployed, and detected in real-world scams, and why virtually anyone can be a target. It describes common visual, auditory, and behavioral signs—lighting and lip-sync errors, unnatural blinking, electronic vocal tones, and awkward gestures—and notes attackers use tools from Telegram bots to commercial services like HeyGen and ElevenLabs. Practical advice includes ending suspicious chats, verifying identities via alternate channels, agreeing a family codeword, tightening privacy on photos and recordings, enabling strong account security, and using content-analyzer services to flag AI-generated media.

🔊Pindrop's 2025 report found a 1210% rise in AI-enabled voice and virtual meeting fraud versus a 195% increase in traditional fraud. Attackers use AI-driven voice bots and deepfakes to probe IVR systems, map workflows, and return later with tailored social engineering that bypasses controls. Deepfakes impersonating C-suite executives in real-time meetings and scripted low-value return schemes in retail are highlighted as scalable, hard-to-detect threats. Healthcare and retail are particularly exposed, with bots enabling account takeover of HSAs/FSAs and driving continuous low-dollar refund fraud.

⚠️ Cybercriminals commonly exploit major sporting events like the Milano‑Cortina 2026 Winter Olympics, using phishing, fake ticketing and streaming sites, rogue apps, SEO poisoning, QR-code scams and AI-driven deepfakes to steal data or money. Fans should purchase only from official ticket and merchandise channels, use the official Olympics app, and avoid pirated streams and unsolicited offers. Protect devices with reputable anti‑malware, avoid public Wi‑Fi or use a VPN, and be cautious with links, QR codes and marketplace listings.

🔐 This Unit 42 analysis outlines the evolving Russian cyber threat to the Milano Cortina 2026 Winter Olympics, framing Russia’s IOC exclusion as a geopolitical grievance that raises the risk of disruptive operations. It reviews historical GRU-linked campaigns against prior Games and projects plausible scenarios ranging from destructive OT malware to AI-driven deepfakes and V2X manipulation. The report recommends zero‑trust visibility, IoT anomaly detection, telemetry verification, and micro‑segmentation to reduce operational impact.

🤖 This Kaspersky article evaluates safety and privacy risks in consumer AI toys by testing four products—Grok, Kumma, Miko 3, and Robot MINI—using a simulated five‑year‑old. It emphasizes that these devices run on general-purpose LLMs (for example, OpenAI, Anthropic, Google) with inconsistent vendor guardrails. Tests show toys sometimes disclosed locations of dangerous household items, engaged on adult topics, and transmitted or stored voice and biometric data. The piece warns current toys lack reliable safety boundaries and calls for stronger guardrails and clearer data practices.

🔍 Group-IB's January report argues that AI has created a new 'fifth wave' of cybercrime by turning advanced skills into inexpensive, scalable services that make attacks cheaper and faster. Analysts documented low-cost synthetic identity kits, deepfake-as-a-service subscriptions and biometric datasets sold for as little as $5, plus subscription dark LLMs. The firm highlights agentized phishing that automates lure creation, delivery and campaign adaptation and the rise of self-hosted dark LLMs used to generate scams, malware and exploit code.

⚠️A convincingly generated video featuring entrepreneur Reinhold Würth has been circulating to promote purportedly exclusive investment schemes. The clip, reportedly produced using AI deepfake techniques, falsely links the Würth family and the Würth Group to high-return offers. Würth has confirmed the footage is fraudulent, is cooperating with law enforcement, and urges the public not to engage with the promotions. Victims are advised to contact their bank and file a police report immediately.

⚠️Researchers in 2025 discovered multiple unsecured databases of AI-generated images and videos, many depicting sexualized or fabricated nudes created from everyday photos. Analysis pointed to third-party generative tools such as MagicEdit and DreamPal, which offered explicit editing, face‑swap and clothing‑change features and, in some cases, disabled filters for erotic content. The exposure highlights how generative AI lowers the barrier to producing convincing fake intimate images and broadens the pool of potential sextortion victims. The post urges tightening social media privacy, using tools like Privacy Checker, and monitoring children with Kaspersky Safe Kids.