The incoming phone call flashes on a victim’s phone. It may only last a few seconds, but can end with the victim handing over codes that give cybercriminals the ability to hijack their online accounts or drain their crypto and digital wallets.
“This is the PayPal security team here. We’ve detected some unusual activity on your account and are calling you as a precautionary measure,” the caller’s robotic voice says. “Please enter the six-digit security code that we’ve sent to your mobile device.”
Read more…
Source: TechCrunch
Related:
- MyCert: Malaysia data breaches up 29% in Q1 2025
June 11, 2025
The Malaysia Computer Emergency Response Team (MyCert) reported an increase in data breach incidents in Malaysia in the first quarter of the year. “Data breach incidents are growing in Malaysia with a nearly 29% increase this quarter, underscoring the need for better security measures to ensure national security and public trust,” said MyCert. According to its ...
- US government’s vaccine website defaced with AI-generated content
June 11, 2025
A U.S. government website designed to inform the public about vaccines has been defaced and now hosts apparently AI-generated spam. The domain, which belongs to the U.S. Department of Health and Human Services (HHS), appears to have been hosting the same kind of content — mostly gay-themed and LGBTQ+ posts — since at least May 12, ...
- Toxic trend: Another malware threat targets DeepSeek
June 11, 2025
DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs. kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and ...
- BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict
June 10, 2025
There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024. This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid7 has observed sustained social engineering attacks. Evidence now suggests that BlackSuit affiliates have ...
- UK: Police Federation pays £15m to officers hit by cyber attack
June 10, 2025
The Police Federation has paid out £15 million to 19,000 current and former officers who had their personal details compromised and stolen by cyber criminals. Two huge attacks exposed the home addresses of some officers to hackers six years ago, and in March 2022 the federation admitted liability for unlawfully processing officers’ personal details by not ...
- Major US grocery distributor warns of disruption after cyberattack
June 9, 2025
United Natural Foods (UNFI), a major distributor of groceries to Whole Foods and other retailers, said on Monday that it was hit by a cyberattack, warning of disruptions to its ability to fulfill and distribute customer orders. UNFI said in a Monday filing with the U.S. Securities and Exchange Commission that it became aware of unauthorized ...