Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers at Appknox warn that malicious apps are impersonating popular AI tools like ChatGPT and DALL-E to trick users into installing malware on their mobile devices. Some of these apps simply collect user data to be sold to advertising services, while others act as full-fledged malware.

Website cloning attacks are a form of digital impersonation where threat actors replicate a company’s legitimate website to deceive users, harvest credentials, or redirect payments, often before enterprises even realize a clone exists. These attacks exploit brand trust at scale, turning familiarity into a weapon against customers.

A phishing campaign is targeting LastPass users with phony notifications informing users that someone has notified the company of the user’s death and is trying to gain access to their account. The emails have the subject line, “Legacy Request Opened (URGENT IF YOU ARE NOT DECEASED).” LastPass describes the following attack flow: Notably, the attackers are also calling recipients of the emails and posing as LastPass representatives, adding another layer of legitimacy to the campaign.

Account takeover (ATO) fraud has become one of the fastest-growing threats for enterprises. No longer confined to banks, ATO now targets retailers, SaaS platforms, airlines, and any business that maintains digital accounts for customers. The problem? Most enterprises are still relying on outdated defenses like domain takedowns, MFA, and dark web monitoring. By the time these tools kick in, fraudsters have already stolen customer credentials and inflicted brand damage.

A study from Malwarebytes has found that one in three mobile users has been targeted by an extortion scam, and one in five of these users has fallen victim. Additionally, one in six users has been targeted by sextortion, with a higher number of these attacks (38%) affecting Gen Z users.

Local founders say the country’s payments reboot and AI breakthroughs could put B.C. at the centre of financial innovation. One day before the Bank of Canada announced it had approved the country’s first payment service providers under the new Retail Payment Activities Act, leaders from Vancouver’s growing sector gathered for a conversation that felt prescient. At.

Around the world, banks and payment processors are reporting an explosion of mysterious tap-to-pay transactions happening nowhere near real cardholders. The European Association for Secure Transactions (EAST), for instance, has tracked a 1,500% surge in these relay-based attacks over the past year, with incidents stretching from Santiago to Singapore.

In cybersecurity, timing is paramount. But the window of danger now opens earlier than most solutions can see. While many anti-phishing and ATO solutions advertise real-time detection, most only activate once the login attempt is underway, after the critical exposure window has already opened. By then, the scam is already in motion. Phishing, impersonation, and credential theft increasingly take root upstream, during redirects, fake site loads, and user misdirection.

Account takeover (ATO) protection is the frontline defense that prevents criminals from using stolen or spoofed credentials to impersonate legitimate customers. The problem is speed. In 2024, Verizon reported that phishing kits were able to harvest the first credential in under 60 seconds, while banks typically only detected fraud several hours later. That lag helped drive a staggering surge in ATO with 83% of financial institutions reporting direct business impact.